Author Topic: VBS:Agent-CQ [Wrm] was detected (Read 5944 times)

Yanto.Chiang · « **on:** October 29, 2009, 10:50:00 AM »

Dear All evangelist,

Just would like to know, i just visited this website : bayi00.blogdetik.com/ArsipVBS:Agent-CQ

And from avast give me warning that this webpage has infected by VBS:Agent-CQ Worm

But if we analyze using :

http://jutaky.no-ip.org/index.php?option=com_content&task=view&id=19&Itemid=32
http://www.unmaskparasites.com/security-report/?page=www.duowan.com/0910/119283364074.html
http://safeweb.norton.com/report/show?url=http%3A%2F%2Fbayi00.blogdetik.com%2FArsipVBS%3AAgent-CQ&x=12&y=2

The result was cleaned, and not detected any suspicious threat in this webpage.

Any suggestion?

DavidR · « **Reply #1 on:** October 29, 2009, 03:32:34 PM »

So are you surprised that in visiting a site offering keygens that you aren't going to get hit

To give you an idea, just have a look at the number of of-site scripts that would be run, anyone of which could be what avast is complaining about, see image.

So aside from any legal/moral issues of using keygens/cracks to circumvent payment you are at a high risk of infection.

That is plain common sense and I would tend to agree with avast, though with firefox and noscript I don't get an alert on that page (bayi00.blogdetik.com).

polonus · « **Reply #2 on:** October 29, 2009, 08:11:12 PM »

Hi Yanto.Chiang and DavidR,

This could have been at the root of the attack on the webpage:
404. Page not found.
Generator: WordPress 2.7 - Warning: Old version of WordPress. It may be vulnerable. Please upgrade.
Last checked: 0 minutes ago (results are cached)

Yanto.Chiang · « **Reply #3 on:** October 30, 2009, 08:25:16 AM »

Hi David and Polonus,

Thanks for your kindly advice,

Anyway, David may i know what is the tool that you using to scan this website?
If looking from your snap shot that is look you using a tool which have capability to scan webpage without to open the webpage?

nmb · « **Reply #4 on:** October 30, 2009, 10:27:26 AM »

Quote from: Yanto.Chiang on October 30, 2009, 08:25:16 AM

Anyway, David may i know what is the tool that you using to scan this website?

No Script add on for firefox. noscript.net

nmb

Yanto.Chiang · « **Reply #5 on:** October 30, 2009, 10:51:22 AM »

Hi NMB,

Thanks for your reference and advice, just install this add-on in to my mozilla browser.

nmb · « **Reply #6 on:** October 30, 2009, 01:48:21 PM »

Quote from: Yanto.Chiang on October 30, 2009, 10:51:22 AM

Hi NMB,
Thanks for your reference and advice, just install this add-on in to my mozilla browser.

you are welcome

if you don't know how to use it, it might be a problem for you : http://antivirus.about.com/od/securitytips/qt/noscript.htm

nmb

Yanto.Chiang · « **Reply #7 on:** October 31, 2009, 03:42:37 AM »

Hi NMB,

Once again said thanks to you, so far i could using it well and also i got additional information from you again.

nmb · « **Reply #8 on:** October 31, 2009, 03:45:11 AM »

Quote from: Yanto.Chiang on October 31, 2009, 03:42:37 AM

Hi NMB,
Once again said thanks to you, so far i could using it well and also i got additional information from you again.

I assumed that you might experience some problems using noscript. if you knew how to use it before hand, then sorry that my assumption was wrong.

nmb

Yanto.Chiang · « **Reply #9 on:** October 31, 2009, 05:48:14 AM »

Hi NMB,

It is ok for me,
I think i need to learn a lot things from you.

Author Topic: VBS:Agent-CQ [Wrm] was detected (Read 5944 times)

Yanto.Chiang

VBS:Agent-CQ [Wrm] was detected

DavidR

Re: VBS:Agent-CQ [Wrm] was detected

polonus

Re: VBS:Agent-CQ [Wrm] was detected

Yanto.Chiang

Re: VBS:Agent-CQ [Wrm] was detected

nmb

Re: VBS:Agent-CQ [Wrm] was detected

Yanto.Chiang

Re: VBS:Agent-CQ [Wrm] was detected

nmb

Re: VBS:Agent-CQ [Wrm] was detected

Yanto.Chiang

Re: VBS:Agent-CQ [Wrm] was detected

nmb

Re: VBS:Agent-CQ [Wrm] was detected

Yanto.Chiang

Re: VBS:Agent-CQ [Wrm] was detected