netplus21 0 Posted February 16, 2016 Share Posted February 16, 2016 Hello,I visited the following page that was linked from themeforest.nethttp ://themedemo.indonez.com/?theme=DevsterI clicked on the 'Blogs' category on the above page, and my antivirus displayed the following message:----------Scanner: HTTP filterObject type: fileObject: http: // themedemo.indonez.com/?theme=Devster/Original/js/jquery-1.3.2.min.jsThreat: JS/Kryptik.KG.trojanAction: connection terminated-----------I did a check using urlvoid on the URL for Themedemo.indonez.com and no hits on blacklisthxxp://www.urlvoid.com/scan/themedemo.indonez.com/Likewise also using surcuri, nothing found in its blacklist statushttps://sitecheck.sucuri.net/results/themedemo.indonez.comthemeforest.net and indonez.com both seem to be legitimate sites.Please tell me how to proceed in order to see if the threat is real. Furthermore, if I did visit a malicious site, are there any more checks that you recommend I conduct on my pc? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted February 16, 2016 Administrators Share Posted February 16, 2016 The detection is correct. Legitimate sites are often a popular target of attackers as it's an easy way how to infect a lot of systems within a reasonably short time. Link to comment Share on other sites More sharing options...
netplus21 0 Posted February 17, 2016 Author Share Posted February 17, 2016 thanks for your reply. Are there any next steps for me? I conducted a full computer scan on all drives with smart security and my computer is clean. The 'JS/Kryptik.KG.trojan' threat was quarantined as soon as it was picked up. Is there a possibility that I picked up another threat from that site which wasn't detected by smart security? Link to comment Share on other sites More sharing options...
Administrators Marcos 5,286 Posted February 17, 2016 Administrators Share Posted February 17, 2016 Access to the infected web page was blocked so there's no chance you could get infected. However, we're speaking only about this particular page, not about other ones that you might have opened. Link to comment Share on other sites More sharing options...
Recommended Posts