Re: More on the hijacking popups here
I don't know which java I'm talking about. iframe2.js (java script?) was in my temporary internet folder and had a boatload of references to zedo.com (where some of the popups came from). When I come to this site, my NoScript Firefox Extension begins blocking and "informing" me of all these domains trying to run...java? java scripts? If I don't let them, I get no popups. nvnews java begets pricegrabber java. If I block nvnews, pricegrabber doesn't even show up. Who knows what pricegrabber will beget, or the intellitxt one.
I put 2 and 2 together and figure those java things are the source. I could be wrong, and I sure don't know exactly how it works, but I'm pretty sure that's where they come from. I offered my entire cache and cookies copied during and "episode" for examination a while back and to MikeC in a PM, no one responded.
More on the *.js files, from memory now, so not real acurate. I saw suspicious parts something like "position or size=absolute" and "directx9 opacity=100%". Full screen, invisible Flash link (the hijacking)? Stuff like that. Most of it was mumbo jumbo to me though so I couln't pin it down.