Hotmail contains trojan? One of the javascript loaded in Hotmail was identified as JS/Tivso.14a.gen trojan by NOD32. I think it only happens after NOD32 was updated to virus signature 2365 that released on 30th June. Strange thing is it detects nothing when using Firefox to open the website, but when I tried with IE, after few clicks on the left side menu, NOD32 shown alert when the javascript was loaded. Is it really a threat or NOD32 is just too sensitive?
UPDATE:
It was a false positive, there was a bug in virus signature 2365, problem fixed after updated to virus signature 2366(1st July) that just released.
UPDATE:
According to ESET, false positive was not totally solved, the generic signature covering JS/Tivso.13a.gen also would generate a false positive. Misdetection solved after virus signature 2368 was released. Details at ESET Threat Center Blog.
Sunday, July 1, 2007
Hotmail has javascript trojan?
Subscribe to:
Post Comments (Atom)
9 comments:
yeah, I have the same problem when I try to open www.imageshack.us and some other foreign web pages.
I saw the same thing on a banner ad on mail.yahoo.com.
Same thing happens to me when I load Fark.com on IE, Firefox causes no problem. It just started today.
same prob as when i hit Ve3d.com
nod32 gave me a trojan alert and i cleaned it.
norton trial detected nothing, nor did Trend alert....odd?
eyeblaster ign/burstingcachedscripsts/edbannermain
nod32 info;
same thing on yahoo mail
now apears a thing "generic host process for win32..."
I've also just recieved a banner advert trying to load the same javascript file, infected with JS/Tivso.14a.gen trojan.
not from hotmail, but from www.runescape.com
The same happende to ma, and im using firefox
Alert appears on too many website, it should be a false positive. Firefox was not affected probably because of adblock or noscript was in use and it done a good job.
Post a Comment