# virus on forum??



## Rocco Savadgie (Dec 21, 2008)

every time I load a page, the file 0000cb6b.js gets deleted by mcafee (flagged as JS/Downloaded-AUD). Is it just me? 21st Dec @ 01:20 GMT





edit: seems to have stopped now..


----------



## RupeeClock (Dec 21, 2008)

I'm getting some suspicious behaviour from my anti-virus as well.

Has the site been infected?


----------



## Raven Darkheart (Dec 21, 2008)

my avg caught something twice already.....
shut down the site for a bit perhaps?


----------



## science (Dec 21, 2008)

Ahh, the perks of being on a Mac


----------



## DaRk_ViVi (Dec 21, 2008)

science said:
			
		

> Ahh, the perks of being on a Mac



I think I'll continue to surf safely, I'm on a Mac too.


----------



## denzil (Dec 21, 2008)

RupeeClock said:
			
		

> Has the site been infected?


Most definitely. An obfuscated JavaScript in the forum header (between "My Friends" and "New Messages) that generates a hidden iframe which in turn loads a JavaScript from bidwm.info which in turn tries to serve infected PDF files to the user.


----------



## Law (Dec 21, 2008)

Guess it's time to get me an Anti-Virus.


----------



## Narin (Dec 21, 2008)

Problem should be fixed now and I'm looking into the matter


----------



## Raven Darkheart (Dec 21, 2008)

Narin said:
			
		

> Problem should be fixed now and I'm looking into the matter


thanks, kupo!
if anything else comes up i'll come back here


----------



## kobykaan (Dec 21, 2008)

meh same here too firefox trying to launch PDF's ?

fortunate for me PDF's don't like opening fast on my pc so I could close it soon as It started trying to load


----------



## RupeeClock (Dec 21, 2008)

denzil said:
			
		

> RupeeClock said:
> 
> 
> 
> ...


Ah, I've encountered that before on this forum software.

I prefer vBulletin, really.


----------



## Immortal Game (Dec 21, 2008)

Yeah, like half an hour ago I was browsing and Avast popped up saying it blocked something from bidwm.info..


----------



## Shabadage (Dec 21, 2008)

just to clarify, if you didn't get a pdf opening, nothing to worry about, correct?

Or am I going to have to install another Anti-Vir (Just wiped my system a week ago) and watch my performance go to shit again.


----------



## Deleted User (Dec 21, 2008)

science said:
			
		

> Ahh, the perks of being on a Mac
> I'm on a Mac too, but my Virusscan did notice the script, although it said 'No action'.
> 
> 
> ...


Definitely fixed.


----------



## Narin (Dec 21, 2008)

You guys should be fine, especially those of you using non-IE browsers and those not running Windows. I managed to remove the exploit soon after it was added. If you are still concerned, I suggest doing a virus scan just to make sure.


----------



## UltraMagnus (Dec 21, 2008)

DaRk_ViVi said:
			
		

> science said:
> 
> 
> 
> ...



me too, on linux though of course


----------



## Ace Gunman (Dec 21, 2008)

This was taken care of. Topic closed.


----------

