My security suite just quarantined a JS/Agent.NQO trojan the second i clicked to view that gallery. Just a warning for everyone here.
Weird, I can't believe Oshyan would do such a thing :P
Quote from: Chris on January 09, 2016, 06:49:13 AM
My security suite just quarantined a JS/Agent.NQO trojan the second i clicked to view that gallery. Just a warning for everyone here.
What Antivirus software do you have? Such warnings were mostly false positive here.
Likely a false positive as there is no information on it doing anything. JS simply doing something too fast can cause these false positives.
http://www.virusradar.com/en/JS_Agent.NQO/detail
Hmm, I'm not seeing any problems here. Is anyone else getting any errors, warnings, etc? It certainly could be a false positive, but I'll look into it.
- Oshyan
Quote from: Oshyan on January 09, 2016, 03:26:33 PM
Hmm, I'm not seeing any problems here. Is anyone else getting any errors, warnings, etc? It certainly could be a false positive, but I'll look into it.
- Oshyan
When I enabled ESET I did, but ESET is known to be increasingly picky.
The only problem I'm getting with the image gallery is none of my images are on it. :o ;)
https://www.virustotal.com/en/url/840e1e9437178e0c5723ee519c95ad9d344e79963195b8a02d2b5b39b9240a8f/analysis/1452376502/
https://www.virustotal.com/en/url/e7c00563f55b3e8ace88eecd987a2832a5eb4d7fef54799b0d2c244522f34670/analysis/1452376585/
Seems all clear.
I did read some stuff on hoverIntent.js being hijacked by people that already have a infection on their computer. Not sure if relevant.
Edit:
However, the actual files in question being downloaded to our computers have issues...
https://www.virustotal.com/en/file/6444762c5ade851ac46f2958fc8436d5e16e159f100bcab06e54fb9aebe28191/analysis/1452376737/
Hmm, but only according to 3 out of 55 scanners, which is strong indication of a false positive in my experience.
- Oshyan
Quote from: Oshyan on January 09, 2016, 06:09:10 PM
Hmm, but only according to 3 out of 55 scanners, which is strong indication of a false positive in my experience.
- Oshyan
Considering the entry is only a couple days old with no info it's hard to say. It's llikely nothing, and a false detection based on new updates. The files in question don't have any extra file information whether headers or otherwise.
If more then likely there is no issue, then i will leave it at that. Yes, ESET can be very picky. Apologies for the scare.
Got a notice from Avira that there is a .js trojan just released this week to watch out for...trying to find the e mail and will post it when I do.
It was on a nag screen as I have the free version and I can't locate it...sorry.