![]() |
Webmaster Forum Rules | Posting Guide | Contact Us | Testimonials | Contributing Geek Program | Advertise on Geek/Talk |
|
|
![]() |
|
Thread Tools | Display Modes |
![]() |
#1 |
Registered User
Join Date: May 2001
Posts: 147
|
![]()
Hello,
Today I receive a repot from one of my sites visitors that one of our pop behind ads had triggered their anti virus software. Of course they were not sure what ad had caused the problem. I went to the campaigns page and started looking at sample ads. When I opened the DiscountAirfare ad my antivirus software triggered. The ad is aparently trying to change the users start page to one of it's own. I've included a link to some additional information about what the ad is trying to do. I've also contacted FastClick with the information. I would recommend removing it from your rotation. http://vil.nai.com/vil/virusSummary.asp?virus_k=99066 Last edited by Mbarb; 12-28-2001 at 10:00 AM. |
![]() |
![]() |
![]() |
#2 |
Registered User
Join Date: Nov 2001
Posts: 719
|
![]()
Thanks for the info mbarb
|
![]() |
![]() |
![]() |
#3 |
Registered User
Join Date: Dec 2001
Location: Albuquerque, NM
Posts: 41
|
![]()
I also received an e-mail from one of my customers yesterday alerting me to that JS/IEStart virus which was being transmitted by one of my ads.
The difference is I use OrbitCycle to rotate my ads and they insert one of their ads every 10th time. One of them is evidently doing this. I don't know whether it is that particular advertiser. I'm going to notify them as well. |
![]() |
![]() |
![]() |
#4 |
![]() Join Date: Aug 1999
Location: Gold Coast, Queensland, Australia
Posts: 9,506
|
![]()
Thank you so very much for bringing this to our attention.
Fortunately, the campaign seems to have had a comparitively limited run thus far, but it's still scary to see that several hundred of my visitors have had to battle this menace while visiting my FastClick member sites. I'd hate to think what perception they now have of my site (and whether any complaints have been filed against those of us who have run this campaign). ![]()
__________________
Czar Follow Geek/Talk's Twitter Feed and Facebook Page to stay up to date with new discussion threads and online ad industry highlights. Important GeekVillage Links: Home | Rules | Posting Guide | Report Trouble | Feedback | Advertise on GV |
![]() |
![]() |
![]() |
#5 |
Registered User
Join Date: Nov 2000
Location: NC, USA
Posts: 290
|
![]()
Could someone from FastClick comment on this... I wonder how this could have possibly gotten past their content screeners?
Thank you Mbarb for posting this, I turned off the camgaign immediatley. I just hate to think of the hundreds of visitors who got served that ad.. :: sigh :: ![]() Last edited by PWR_Paul_Banker; 12-28-2001 at 11:41 AM. |
![]() |
![]() |
![]() |
#6 |
![]() Join Date: Aug 1999
Location: Gold Coast, Queensland, Australia
Posts: 9,506
|
![]()
Hopefully Alexis will comment when she drops by next. Until then, I'll see if Steve's interested in assigning the thread with 'Sticky' status so that Geeks and lurkers - at the very least - will be made aware of this serious issue.
That's two strikes against FastClick's content screeners in as many weeks. Hopefully not an ominous sign... ![]()
__________________
Czar Follow Geek/Talk's Twitter Feed and Facebook Page to stay up to date with new discussion threads and online ad industry highlights. Important GeekVillage Links: Home | Rules | Posting Guide | Report Trouble | Feedback | Advertise on GV |
![]() |
![]() |
![]() |
#7 |
Join Date: Aug 1998
Location: Las Vegas, Nevada, USA
Posts: 5,224
|
![]()
Under direct orders from General Czar this thread is sticky
![]() Can you geeks please send me email contacts AND or phone and fax numbers for this merchant via PM? Names also. All the way up the food chain please. I will try and reach them on behalf of the Community. |
![]() |
![]() |
![]() |
#8 |
![]() Join Date: Aug 1999
Location: Gold Coast, Queensland, Australia
Posts: 9,506
|
![]()
Just to the rest of you know, I've sent Alexis, Jeff and Dave's email addresses to Steve, as well as the general phone and fax numbers associated with the company (along with Alexis' extension number), so these don't need to be PMed. Any increasingly specific contacts would still be welcome, I imagine.
Thanks for your time.
__________________
Czar Follow Geek/Talk's Twitter Feed and Facebook Page to stay up to date with new discussion threads and online ad industry highlights. Important GeekVillage Links: Home | Rules | Posting Guide | Report Trouble | Feedback | Advertise on GV Last edited by Czar; 12-28-2001 at 02:12 AM. |
![]() |
![]() |
![]() |
#9 |
Registered User
Join Date: May 2001
Posts: 147
|
![]()
Good morning.
Just a update from me. I have not received a reply to my e-mail, the ad is still available and is still trying to change Internet Explorer start pages. Luckily I only showed the ad about 50 times before I was alerted, it could have been much worse. Hopefully Czar or Steve_S can get a response from Fastclick. I'm going to be sending a e-mail to the ISP hosting the ad, maybe I can get something done. This just shows the importance of running good antivirus software and keeping it up to date. |
![]() |
![]() |
![]() |
#10 |
Registered User
Join Date: Jan 2001
Posts: 16
|
![]()
Hi Everyone,
I apologize for the delay in response, and appreciate members of this forum contacting me directly. Unfortunately, when the creative was reviewed, the effect some users are experiencing did not occur with our browsers. If anyone has further information, or can duplicate the effect, please email any relevant code to me at agbrown@fastclick.com. We are in the process of contacting the Advertiser for further details, and if any viruses or inappropriate behavior is discovered, we will terminate their account. This type of shenanigan violates Fastclick's Terms and Conditions. Thanks, again, to the members of this forum! Best, Alexis |
![]() |
![]() |
![]() |
#11 |
Registered User
Join Date: May 2001
Posts: 147
|
![]()
I've isolated the text in the page that is causing the problems, I don't really watnt to be sending the file even though I renamed it as a text file. I can say with 100% certenty that they have added the code to the page. Let me know how you want me to procede.
This text is only part of the code... <Admin note. great thread but others may use the code the wrong way and with the wrong intent so I better snip it. I'm not really a coder and have a copy of the original for safe keeping. Hope you guys understand. Strangers can view this stuff. Thanks members for the heads up.> Last edited by Steve_S; 12-30-2001 at 04:59 PM. |
![]() |
![]() |
![]() |
#12 |
Registered User
Join Date: Jan 2001
Posts: 16
|
![]()
Ugh. It looks like this code was added into the creative after we approved it. It's unfortunate, and hopefully we didn't upset too many users. The campaign is currently offline, and will remain as such until we can get further information from the Advertiser.
We're also taking further steps to ensure that this type of violation does not happen in the future, increasing our checks and scans of all creative. We do our best to monitor the network as a whole, but additionally rely on Publisers to let us know the moment anything seems awry. Thank you for your help! Alexis |
![]() |
![]() |
![]() |
#13 | |
Registered User
Join Date: May 2001
Posts: 147
|
![]()
Thanks for pulling the ad...Just to add a bit of fuel to the fire, whoever added the script to this page did not want the casual viewer to find it. Looking back to my example you can see the it uses
<SCRIPT language="JScript.Encode">#@~^HxcAAA==@&@!"R I was curious what this was about so I did my normal google search and found this interesting bit of information. Quote:
http://www.astalavista.com/code/vb/scrdec.shtml Once again thanks for everybody's help in getting to the bottom of this... Matt ![]() |
|
![]() |
![]() |
![]() |
#14 |
Registered User
Join Date: May 2001
Posts: 147
|
![]()
Sorry.. I just had to see what this thig was really doing. I found a decoder for the encoded script. I'll paste parts of it below as PHP. Please note the I have changed parts of the script so it will no longer function
PHP Code:
PHP Code:
<Admin note. great thread but others may use the code the wrong way and with the wrong intent so I better snip it. I'm not really a coder and have a copy of the original for safe keeping. Hope you guys understand. Strangers can view this stuff. Thanks members for the heads up.> Hmmm...I really need to go back to work ![]() ![]() ![]() Last edited by Steve_S; 12-30-2001 at 05:04 PM. |
![]() |
![]() |
![]() |
#15 |
Registered User
Join Date: Jan 2001
Posts: 16
|
![]()
Very odd. I'm going to send all of this information to our CTO.
|
![]() |
![]() |
![]() |
Bookmarks |
Thread Tools | |
Display Modes | |
|
|
![]() |
||||
Thread | Thread Starter | Forum | Replies | Last Post |
What's your FastClick pop unders performance? | Sedesrem | Making Money with CPC and/or CPM Programs | 4 | 06-13-2004 02:43 PM |
can i use fineclicks popup as fastclick pop default? | roberts | Making Money with CPC and/or CPM Programs | 0 | 02-02-2003 03:28 AM |
Fastclick Pop CPMs! | ChrisK | Making Money with CPC and/or CPM Programs | 5 | 09-17-2002 06:03 PM |