JS/Crypted.A trojaner?

  • Resolved lassej

    (@lassej)


    15 years, 6 months ago

    Downloaded v.2.7.1 (.zip) and started to extract the files. My virus software (Norman) detected a trojaner (JS/Crypted.A) in the file jquery.js. Is this an error from Norman?

Viewing 8 replies - 1 through 8 (of 8 total)

  • This also happens to my 2.6 installation, when entering the wp-admin pages. I’ve two different installations on different nodes (version 2.6 and 2.7). I checked both these nodes, and Norman detects the same trojaner on both places. To me it looks like Norman is making an error, but I can’t say for sure.

    PS! Funny – I ususally use the lassej username, but had to choose another one on this forum ??

    -Lasse

    [ignorant expletive deleted]!! i have same problem from today.
    Java script not working correctly on both browsers firefox and IE.

    I cant remove it, norman detect but cant remove it…. i tried ad ware but nothing

    Please help someone

    JS/Crypted.A Trojan horse

    A user of mine is reporting the same problem:
    Trojan: JS/Crypted.A in Norton antivirus.

    I don’t have Norton and a look through the files and code for anything unusual without finding anything suspicious looking.

    On these pages injected code is mentioned, you could try and search for this:

    https://www.isthisablog.com/2009/04/24/jqueryjs-script-exploit/
    https://bit.ly/SHyQO

    It is an error in NORMAN, not an injected code on the page.

    On my computer I had a backup-file and Norman, after the last update (Scannerengine version 6.01.05 – 2009/06/02), marked it as JS/Crypted.A

    I send the .js file to NORMAN to fix this.

    Also scanner ClamAv reported it as PUA.Script.Packed-2

    Thanks Gelle

    I think problem is solved

    I downloaded WP 2.7.1 from THIS officeal site of wp, and when i started unzipping package , Norman said that /wp-includes/js/jquery/jquery.js includes trojan js/crypted.a

    This is Norman foul , last update i did yeasterday 2009-06-02 22:33:19 , Norman joking …. lol or maybe wp hacking ??

    Sorry for bad english

    yes Grafcom

    @grafcom, @debilbill: Yeah, it sounds and looks like it’s Norton who is picking it up wrongly.

    Hi, we also had the same error and contacted NORMAN helpdesk about it.

    They have reacted: this is a “False Positive” showing a message without an actual virus.
    Sorry for this, the problem will be corrected in the next update later today! Please then install the Norman update wich corrects this error.

    If any files have been placed in quarantaine (like jquery.js), please also restore these files to their original locations.
    ===
    So we think this must correct the problem!
    Luuk Aalders – RS Technics – The Netherlands

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘JS/Crypted.A trojaner?’ is closed to new replies.