A client has sent an email demanding that I remove links from one of her web sites (http://www.aaajapaneseimports.com/
, pardon the engine sound) to other web sites. The links she is seeing do not exist in the code for any of the pages. She was able to copy the home page from her browser and send me the code, and there are tags around certain phrases in the copy which contain the IDs FALINK_2_0_1, FALINK_3_0_2, FALINK_1_0_0, all with class= FAAdLink, I've attached a code snippet of what I get in the email. When I mouse over the links in the email she sent, all of them go back to her website, but when she clicks the same links in her browser she gets taken to http://www.internetcorkboard.com/search.php?q=used%20engine
. None of these links in the body copy actually exist in the AAA site page, and the phrases contain no tags when I view them in a browser from any of my computers.
My guess is that she has a virus or a trojan on her (Windows) machine, but I haven't been able to turn up any mention of the purpose or origin of these IDs or the class in a search, although I can see that the class and IDs are in lots of pages on the web. I've searched the ExpertBase here and have gotten no results, and I've also searched at dmoz.org and CERT (www.us-cert.gov
) with no luck.
I guess my specific questions are 1. does anyone know what these IDs are or what generates them and 2. where else should I be looking for this kind of information?
AAA JAPANESE IMPORTS is proud to be the leader in the <a rel=3D"nofollo=
w" id=3D"FALINK_2_0_1" class=3D"FAAdLink" target=3D"_blank" href=3D"http://=
www.aaajapaneseimports.com/#"><font color=3D"#1c7dff">used engine</font></a=
> and transmission industry.