tag:blogger.com,1999:blog-804714437673009003.post3716031446013321071..comments2024-02-23T09:06:13.967+00:00Comments on Dynamoo's Blog: Js/snz.a - likely false positive in eTrust / Vet Anti-VirusUnknownnoreply@blogger.comBlogger29125tag:blogger.com,1999:blog-804714437673009003.post-81821091066750644652008-01-01T12:37:00.000+00:002008-01-01T12:37:00.000+00:00My CA showed it yesterday too and deleted it!My CA showed it yesterday too and deleted it!Sheltimom3https://www.blogger.com/profile/17701291862827865753noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-53718415195461613232008-01-01T12:36:00.000+00:002008-01-01T12:36:00.000+00:00My CA showed it yesterday morning too!My CA showed it yesterday morning too!Sheltimom3https://www.blogger.com/profile/17701291862827865753noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-40228005947556628292007-12-31T21:54:00.000+00:002007-12-31T21:54:00.000+00:00I think it fixed the problem on our end as well. o...I think it fixed the problem on our end as well. our systems in the office that got pushed the new update are no longer testing positive. we still are getting some alert emails trickling in, but it takes some time for all of our workstations to get the update. if we are still getting alerts on 2nd i will worryeric cumbeehttps://www.blogger.com/profile/15788366063467622896noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-88494151035839850352007-12-31T20:23:00.000+00:002007-12-31T20:23:00.000+00:00Apparently CA has fixed this false positive recent...Apparently CA has fixed this false positive recently. Updated and issue was resolved.<BR/><BR/>GHUnknownhttps://www.blogger.com/profile/05157440686376158026noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-72035994965839108012007-12-31T19:48:00.000+00:002007-12-31T19:48:00.000+00:00Thanks for the info, I have been having problems a...Thanks for the info, I have been having problems all day. it also seems to be restricting access to certain web pages. Hopefully CA will fix quickly!jfb1066https://www.blogger.com/profile/11971692103530458436noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-85355779904728738042007-12-31T19:33:00.000+00:002007-12-31T19:33:00.000+00:00I used to work heavily with eTrust AV. Just shortl...I used to work heavily with eTrust AV. Just shortly into 2008 (yes, it already is, here in NZ) I got this false positive. I like to think of it as eTrust's way of wishing me a Happy New Year ;)Unknownhttps://www.blogger.com/profile/14985908018333908255noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-8113914118626112872007-12-31T18:44:00.000+00:002007-12-31T18:44:00.000+00:00It seems a script inside the WOT.jar archive (/ski...It seems a script inside the WOT.jar archive (/skin/include/mooscript.js) also "contains this trojan". This crashed my WOT add-on in Firefox today (www.mywot.com). With the latest update (vet engine .5419) the problem indeed disappears. <BR/><BR/>Let the party start and the best in 08.Orwallhttps://www.blogger.com/profile/10862859314053553809noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-18779409678770862322007-12-31T17:58:00.000+00:002007-12-31T17:58:00.000+00:00Thanks for this information! The funky thing is, ...Thanks for this information! The funky thing is, clicking INFO in CA produces a page of theirs that says no results. DUH.<BR/><BR/>PeaceDAHstrahttps://www.blogger.com/profile/13228851496453907359noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-44158655564290898102007-12-31T17:26:00.000+00:002007-12-31T17:26:00.000+00:00Opened a ticket with CA earlier today and they hav...Opened a ticket with CA earlier today and they have now posted a signature update (31.3.5419) which includes a bug fix for this (Js/snz.a) false positive. <BR/>download the signature update and you should be good to go.<BR/>TomTom Grahamhttps://www.blogger.com/profile/11977252401972701805noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-46047869100238506042007-12-31T17:12:00.000+00:002007-12-31T17:12:00.000+00:00I just spoke to CA and this is indeed a false posi...I just spoke to CA and this is indeed a false positive. They hope to have a new signature for download to correct the problem in the afternoon of 31 December.Anonymoushttps://www.blogger.com/profile/18162320228226341793noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-1337401717064862282007-12-31T16:56:00.000+00:002007-12-31T16:56:00.000+00:00Thanks Eric, that is nice to know. This could be g...Thanks Eric, that is nice to know. This could be good or bad for CA with the publicity they will be getting today. This year I was just getting comfortable with CA Internet Security Suite after using it a few years ago and dropped it because it was too slow and not catching all the bad guys. Since I have installed it again the beginning of last year, I have had no problems until now. Would you PiperBobhttps://www.blogger.com/profile/17573380787858889973noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-63378087670880912822007-12-31T16:31:00.000+00:002007-12-31T16:31:00.000+00:00Same here ... over 100 PCs.A temporary fix, not se...Same here ... over 100 PCs.<BR/>A temporary fix, not secure !!!, was to Disable Realtime ...Unknownhttps://www.blogger.com/profile/13060514511910460389noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-5462336511331378632007-12-31T16:30:00.000+00:002007-12-31T16:30:00.000+00:00Looks like I may not even be able to finish testin...Looks like I may not even be able to finish testing my new site (which uses jquery) until this update comes in. On IE, the file is stripped, so none of the stuff I'm testing will work.Kristenhttps://www.blogger.com/profile/08827651632884248765noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-78319607648375387862007-12-31T16:12:00.000+00:002007-12-31T16:12:00.000+00:00We use Etrust ITM on about 500 computers here at w...We use Etrust ITM on about 500 computers here at work. we have talked to CA and they confirm it is a false positive. They are hoping to have a update out by 2pm est.eric cumbeehttps://www.blogger.com/profile/15788366063467622896noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-1165626063351018892007-12-31T15:56:00.000+00:002007-12-31T15:56:00.000+00:00stewart expressed my situation well, and thanks fo...stewart expressed my situation well, and thanks for posting the link to let ca know.Bargainholichttps://www.blogger.com/profile/14868407989487154649noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-63901843339652967692007-12-31T15:45:00.000+00:002007-12-31T15:45:00.000+00:00You may want to add Dean Edwards' compliance patch...You may want to add Dean Edwards' compliance patch for Microsoft browsers ie7-standard-p.js.PiperBobhttps://www.blogger.com/profile/17573380787858889973noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-51813357762461754762007-12-31T15:20:00.000+00:002007-12-31T15:20:00.000+00:00Thanks a lot! I'm seeing this all over the place ...Thanks a lot! I'm seeing this all over the place this morning.Matthttps://www.blogger.com/profile/17481981687144047012noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-25593019517569141332007-12-31T15:19:00.000+00:002007-12-31T15:19:00.000+00:00I dont want to be a pain, but the times posted on ...I dont want to be a pain, but the times posted on your comments are for this afternoon, it is now 09:19 am here in IA.Unknownhttps://www.blogger.com/profile/00151300421057505905noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-48973846376557125172007-12-31T14:43:00.000+00:002007-12-31T14:43:00.000+00:00Thank you for the timely entry. Most users are ju...Thank you for the timely entry. Most users are just getting to work in AZ. I've been here a while and just now started to get a couple of these.Unknownhttps://www.blogger.com/profile/18438375551533250720noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-7908866387295418612007-12-31T14:24:00.000+00:002007-12-31T14:24:00.000+00:00I had four of these alerts this morning, too: I fo...I had four of these alerts this morning, too: I found the tip really helpful, so thanks.<BR/><BR/>Interesting to note that when I clicked on the link for JS/Snz.A in the CA Anti-Virus alert message box, I got a "no search results found" from the CA website! I got even more concerned when I couldn't Google it, either...<BR/><BR/>I've contacted ca but have yet to get a response.<BR/><BR/>I agree Stewarthttps://www.blogger.com/profile/02232140600043532199noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-5335219030370059772007-12-31T14:22:00.000+00:002007-12-31T14:22:00.000+00:00Yup, I'm a sysadmin for a decent size network and ...Yup, I'm a sysadmin for a decent size network and this morning my inbox greeted me with 283 new infection notifications! I hope CA fixes this by wednesday before people actually come back to work and really start using their machines again!Robbiehttps://www.blogger.com/profile/11617907507333567614noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-53596295978840634152007-12-31T14:18:00.000+00:002007-12-31T14:18:00.000+00:00I also received 28 alerts this morning. All files ...I also received 28 alerts this morning. All files have been deleted by ZoneAlarm.<BR/><BR/>At the same time I received these alerts I also received a lot of warning messages from 'Poker Academy Pro 2'.Ciboulettehttps://www.blogger.com/profile/13836565442182458024noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-78136015317460943042007-12-31T14:02:00.000+00:002007-12-31T14:02:00.000+00:00Immediately following an update for my CA security...Immediately following an update for my CA security software, I received eight notices of an infection: JS/SNZ.AUpsieDaisyhttps://www.blogger.com/profile/07768111531282178165noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-57737230759941590372007-12-31T13:51:00.003+00:002007-12-31T13:51:00.003+00:00and yes happy new year and party hardand yes happy new year and party hardRandyhttps://www.blogger.com/profile/14983209471040330776noreply@blogger.comtag:blogger.com,1999:blog-804714437673009003.post-8333587737323832142007-12-31T13:51:00.002+00:002007-12-31T13:51:00.002+00:00Thanks for posting this! We compress Coolmenus406....Thanks for posting this! We compress Coolmenus406.js and mootips.js, both showed as "infected" by CA Enterprise Anti-Virus. Yet I'm sure they're not.Michaelhttps://www.blogger.com/profile/17713885932086603047noreply@blogger.com