Threat: JS/Kryptik.KG.trojan

[netplus21 0]

Hello,

I visited the following page that was linked from themeforest.net

http ://themedemo.indonez.com/?theme=Devster


I clicked on the  'Blogs' category on the above page, and my antivirus displayed the following message:

----------
Scanner: HTTP filter

Object type: file

Object: http: // themedemo.indonez.com/?theme=Devster/Original/js/jquery-1.3.2.min.js

Threat: JS/Kryptik.KG.trojan

Action: connection terminated
-----------


I did a check using urlvoid on the URL for Themedemo.indonez.com and no hits on blacklist
hxxp://www.urlvoid.com/scan/themedemo.indonez.com/
Likewise also using surcuri, nothing found in its blacklist status
https://sitecheck.sucuri.net/results/themedemo.indonez.com


themeforest.net and indonez.com both seem to be legitimate sites.

Please tell me how to proceed in order to see if the threat is real. Furthermore, if I did visit a malicious site, are there any more checks that you recommend I conduct on my pc?

[Marcos 5,070]

The detection is correct. Legitimate sites are often a popular target of attackers as it's an easy way how to infect a lot of systems within a reasonably short time.

[netplus21 0]

thanks for your reply.

 

Are there any next steps for me?

 

I conducted a full computer scan on all drives with smart security and my computer is clean.

 

The 'JS/Kryptik.KG.trojan' threat was quarantined as soon as it was picked up.

 

Is there a possibility that I picked up another threat from that site which wasn't detected by smart security?

[Marcos 5,070]

Access to the infected web page was blocked so there's no chance you could get infected. However, we're speaking only about this particular page, not about other ones that you might have opened.