This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

High Risk Website Blocked d.tracksrv.com

Hi,

This afternoon a number of endpoints have started displaying the following balloon notification from the system tray:

High risk website blocked

Access has been blocked to "d.tracksrv.com" as Mal/HTMLGen-A has been found at this website.

When end users are visiting websites they are seeing banner adverts being placed on the webpages such as bbc news, which should not be there. I have run scans on the end users machines but nothing has come back so my question:

Has anyone else had something along these lines and whats the best thing to do? something has hijacked the end users machines as its displaying banner adverts inline on websites that would not have banners

Here is a screenprint from one end user:

This thread was automatically locked due to age.

Parents

0 Herribert over 12 years ago

I have the same problem. Every time i want to visit a website my Firefox tries to open "d.tracksrv.com" in a new tab and Sophos blocks it because of 'Mal/HTMLGen-A'. Same with Chrome and IE. Sophos doesn't find any malware. For about a week the site changed from "d.tracksrv.com" to "unp.staticlib.net/sd/1060/8101.js" but everything else stays the same.
:41459
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Herribert over 12 years ago

I have the same problem. Every time i want to visit a website my Firefox tries to open "d.tracksrv.com" in a new tab and Sophos blocks it because of 'Mal/HTMLGen-A'. Same with Chrome and IE. Sophos doesn't find any malware. For about a week the site changed from "d.tracksrv.com" to "unp.staticlib.net/sd/1060/8101.js" but everything else stays the same.
:41459
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data