CA eTrust Antivirus reports infection by JS/Snz.A on sqlcast blog!

Update (1st. January): CA has released a new eTrust definitions update that corrects the error (build 5421), apparently this was a false positive; thanks to a reader for reporting on this. No word from CA so far (issue number 16683491 01).

I have discovered the following virus detection message appearing on Windows computers using CA eTrust antivirus software:

 

 

This problem seems to appear using the latest eTrust antivirus update (version 31.3, build 5417).

I have made a brand new installation of my PC with Windows Vista and eTrust only, updating both the OS and antivirus software with the latest updates. I have found that the virus detection pop-up appears whenever I browse to this blog web address.

A quick search on the Web talks about false positives being reported by CA eTrust antivirus software on some javascript code but I have not been able to find a trusted source of information about this so far. CA does not currently report any information about this virus detection on the support web site.

I have run two different online antivirus scanners, Windows Live OneCare and Trend Micro HouseCall and none have reported an infection.

I have contacted CA Technical Support requesting more information about this issue. I will update the blog with a new post as soon as I have more information.

Comments

• Anonymous
  December 31, 2007
  Same with Wordpress and 31.3.5417 signiture. ;)