Virus from guru ads/attack site

Have just had some popups from antivirus software (sophos in this case) with some virus warnings as Ive been reading through guru

virus identified is Mal/Iframe-G and the ad (or at least the site generating it) is
www.fun6677.com/ js / index.htm (without spaces)

Thank you for bringing this to our attention.
I have forwarded your information and the link containing the virus should be removed shortly.

I' ll just mention I had the same.

and another:
http://adserver.mmoguru.com/defaulta...eaderboard.php
In this case its avast! discovering it.

Warning: Visiting this site may harm your computer!
The website at www.guildwarsguru.com contains elements from the site www.fun6677.com, which appears to host malware – software that can hurt your computer or otherwise operate without your consent. Just visiting a site that contains malware can infect your computer.
For detailed information about the problems with these elements, visit the Google Safe Browsing diagnostic page for www.fun6677.com.

If you're afraid of websites loading scripts without your knowledge I suggest you use Firefox and the addon No Script. Stay away from IE if you can!!

link to find Firefox www.mozilla.org

link to download No Script addon http://noscript.net/

This way you can block any Javascript, Java, or Flash from loading any questionable software/malware on you system.

1 Before locked

Report to site feedback or moderator 1st before causing mass panic.

There is also a snapview.ock that keeps tring to load. BTW

P.S. clean your browsing history

same here
avast blocked the same thing from guru (http://www.fun6677.com/)

This is unfortunately a common occurrence here, be sure to have script stopping/blocking on your browser can/will help, but as anyone knows anywhere you go on the net could lead to bad places

Yeah, I have FF with noscript and I'm not getting any warnings O_o

Thats a message generated by Google Chrome. I actually just received the same message. It automatically checks the websites against its own database of reported malware/spyware/harmful websites and automatically lets you know when your browser directs to one, stops you, and asks if you wish to proceed.

I just accepted the warning and went on browsing. W/ith the ads its really no surprise that its registers as malware.

Malware is found by Avira everytime I open a thread, whichever it is.


Quote: 13-01-2009 22:14 Malware found
Virus or unwanted program 'HTML/Dldr.Iframe.JI [virus]'
detected in file 'C:\Documents and Settings\n"\Local Settings\Temporary Internet Files\Content.IE5\35SGBZRM\index[1].htm.

Thanks everyone. Resolved.

I have warning from Avira concering malware and redirects from not one but two different web sites along with two pop-unders are from yieldmanager.com (cpxinteractive.com) and quizrocket.com. The site seems to reset itself about once every two minutes

Looks like it has been solved.

Everything seems to be fine now. Thanks Inde for getting this taken care of so quickly.

I just got a very strange warning from avg (yea I have it paid for for the next 2 years not going to change now)....I have attached a screen shot of the warning...its really late so my brain is not computing what it means other than I should just go to bed now----(and maybe I should not us chrome).

I'm getting this today:



Whenever I visit any page on Guru.

Edit: Yep same one cosyfiep. Chrome + Nod32.

I'm getting it as well, using eset.

ESET NOD32 and Avira Premium found it, so probaly no false positive.
It tries to acces your computer without your permission. Everyone without antivirus will have troubles.

Description as it isn't clear:

Contains recognition pattern of the ''HTML/Dldr.Lframe.JL'' HTML script virus.