Running Ublock origin, and the attached popped up today...
Links to an EXE that seems to be identical to that which I mentioned previously (
http://shipspotting.com/ smf1/include/Install.exe). I'm now VERY doubtful this is merely restricted to the ad provider the site uses, but rather a larger issue with the site itself.
SMF doesn't ship with an EXE, no matter the version - Something I know as I run a number of sites running SMF software... So that installer should definitely NOT be there!
The popup links to a file that contains a Trojan, classified as "UDS:Trojan-spy.Win32.SpyEyes.a ". This particular Trojan contains, amoungst other things, a key-logger, a self-installing rootkit to hide it's presence, and the ability to download and install updates pushed from the attacker to the infected machine, without intervention by the end user.
It appears to be designed primarily to help steal login credentials of users, pushing them to the attacker.
Interestingly, the site attempted to download the file from "shipspotting.com/SMF1/include/install.exe" whilst I was editing this post, without a pop-up. Kaspersky total security intervened and prevented the download.
[DA: disrupted above link to avoid inadvertant access]