Results 1 to 21 of 21
  1. #1
    Full Member
    Join Date
    January 18th, 2005
    Posts
    461
    I noticed my site is generating a pop-up when I close out.

    I NEVER put in a script for a pop-up. Seems to be triggered when closing my site and then only after all my cookies are cleared will it do it again..

    The pop-up will briefly show my url on the Top of the page.

    I have only CJ links ( this will change) and adsence ads on my page and I myself never added a pop-up. Can adding CJ product links have a web bug or something???? There is nothing in my source code to assume its in my source code. I will investigate further later.

    Has anyone experienced unwanted pop-ups from CJ product links before. Maybe a web bug or something from these product links?? Adsense been known to do this???

    I am no programmer by all means. So this might take a bit to figure out how this pop-up is being triggered. Any advice? I am NOT happy!



    Here is the source code of the POP-UP being generated


    <html>
    <head>
    <title>::FREE Camera Mount with purchase!::</title>
    <script language="JavaScript" src="http://ads.x10.com/scripts/fldetect.js"></Script>
    <script language="Javascript1.2">
    function growUp()
    {
    self.moveTo(0,0);
    self.resizeTo(screen.availWidth,screen.availHeight);
    }
    </script>
    </head>
    <body bgcolor=#FFFFFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0 rightmargin=0 bottommargin=0>
    <div align="center">
    <center>
    <table width=710 border=0 cellpadding=0 cellspacing=0>
    <tr>
    <td colspan=3>
    <a href="http://ads.x10.com/?bHNlYXJjaGtpbmdwdTEuZGF0=" onclick="growUp[);"><img src="http://img.x10.com/msn2/charlotte_01.gif" width=710 height=40 border=0></a></td>
    </tr>
    <tr>
    <td rowspan=3>
    <a href="http://ads.x10.com/?bHNlYXJjaGtpbmdwdTEuZGF0=" onclick="growUp[);"><img src="http://img.x10.com/msn2/charlotte_02.jpg" width=228 height=250 border=0></a></td>
    <td rowspan=3><script language="JavaScript">GetGraphic(6,248,250,"http://img.x10.com/msn2/ninja.swf","http://img.x10.com/msn4/char.jpg","http://ads.x10.com/?bHNlYXJjaGtpbmdwdTEuZGF0=")</script>
    </td>
    <td>
    <a href="http://ads.x10.com/?bHNlYXJjaGtpbmdwdTEuZGF0=" onclick="growUp[);"><img src="http://img.x10.com/msn2/charlotte_04.gif" width=234 height=93 border=0></a></td>
    </tr>
    <tr>
    <td>
    <a href="http://ads.x10.com/?bHNlYXJjaGtpbmdwdTEuZGF0=" onclick="growUp[);"><img src="http://img.x10.com/msn2/charlotte_05.gif" width=234 height=107 border=0></a></td>
    </tr>
    <tr>
    <td>
    <a href="http://ads.x10.com/?bHNlYXJjaGtpbmdwdTEuZGF0=" onclick="growUp[);"><img src="http://img.x10.com/msn2/charlotte_06.gif" width=234 height=50 border=0></a></td>
    </tr>
    </table>
    </center>
    </div>
    </body>
    < !-- MP Preload -->
    <script language="javascript"
    src="http://ads.x10.com/scripts/vk74a_ab44a.js">
    </script>
    < !-- MP Preload End -->
    </html>

    <font color=blue size="1">"The most successful con artist will have you believing he is the most ethical person you will ever know."</font>

  2. #2
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    First, of course, make sure nobody did a driveby parasiteware download on you. Assuming you're not infected with something:

    As I recall, there is some way to call a pop via an img tag. Obviously, image tags are supposed to aim at images--but I've read that they really don't *have* to. I haven't tried it or studied it in depth so all I can say is to check where the image tags on the page are aiming. Try copying the URLs in the tag into your browser one-by-one and seeing what happens.

    I don't think AdSense can be made to do that, since nothing (that's not from Google) activates unless it's clicked. I doubt Google itself would send the script--it just doesn't seem...Google-like IYKWIM.

    I see "x10" hiding in there. If there's a way to sneak a popup into a product link, they'd be the ones to find it...

    It is a beautiful thing, to do nothing, and then rest afterwards.~Spanish Proverb

  3. #3
    Full Member
    Join Date
    January 18th, 2005
    Posts
    461
    Well, I also joined Linksmanager (30 day trial) and had them set me up. I haven't linked to them yet on my main page, but they did have access to my host. Not saying it's them, just something I need to think about.

    You give good advice Leader. I will copy each url in my browser and see what happens.



    As far as "a driveby parasiteware download" How do I detect that? I am a little confused about how these parasites do what they do.

    Heads will roll when I can pinpoint the intruder!

    Anyway, I will get back to this later. Now I have things to do and people to see.....



    Thanks!

    <font color=blue size="1">"The most successful con artist will have you believing he is the most ethical person you will ever know."</font>

  4. #4
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    To check for paras install and run software like adaware or spybot. Both have free versions. If you've gotten hit with some adware program, they will pick it up. Sounds like that could be the case.

    It's Your Money. You earned it. What are you going to do to make sure you get to keep it?

  5. #5
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    1,403
    Is your website a freehosted one?

    carneol

  6. #6
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    This type of drive-by installed Adware is being developed all the time getting by the Ad-Aware and SpyBot R&D scanners. It spawns delayed popups even on closing open page windows. Had a couple of the buggers on my system and had to go to some forums to get insiders help on finding and removing this crap. I think they are tied to hidden "web bugs" and some re-install when performing browser functions like bookmarking a page.

    Mike & Charlie ...

    If they won't adopt and feed a bird ..flip them one! BBQ some Gator and remember to flush WhenU..

  7. #7
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    767
    A constant battle against slime...

  8. #8
    Full Member
    Join Date
    January 18th, 2005
    Posts
    461
    I did run spybot and no threats detected ( little unusual as I always seem to get hitbox or something detected) the first time around today. Might be something getting by the scanners as Mike & Charlie suggested though. I will download ad-aware again and run that too.

    No I am not using a free host. My own domain and I am paying for a host.

    It only seems to be happening after closing MY site and then , as I mentioned above, only after I clear cookies will it occur again. I will view my files after I get the pop-up and see what I find in there.

    If I have to, I will reformat my system as a last resort. Will want to rule out a direct attack on my domain first as well as a webbug in any of the images on my site......In fact there is a way to go before I will want to go the reformat route.

    Thanks for the feedback....keep them coming if anyone has more to add. Never intended to become an expert on slimeware, but I might just have to in order to protect myself the best I can from this BS


    Really don't feel like dealing with this today.

    <font color=blue size="1">"The most successful con artist will have you believing he is the most ethical person you will ever know."</font>

  9. #9
    Outsourced Program Manager Chris -  AMWSO's Avatar
    Join Date
    January 18th, 2005
    Location
    Bangkok
    Posts
    11,273
    Hi

    I will take a wild guess, you are using DarkBlue ? If yes then read the FAQ, as part of the partner agreement and the reason Merchants don't pay to use the system is that ALL affiliates generate pop ups when a person exits the site through a DarkBlue link, Good news is you earn CPC on those pop ups, as X10 is on Dark Blue this is my guess. If you're not on DarkBlue then ignore the above

    Cheers

    Chris

    <font size="1"> Web Studio-1 Solutions.
    http://www.webstudio-1.com


    All Programs :- Low Threshold : High Return Days : Excellent Support : 100% Parasite Free
    Mondera.com : Netmagazines.com : Pierced Body : Irish Photo Shop : DateCam.com : Vegas Experts

    <FONT COLOR=red size="1"> A little learning is a dangerous thing; drink deep, or taste not the Pierian spring: there shallow draughts intoxicate the brain, and drinking largely sobers us again. Alexander Pope </font></font>

  10. #10
    Full Member
    Join Date
    January 18th, 2005
    Posts
    461
    DarkBlue

    If I am using it, I am not aware of it. if I was using it, I assume I would know what it is.

    Sounds like a name of a template or something.

    Let me do a search on Darkblue....

    <font color=blue size="1">"The most successful con artist will have you believing he is the most ethical person you will ever know."</font>

  11. #11
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    2,341
    I believe that Google may kick you out of adsense if you use popups on the site. May want to get this sorted out as soon as possible.


    Download Site Map Creator Today

  12. #12
    Full Member
    Join Date
    January 18th, 2005
    Posts
    461
    That was easy....an affiliate network is what Darkblue is, and no, I am not using it.

    <font color=blue size="1">"The most successful con artist will have you believing he is the most ethical person you will ever know."</font>

  13. #13
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    4,423
    X10 approached us offering new technology that would delay the pop until people moved off our site - so it would not be associated with our site in any way. Maybe this is it?

    I posted the letter in our news forum and told the guy to get lost. He was taken back, I guess people who sell cameras with advertisements with the cameras spying on women don't have ethics - who would have thought?

    Chet

  14. #14
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    Dirk,

    You might want to get someone on another computer to check your site and see if they get the same thing. That would help isolate whether it's something on your system or coding on your site.

    It's Your Money. You earned it. What are you going to do to make sure you get to keep it?

  15. #15
    Full Member
    Join Date
    January 18th, 2005
    Posts
    461
    Yes Ms.B,

    Good advice and something I am going to do. I have a good amount of troubleshooting skills also that will help me pin point this in time.


    If it's isolated on my computer, I will breath a sigh of relief. If not, then someone is going to answer to this for sure, once I pinpoint the source...

    It seems to be triggered only when I close out of MY site. I will see if it happens on other computers to narrow it down.

    I will let you all know how I make out.

    <font color=blue size="1">"The most successful con artist will have you believing he is the most ethical person you will ever know."</font>

  16. #16
    ABW Ambassador
    Join Date
    January 18th, 2005
    Posts
    1,403
    I visited ads.x10.com. This is a techtoy portal website. What I believe, but I can be wrong is that they set a cookie on your machine which calls the pop up.

    carneol

  17. #17
    Full Member
    Join Date
    January 18th, 2005
    Posts
    461
    Sh@#.....happening on computers across the US and Canada after closing out of my site.

    I am NOT happy and someone else is not going to be happy after I pin point the source.

    Time to start eliminating links, images etc, one at a time and testing after I scrutinize my source code one more time.


    Fun!

    <font color=blue size="1">"The most successful con artist will have you believing he is the most ethical person you will ever know."</font>

  18. #18
    Resident Genius and Staunch Capitalist Leader's Avatar
    Join Date
    January 18th, 2005
    Location
    Florida
    Posts
    12,817
    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>Originally posted by perfectG:
    I believe that Google may kick you out of adsense if you use popups on the site. May want to get this sorted out as soon as possible.
    <HR></BLOCKQUOTE>

    Popups in general are okay w/AdSense, the prohibition is just against putting the AdSense code in the popup!

    The site I applied with has popunders and it was approved with no problem.

    [Edit--Correction--they're actually pop*unders* that are on the site I applied with. Pretty much the same thing--if popups were prohibited I'm sure they wouldn't like popunders either!)

    It is a beautiful thing, to do nothing, and then rest afterwards.~Spanish Proverb

    [This message was edited by Leader on October 11, 2003 at 05:19 PM.]

  19. #19
    Full Member
    Join Date
    January 18th, 2005
    Posts
    461
    I found the culprit. It was a script that was recommended in a affiliate market guide.

    The script is the following and I think it was suppose to serve the same purpose as the "MSSmartTagsPreventParsing" code and didn't cause a problem when first installed.

    &lt;script language="JavaScript" src="http://www.searchking.com/servlet/ezulafix"&gt;&lt;/SCRIPT&gt;

    later on it was updated to add the following to the above:

    &lt;style type="text/css"&gt;&lt; !-- span {font-size:12px} background {color:red} --&gt;&lt;/style&gt;

    More on the ezulafix here, but I don't recommend using it.

    http://www.searchking.com/ezulakiller/

    I removed both parts and no more pop-up. I deleted all links and images at first and still had the problem. I was freaking until I saw the ezulafix script and removed it..I am happy again.

    I would like to thank Ms. B for her offer of help.

  20. #20
    Defender of Truth, Justice and the Affiliate Way
    Join Date
    January 18th, 2005
    Location
    The Swamp
    Posts
    7,503
    I got the exit x10 pop when I left their site.

    from the page dirk linked to:

    <BLOCKQUOTE class="ip-ubbcode-quote"><font size="-1">quote:</font><HR>but we do reserve the right to cover transfer expenses if you choose to use our server.<HR></BLOCKQUOTE>

    Translation: We reserve the right to serve pops on your site which we are getting cpm on. A parasite fix script that serves popups on other's sites. How lovely.

    It's Your Money. You earned it. What are you going to do to make sure you get to keep it?

  21. #21
    2005 Linkshare Golden Link Award Winner  ecomcity's Avatar
    Join Date
    January 18th, 2005
    Location
    St Clair Shores MI.
    Posts
    17,328
    Some affiliate enabled merchant posers or shanky AM's are starting to put these delayed exit pop scripts into their sites. They pocket the money or their 3rd party AM boss tells them to juice the site for some side bucks.

    Another interesting thread on this subhject ... http://abw.infopop.cc/6/ubb.x?q=Y&a=...6326033524&p=1

    Another tidbit ...Fun Web Products is a search companion application distributed by MYWebSearch whioch is owned by the Excite Network which is owned by iWon which is owned by Focus Interactive. It is in fact the defact standard search companion browser helper object with nearly every P2P application.

    http://abw.infopop.cc/6/ubb.x?a=tpc&...444#2506012444

    Which network hosts iWon?

    AM's bann the perverted domain affiliates if they are in your affiliate base. They are all traffic hijackers and re-direct cookie setters.

    coolwwwsearch.com
    jetseeker.com
    bargainbuddy.com
    xrenoder.com
    CoolWebSearch
    allhyperlinks.com
    vrape.hardloved.com
    thehun.com
    madthumbs.com
    worldsex.com
    teeniefiles.com
    al4a.com
    sublimedirectory.com
    thumbzilla.com
    sexocean.com
    easypic.com
    absolut-series.com
    jpeg4free.com
    thumbnailpost.com

    allhyperlinks.com
    activexupdate.com
    slawsearch.com
    true-counter.com
    Global-Finder.com
    luckysearch.net

    After reading all of this, you must be under the impression that a CoolWebSearch hijack is near impossible to fix since there are so many variants. Though it is true that the conventional tools like Ad-Aware, Spybot S&D and HijackThis won't fix all of the variants, there is one tool that will.

    After about the 3rd CWS variant, I realized this particular spyware company moved faster than any other I'd seen before, and that the anti-spyware programs wouldn't be able to keep up with it. So I decided to write a separate program dedicated to removing CoolWebSearch. It's called CWShredder and can be downloaded here, in several forms: http://www.spywareinfo.com/~merijn/files/cwshredder.zip


    Mike & Charlie ...

    If they won't adopt and feed a bird ..flip them one! BBQ some Gator and remember to flush WhenU..

  22. Newsletter Signup

+ Reply to Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •