Alert on Webpage

When I view page 2 from the topic Trojan Win32.Agent.pz from Stoneybrook Assisted Living site at dslreports.com/forum/security, Nod32 (3.0.669.0 /3424) give's me a warning about JS/TrojanDownloader.Agent.NFB.

False positive or not

 

What browser? Nothing here using Firefox.

 

Hello,

I went there and nothing was flagged. Did you click a link or did it happen as soon as the page opened?

Firefox here also.

BFG

 

I only get a warning when using IE. It happens when the page loads.

 

One more reason to not use it, I suggest Firefox or Opera, both are more secure. Since the problem only appears in IE, I would think it's an ActiveX exploit of some type.

 

Hello,

For curiosity's sake I checked on that web page De Hollander mentioned in his post and NOD32 v. 3.0.772 didn't warn me at all.

I'm using windows XP Professional with SP-3(fully patched), NOD32 v. 3.0.772, ZoneAlarm Pro v. 8.0.15 and Windows Defender only. No more security software installed and IE 7.0.

Couldn't that be an error message ?


Carlos

 

as far as that connection terminated is concerned, its for security

u can;t see the problem, coz there is a java script which is actually a NFC.variant

but the Java script is only is text, in HTML format, threatsense detects it somehow and is rejecting it,

u can observe it using an old Browser Optimization Software called as NAVISCOPE,

u can actually see what being downloaded from the webpage, and observe carefully, its passes off very quick,( Small Size )

and as far as the security is concerned, u need not worry, its just a precaution via ThreatSense

 

Actaully Can;t be considered as False Positive, Its a Precautionary security

 

That's debatable when using Vista, as IE7/8 run in protected mode.

 

This is because malicious code was entered into the (code) tags, meaning it shows the exact code, but won't execute it

it's not a false positive, and the malicious code is entering your computer, just not running

i'd bet money this post is whats setting it off from the obfuscated javascript

http://www.dslreports.com/forum/r21066716-

 

Thanks for replaying , and sorry for the late respons, .....a lot of work

The message came with IE7 , Vista Home Premium and Windows Defender, IE7 passive modus / Blackspear settings.


Translation:
Probably a variant of JS/TrojanDownloader.Agent.NFB.Trojan horse
Error during cleanup
Event occurred in new file that was created by program: