Title: JS/Crypted.A trojaner?
Last modified: August 19, 2016

---

# JS/Crypted.A trojaner?

 *  Resolved [lassej](https://wordpress.org/support/users/lassej/)
 * (@lassej)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/jscrypteda-trojaner/)
 * Downloaded v.2.7.1 (.zip) and started to extract the files. My virus software(
   Norman) detected a trojaner (JS/Crypted.A) in the file jquery.js. Is this an 
   error from Norman?

Viewing 8 replies - 1 through 8 (of 8 total)

 *  [lasjen](https://wordpress.org/support/users/lasjen/)
 * (@lasjen)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/jscrypteda-trojaner/#post-1093487)
 * This also happens to my 2.6 installation, when entering the wp-admin pages. I’ve
   two different installations on different nodes (version 2.6 and 2.7). I checked
   both these nodes, and Norman detects the same trojaner on both places. To me 
   it looks like Norman is making an error, but I can’t say for sure.
 * PS! Funny – I ususally use the lassej username, but had to choose another one
   on this forum 🙂
 * -Lasse
 *  [debilbill](https://wordpress.org/support/users/debilbill/)
 * (@debilbill)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/jscrypteda-trojaner/#post-1093491)
 * [ignorant expletive deleted]!! i have same problem from today.
    Java script not
   working correctly on both browsers firefox and IE.
 * I cant remove it, norman detect but cant remove it…. i tried ad ware but nothing
 * Please help someone
 * **JS/Crypted.A Trojan horse**
 *  [gelle](https://wordpress.org/support/users/gelle/)
 * (@gelle)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/jscrypteda-trojaner/#post-1093493)
 * A user of mine is reporting the same problem:
    **Trojan: JS/Crypted.A** in Norton
   antivirus.
 * I don’t have Norton and a look through the files and code for anything unusual
   without finding anything suspicious looking.
 * On these pages injected code is mentioned, you could try and search for this:
 * [http://www.isthisablog.com/2009/04/24/jqueryjs-script-exploit/](http://www.isthisablog.com/2009/04/24/jqueryjs-script-exploit/)
   
   [http://bit.ly/SHyQO](http://bit.ly/SHyQO)
 *  [Gunu](https://wordpress.org/support/users/grafcom/)
 * (@grafcom)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/jscrypteda-trojaner/#post-1093494)
 * It is an error in **NORMAN**, not an injected code on the page.
 * On my computer I had a backup-file and Norman, after the last update (Scannerengine
   version 6.01.05 – 2009/06/02), marked it as JS/Crypted.A
 * I send the .js file to NORMAN to fix this.
 * Also scanner ClamAv reported it as PUA.Script.Packed-2
 *  [debilbill](https://wordpress.org/support/users/debilbill/)
 * (@debilbill)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/jscrypteda-trojaner/#post-1093495)
 * Thanks **Gelle**
 * I think problem is solved
 * I downloaded WP 2.7.1 from THIS officeal site of wp, and when i started unzipping
   package , Norman said that /wp-includes/js/jquery/jquery.js includes trojan js/
   crypted.a
 * This is Norman foul , last update i did yeasterday 2009-06-02 22:33:19 , Norman
   joking …. lol or maybe wp hacking 🙂
 * Sorry for bad english
 *  [debilbill](https://wordpress.org/support/users/debilbill/)
 * (@debilbill)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/jscrypteda-trojaner/#post-1093496)
 * yes **Grafcom**
 *  [gelle](https://wordpress.org/support/users/gelle/)
 * (@gelle)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/jscrypteda-trojaner/#post-1093497)
 * [@grafcom](https://wordpress.org/support/users/grafcom/), [@debilbill](https://wordpress.org/support/users/debilbill/):
   Yeah, it sounds and looks like it’s Norton who is picking it up wrongly.
 *  [rstechnics](https://wordpress.org/support/users/rstechnics/)
 * (@rstechnics)
 * [16 years, 11 months ago](https://wordpress.org/support/topic/jscrypteda-trojaner/#post-1093501)
 * Hi, we also had the same error and contacted NORMAN helpdesk about it.
 * They have reacted: this is a “False Positive” showing a message without an actual
   virus.
    Sorry for this, the problem will be corrected in the next update later
   today! Please then install the Norman update wich corrects this error.
 * If any files have been placed in quarantaine (like jquery.js), please also restore
   these files to their original locations.
    === So we think this must correct the
   problem! Luuk Aalders – RS Technics – The Netherlands

Viewing 8 replies - 1 through 8 (of 8 total)

The topic ‘JS/Crypted.A trojaner?’ is closed to new replies.

 * In: [Installing WordPress](https://wordpress.org/support/forum/installation/)
 * 8 replies
 * 6 participants
 * Last reply from: [rstechnics](https://wordpress.org/support/users/rstechnics/)
 * Last activity: [16 years, 11 months ago](https://wordpress.org/support/topic/jscrypteda-trojaner/#post-1093501)
 * Status: resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics