www.gamespot.com

Viruses and worms
1

when i visit the site -http://www.gamespot.com

My network shield open a red tab which write:
Url:mal
-http://js.nrcdn.com/costum-script/1.0/www-gamespot-com.js

Is this a false poritive or actual a script-virus?

2

URL:mal is not malware…but means the url is on a block list

listed at hpHosts as EMD http://urlvoid.com/scan/gamespot.com/ http://hosts-file.net/?s=gamespot.com

•[b]EMD - sites engaged in malware distribution[/b] This classification is assigned to website's engaged in the distribution of malware (e.g. adware, spyware, trojans and viruses etc).

Sites with this classification typically either contain files (e.g. cracks, keygens, adware, spyware, trojans, viruses et al) or lead to such via (for example) “fake scanners” or other social engineering and misleading tactics. This includes the activities of rogue Internet Service Providers (ISPs) that host other sites to which the EMD classification applies.

3

This malware has been closed since 2012-08-12 05:38:44, so you could file a FP report to virus AT avast dot com.
By the way I do not get a avast alert there…and the site is clean according to: https://www.virustotal.com/url/5726eb38c1f39d514854e70cfd9d781f603a91399eee53a3405e83db6d3800c6/analysis/1354740807/
Quttera finds 1 suspicious file:
image.gamespotcdn.net/gamespot/www/js/global.min.js?v=1353959396
File size[byte]:
229208
Threat type:
Potentially Suspicious
Details:
Our investigation system run out of memory used for execution process.
Reason:
Reached execution stack limit. Stack content: [ E ][ == ][ E ][ == ][ E ][ == ][ E ][ == ][ E ][ == ][ E ][ == ][ E ][ == ][ E ][ == ][ E ][ == ][ E ][ == ]
MD5:
12BA15AABEAD491AA9EF34414A13C859
Data Quttera scan data
info: ActiveXDataObjectsMDAC detected Microsoft.XMLHTTP
info: [javascript variable] URL=api.cnet.com/rest/v1.0/techProduct
info: [iframe] image.gamespotcdn.net/gamespot/www/js/
info: [decodingLevel=0] found JavaScript
error: undefined function document.createElement(“input”).getAttribute
suspicious: maxruntime exceeded 10 seconds (incomplete) 0 bytes =added javascript unpacker data for above file

Site had IDS alert, not now: http://urlquery.net/report.php?id=318403
Site is given clean: http://zulu.zscaler.com/submission/show/007c744606facee0f4cf4a57ef6ae2a5-1354741764

polonus