Hey please do me a favor go read this new thread of mine and tell me if you think Im infected or not!
It will explain My story.
I would give out the URL but I took it off line till I get this problem fixed!
Oh and by the way post replies on that thread not this one-thanks

http://www.gofuckyourself.com/showthread.php?t=714455

http://alexa.com/data/details/traffi...m%2Fgoanal.php

holy fuck

yeah not bad for a site with only 10 thumbnails on it most of which look like diseased asian hookers huh?:thumbsup

I received a little bit different prompt than you, judging from the Google bar prompt you had. The 'video' just had sound and the link in the video goes to activexvideosoftware-dot-com/main/setup.exe
It appears that the guy that owns assisass.com owns roccomovies.net. Assisass.com has been spreading trojans for a very long time now

http://img89.imageshack.us/img89/653...ivexvidbt6.jpg

There are two types of codec-style exploits:

The one that microsoft mentions, which uses either a malformed wmv file or similar, which is a true security exploit, and the "you need a codec" sites that are using pure social engineering to get installed.

The social engineering approach is the hardest one to stop, because human nature is "install stuff to see video". It is the same reason why people foolishly install things like Zango. They think they are going to see a video or play a game. They don't realize that they will be installing a spyware piece of shit that is going to pop shit all over their screens when they surf. If they knew that, they would never do it.

The only reasons any of this stuff works is because programs are willing to pay money for the traffic generated from it. Pure economics says that if nobody was paying, nobody would do it.

Then again, Zango forced Lars to do it. I wonder how many other people have been forced?

So now cheating affiliates who couldn't get any of the money they stole, can now report themselves and get 10% of it; repeat process.

Exactly like I said before the only way to narrow this down to a dull roar is to get sponsors to spyware proof their content and non of them are standing up to say "Hey ya thats a good Idea"!

Why would they?

They are too busy drinking martinis at the Ritz Carlton.........With our would be sales.

bump bump

I think some of the bigger programs care, but not enough to terminate the accounts due to the possible retribution (who wants those bastards to suddenly send traffic going to my domain, somewhere else?)

Docs a smart guy and makes some good points

Anybody with half a brain can make that stuff nearly undetectable, so any complaints made from tests don?t rise above the din of the normal everyday querks or fuckups

Well just sit back and whatch what happens next!

We closed 2 affiliate accounts, that were doing this shit, we monitor our reffering urls pretty close, and caught them pretty fast.

right now we are waiting on ccbill, to send us the money that was held from those affiliates, so we could pay directly to those who were hit by this.

I think ccbill should provide all the info they have on ppl like this so we could act on our own aswell. (of course once they confirmed the issue)

What company are you?

Any program owner with even the least amount of sense would not consider that arguement. If they're capable of redirecting traffic at the join page they're more likely to redirect to a different program with a higher payout - without any provocation - than they are to redirect out of retribution.

Many join pages are very generic looking, the end user probably wouldn't notice he had been redirected to a different site until the last moment.

glad to hear paysites like yours are being proactive about this. I agree with you re: ccbill sharing information, in their defense they may be concerned about liability for slander though (which isn't to say that such information can't be quietly leaked to program owners).

WARNING - do NOT install any of these codecs - do NOT visit without good anti-virus protection

This TGP http://adultau.com/?id=1110&t=4 is linking this gallery http://coolbestporn.com/robin/330225868/1/?id=1110

which upon clicking one of the videos loads the page http://coolbestporn.com/robin/330225...53bXY=&id=1110 kasperky is warning of "Trojan.Win32.DNSChanger.ir" trying to auto-install
the affiliate link on that gallery is http://collegepartytime.com/ref/1004000/ so maybe the blockboostercash guys can identify him.

Here's another doing the same with a TCG gallery: http://porn-room.net/obedience/1619577015/1/?id=1110
affiliate link from that gallery: http://www.castingcouchteens.com/?wm...tbond&cf=&sub=

Same for http://teenporntop.com/harman/1312166799/1/?id=1110
affiliate link: http://www.tamedteens.com/go/596263/22/9/n/

http://porntimeguide.com/alphinias/1...021/1/?id=1110
affiliate link: http://armyofass.maniacpass.com/?id=rikki&pt=p

http://pornhelp.net/pheney/1107727492/1/?id=1110
affiliate link: http://teen-stop.com/?id=crossales

http://xxxadultgold.com/bo/616802479/1/?id=1110
affiliate link: http://secure.hardcoreteeniesex.com/...0:HCTS,0,0,0,/

There's a TON more. The http://adultau.com/?id=1110&t=4 appears to be getting all traffic clicked from http://www.free-nude-photo.org/ which signed up for a trade on my site using IP 64.22.82.232 @ 15:22 EST on 3/21/07 (in case anybody really feels like tracking down this fool).

I haven't reported these yet to the proper sponsors, just too damn late at night for me to screw with atm :P so if anybody feels like messaging the sponsors before I do tomorrow go right ahead...

Yeah... I always wondered why Choker still accepts his traffic.

ive witness this code changing shit live on my girlfriend PC, i was working on my blog then testing my sponsr links and all my afilliated code were changing to another code when i was clicking my links
ive start a post on traffic cash gold board ans still waiting a response..

here is a copy on my post on TCG

bump for this thread which needs the attention of every webmaster and sponsor program!

Bump to page 1 - very interesting thread.

It's more like a big red warning light.

it seems like alot of webmasters just dont give a fuck about the overall industry Greedy huh?

back up there