Tech Support Guy banner
Status
Not open for further replies.

tracking cookies that won't permanently go away ... (incl. 2o7)

6K views 35 replies 9 participants last post by  hewee 
#1 ·
i am having trouble permanently getting rid of several tracking cookies. i know that they are relatively harmless and they are easy to get rid of but my issue is that it seems like no matter what method i use to get rid of them they keep coming back.

this started about a month ago when i got hit with a handful of viruses which at least one of them installed malware / spyware onto my system and i was finding them attached to normally trustworthy programs and even programs that when you are hit with malicious software you turn to to fix the problem (spybot, AVG, webroot spysweeper, etc).

and lots of browser hijackers and whatnot...

after about a weeks worth of research and fruitless efforts to permanently solve the problem i resorted to reformatting and starting over.

i was problem free until i imported my saved bookmarks from in firefox using the restore option (JSON file) and then i started getting bombarded with tracking cookie alerts from resident shields, etc.

long story shorter, i haven't had a recurrence of the initial virus(es) but one cookie in particular - 2o7 - & a handful of others were going ape@&*!

2o7
yieldmanager
revsci
atdmt
tribalfusion
realmedia
webtrends

so my issue is this ... none of the software / sites i've tried or forums i've read have been able to tell me what is causing this, why i can't permanently get rid of it, where it hides or how it remanifests itself when AVG, spybot, webroot, malware, etc all tell me it's gone.

it's not the cookies i'm concerned about as much as it's the fact that something somewhere is pulling my PC's strings and i'm powerlesss to stop it. and i know that some malicious software can sit dormant for months until triggered by an action or on a timer or whatever.

at this point i'd be happy just to finally be permanently rid of this SOB but i'd REALLY like to know the what and where of it if i could because IMHO the creator is a genius. i've been DIY of my personal geeky universe for about 15 yrs and i haven't had something give me this much trouble since back in the early days when i was still learning or was playing with fire and got burned.

to wrap up, i have logs for: AVG, hijackthis, and webroot spysweeper just begging to be viewed ;)

thanks in advance

angdall

oh and the virus that i think might have been the culprit was SHeur3.GPZ if that's any help
 
See less See more
#2 ·
i'm not sure why i didn't go ahead and post the hijackthis log since that is generally the 1st thing most ppl want to see ... also since i posted i have dl'd & run SUPERAntispyware Free Edition as well as malwarebytes (FYI)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:04:37 AM, on 4/21/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\windows\Explorer.EXE
C:\windows\system32\RUNDLL32.EXE
C:\windows\SOUNDMAN.EXE
C:\Program Files\ImageShack\QuickShot\QuickShot.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Documents and Settings\Angela\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\windows\system32\taskmgr.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Documents and Settings\Angela\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Angela\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Angela\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Angela\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\windows\system32\dumprep.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SoundMan] "SOUNDMAN.EXE"
O4 - HKLM\..\Run: [ImageShackUtil] C:\Program Files\ImageShack\QuickShot\QuickShot.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HPHUPD08] "C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Angela\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SUPERAntiSpyware] "C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
O4 - HKCU\..\Run: [RegistryMechanic] "C:\Program Files\Registry Mechanic\RegMech.exe" /S
O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\windows\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://asia.msi.com.tw
O15 - Trusted Zone: http://global.msi.com.tw
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Desktop Manager 5.9.911.3589 (GoogleDesktopManager-110309-193829) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - PC Tools - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 9649 bytes
 
#5 ·
#6 ·
Dear Hewee,
Quote" Get a hosts file and that will block most bad and tracking sites" Unquote. That's it!:up::up:

My thought exactly!

Dear angdall,
kindly visit this site to download the MVPS Hosts file : http://www.mvps.org/winhelp2002/hosts2.htm If you peruse the Hosts file ,you will see many of the sites like "tribalfusion"etc, which will be prevented fro playing again in your "pool".

As advised before, kindly install SpywareBlaster from :http://www.javacoolsoftware.com/spywareblaster.html
Best wishes.:)
 
#10 ·
Dear hogndog,
Most welcome! It was hewee who made me take the first "infant steps" into understanding and putting "Hosts File" to good use! One can manually update the Hosts file or go the automatic route. Hosts Man is one such tool. BUT, when in the right-click context it did not score well, i am not having it in my arsenal. Kindly see my next post, which will follow immediately.:p:up:
 
#12 ·
Since you say you are kind of techie, you should look into Privoxy. I use it routinely. It enables you to block all kinds of internet annoyances.
Dear jimI8,
Since your post followed mine, i am wearing the "Boss Suit" if a techie, which i am not:D! It's Hewee who's the guy, most unpretensious and ever helpful who is the tech-boss!:up:

I have used Privoxy! I have used Tor! I have used Vidalia! The internet slows down so much , that you feel like you are on your way back home in Bangkok at rush time! Now, i am using Ultra VPN, an open source and free tool which is a"Chunnel", propelling your Bentley along! But, i have seen some connectivity probs. with "Ultra". Don't try any other free VPNs, as all of them are compromised by every kind of"ware". I am chugging along fine and phantom010 already says i have "overkill in real-time and otherwise too". He knows what he's saying, so i have to dump some! Best wishes.

PS: This, i promised in the previous post! Get WinPatrol! It is a gem for which you need not dig deep! Site : http://www.winpatrol.com/download.html
 
#13 ·
I am using Privoxy to speed up my internet connection. I really didn't know it can do others for me.
Dear EmilyRTM,
Ah! We meet again! This particular part about Privoxy should be of interest! " You can verify that Privoxy is running, and your browser is correctly configured by entering the special URL: http://p.p/. This should take you to a page titled "This is Privoxy.." with access to Privoxy's internal configuration. If you see this, then you are good to go. If you receive a page saying "Privoxy is not running", then the browser is not set up to use your Privoxy installation. If you receive anything else (probably nothing at all), it could either be that the browser is not set up correctly, or that Privoxy is not running at all" http://www.privoxy.org/faq/misc.html

Have you gone to the site mentioned above by the developers to check out whether you are actually running "Proxy"?
Now, here's something to smile about(some may guffaw!) "
"4.25. I've noticed that Privoxy changes "Microsoft" to "MicroSuck"! Why are you manipulating my browsing?

We're not. The text substitutions that you are seeing are disabled in the default configuration as shipped. You have either manually activated the "fun" filter which is clearly labeled "Text replacements for subversive browsing fun!" or you are using an older Privoxy version and have implicitly activated it by choosing the "Advanced" profile in the web-based editor. Please upgrade ".

Now that makes my day! I have learnt that there is a "fun" filter somewhere! You see, dear Emily, if you enter as a novice ( which i still am, but improving daily), you will learn things which nobody can teach you anywhere! This much i can promise you! But some people come to teach and will usually fall flat, because the knowledge base of this site is gigantic! You will make friends and some, you will learn to respect for their knowledge and more importantly"WISDOM". This site has saved my physical health and mentally propped me up many a times, in ways which only i know!:):up:Best wishes!
 
#14 ·
Actually, I think that microsoft/microsuck thing was in direct response to me.

I've use Privoxy since shortly after it was released, and I used internet junkbuster (Privoxy's direct ancestor) before that.

Time was, that "fun" filter was set to "on" by default, and I encountered that microsoft/microsuck thing. When I encountered it, I contacted the website owner and suggested his site had been compromised. He checked, and told me that it hadn't been. So I did some simple tests and found that privoxy had done it.

I then flamed Privoxy all over the net, and blasted the developers directly, both publicly and in email, for doing that. Their response was rather huffy, that I should have known enough to turn off the filter...

I let 'em have it for that too, and wondered aloud what other insidious things that rogue software was doing. So now, it is shipped with the filter turned off as it should be.

But Privoxy won't slow down your internet connection. If anything, it will speed it up because it blocks the download of advertisements and prevents a lot of the javascript annoyances that suck up bandwidth (such as predictive downloading).
 
#15 ·
perfume, I used the hosts file foe years before it hit me that I was not controlling cookies the best way and after I changed so I use the Exceptions list to control the cookies I said wow what took you so long to make the change. The Exceptions list only has sites listed that I need to be there so all others do not.

With spywareblaster the blocking for Firefox I have disabled because it is not needed. For Firefox all spywareblaster does is add all those sites it blocks to the Exceptions list and marks them as block.
But my cookies setting all sites are blocked by default so no need to add them to the Exceptions list.
 
#16 ·
Dear hewee,
" I use the Exceptions list to control the cookies I said wow what took you so long to make the change"! Right indeed!Since i exclusively FF, i can easily add the sites to visit, but i never knew it will not allow other sites! Did i read you right,dear Hewee? Recently, i needed to look up a lyrics website which is safe and i found "sing365.com". I have verified it's safety and it came up trumps! Thankx:up:
 
#17 ·
I am using Firefox 2. You need to go to FF, Privacy Options and uncheck Accept cookies from sites

Accept cookies from sites

By default cookies are enabled. Uncheck this optionpreference to disable the
use of cookies. Note that some sites may not work properly when cookies are
disabled.
This disables all your cookies and will only go by what cookies are in the Exceptions list.
So know all cookies are using the Exceptions list rules of allow, allow for session and block.
You should really not need to have any listed as block so all the block sites that you had when you was dealing with cookies the old way you can delete because remember your blocking all cookies by default now and using the Exceptions list rules.
Now you may want to have some still that you block but they would only be because they are from the same site you gave a cookie rights to allow but that site may have added cookies that you don't need. Doing all this can get harder because if you block one wrong cookie you have to take all the block ones from that site and change it back and start over.

But the blocking of cookies from spywareblaster, Spybot SD, etc etc you don't need.

If you did not say it was OK to set the sing365.com cookie and you got it just because you went to the site then you have not setup the Exceptions list rules the right way.

The use of cookie safe lets you have a temp cookie that can be used if you need to allow a cookie to get the site to work but it will not get to the Exceptions list.

The Exceptions list once you gave all the sites you go to setup should not grow but stay the same.

Then the cookies you keep can be even less if you say the site can set "allow for session" because it has rights but only for the session. That way you never have to worry about having all these added cookies for sites you need cookies for but you don't go to those sites much so no need to keep a cookie.
 
#18 ·
My Dear Hewee,
that was top class advise, which i am going to implement straight away! That's okay as far as FF is concerned, but what about the other browsers--->Safari,Opera (forget IE :D)?

Another thing! As you keep on using the web, you come across sites which you find very useful and need to access frequently, can these be added to the "exeptions list", because you mentioned the list should not become bulky over time! What about google.com?:confused:

PS : Recent news is Google was asked for private info' of individuals by three countries and by priority, they were
China, Brazil and India!:rolleyes:
 
#19 ·
Dear jim18,
Hi there! The post as you can see was addressed to Emily RJT and the reason i asked her to check up with the site, was only a word of advise given in good faith!

As i was going thru' the FAQs "the Microsuck" attracted my attention and everybody here knows that i like to spice up my posts and the majority take it in their stride!

I want you to use the"TOR Bundle" as a proxy and check the speeds and see how garbled even techguy appears! I am not casting aspersions on "Privoxy" since i have not used it as a stand-alone and thus has no right to "blah" about it! On the other hand Privoxy deserves all respect, especially from me as i have moved (almost!) to fedora 12. Microsoft is a monopoly and the Linux distros are challenging it's vice-like grip!
Before deciding which flavour i should choose ,people suggested "PCLos", "Puppylinux" Ubuntu,etc! The only reason for my plumping for fedora was a teacher in Unix uses Fed. and he being a close friend of mine was there to help me out! DON'T BELIEVE THAT LINUX IS A WALK IN THE PARK. EVEN WITH THE KDE INTERFACE ONE NEEDS TO KNOW SOME "TERMINAL"LANGUAGE!:rolleyes: Man, i am gasping for breath!:)
 
#20 ·
I want you to use the"TOR Bundle" as a proxy and check the speeds and see how garbled even techguy appears! I am not casting aspersions on "Privoxy" since i have not used it as a stand-alone and thus has no right to "blah" about it!
OK. At this moment, I am accessing this site using Firefox 3.6.3, with Tor enabled, and going through Privoxy, all on my Mandriva 2010 Linux workstation.

Everything looks fine. I see no problem.

Tor probably does slow the network down a bit; it bounces your connection all over the place so probably the latencies are a bit longer. But I don't see any problems.

Here's a screenshot, so you can see the Tor enabled:
 
#21 ·
My Dear Hewee,
that was top class advise, which i am going to implement straight away! That's okay as far as FF is concerned, but what about the other browsers--->Safari,Opera (forget IE :D)?

Another thing! As you keep on using the web, you come across sites which you find very useful and need to access frequently, can these be added to the "exeptions list", because you mentioned the list should not become bulky over time! What about google.com?:confused:

PS : Recent news is Google was asked for private info' of individuals by three countries and by priority, they were
China, Brazil and India!:rolleyes:
I only have IE and I block out all cookies in IE. IE is only used for MS updates and my setting are really high and that is in the Admin account. The user account IE can't do much at all because it does not have rights and I don't care because I don't use it.
http://www.spywarewarrior.com/uiuc/main-nf.htm
Look under "Browser Configuration" for other Browsers.

Now I had a couple cookies still from MS that was still showing up because MS gets around some things no matter what. See http://forums.techguy.org/7093366-post8.html

Later on if you find new sites and you need a cookie to get the site to work then yes add it to the "exeptions list". If you have cookie safe then you can pick "temp" "allow" "allow for session" but the temp one never gets added to the "exeptions list"
Now reamember if your using NoScript that you may need to gave that site rights first and on some sites even if the site has rights to set a cookie it can not unless it has java script rights.

If you do not have Gmail then you can block google.com and many others
I have gmail so have it so it sets a session cookie and as soon as I do a search I clear the cookie.
Also after I logout and leave the login page I clear the google cookies.
You can not logout and clear the cookies because google puts a cookie back right away so you got to logout and close that window and then clear the google cookies.

But if you do not have gmail or need any of the gmail cookies then if you set up the "exeptions list" in the right way then No it does not need to be added to the "exeptions list" because you don't need the google cookie and your blocking all site be default.

Note that going to other site like youtube and some blogs and even any site that has a search that is powered by google may be able to set a google cookie.
Yes it is a 3rd party cookie but if you gave google rights it can still set a cookie.
That is why I have a CookieCuller on the toolbar to be able to look at all the time and I always look at and clear before going to another site. Just mark the ones you want to protect.

Here are some other google sites and I know there are more because google keep adding sites.
Note if you deal with some of these sites then you may not want to block them because you will not be able to get to the site.

127.0.0.1 blogsearch.google.com
127.0.0.1 books.google.com
127.0.0.1 checkout.google.com
127.0.0.1 docs.google.com
127.0.0.1 finance.google.com
127.0.0.1 groups.google.com
127.0.0.1 labs.google.com
127.0.0.1 news.google.com
127.0.0.1 picasaweb.google.com
127.0.0.1 scholar.google.com
127.0.0.1 www.blogsearch.google.com
127.0.0.1 www.books.google.com
127.0.0.1 www.checkout.google.com
127.0.0.1 www.docs.google.com
127.0.0.1 www.finance.google.com
127.0.0.1 www.groups.google.com
127.0.0.1 www.labs.google.com
127.0.0.1 www.news.google.com
127.0.0.1 www.picasaweb.google.com
127.0.0.1 www.scholar.google.com
127.0.0.1 onlinestores.metaservices.microsoft.com - From Windows Media Player
127.0.0.1 www.onlinestores.metaservices.microsoft.com - From Windows Media Player
127.0.0.1 c.microsoft.com - aways sets a cookie
If you ever have a website that you seem to not be able to get the cookies to work you had better take a very close look at the cookies because if it is listed it may be listed as blocked when you wanted allow. Cookie safe will show you. Then if you have allow listed for a site in the "exeptions list" but you can not get the site to set a cookie just delete that site from the "exeptions list" and close Firefox and open to see if the site is gone from the "exeptions list" and try again. A bug I think gets in there now and then and doing this works to clear thing.

Get MozBackup and do a backup.
As your learning to deal with the cookies the right way you may screw up and who wants to start all over so you can do backup and do more then one as you are cleaning up and making a new list.
Then once all is working make a backup again.
 
#22 ·
Also some sites and you see this more now and I think it is growing and that is the cookie or some way of tracking that is not in the cookie but in the link.

Like http://www.viruschief.com takes you to the site but then your see the added /52a96b2f574e385a2e6fa15618162da2/
http://www.viruschief.com/52a96b2f574e385a2e6fa15618162da2/
If I got to the http://www.viruschief.com again that 2nd part changes
http://www.viruschief.com/218ab499bbcfb817edc8e07a74793d60/

You got to watch this if you post links from the address bar.
Watch it even more if it is from a site you have an account with because that link could have other info in it like user name or email address.

I get a newsletter that is sent to google and then I can click the links that take me to his site.
If I copy the address from the address bar it takes you to it is safe but some may not be safe to copy.
If I copy the name text link from the newsletter using CoLT then it copys out my email address also. Email address is needed because you have to sign up at the site. But if you don't look and check links you may copy and paste info not needed.

Same goes with some sites that have a very long link but maybe nothing from the ? and what is after that is needed so you can delete "? and what is after that" to post or bookmark.

http://www.amazon.com/dp/B001KLEUOA...creativeASIN=B001KLEUOA&tag=cnet-frontdoor-20
But you only need this.
http://www.amazon.com/dp/B001KLEUOA/ref=asc_df_B001KLEUOA1092859
The first link came from http://www.cnet.com/
Save $100 ViewSonic VT2430 24-inch 1080p LCD HDTV

So all the rest of the link is tracking you.who it came from, etc, etc.
 
#23 ·
hewee and perfume Ive learned more from the two of you than I've learned on the web in my 4 + plus years, one day I can't remember when a person said a good firewall and host files were all you needed to keep the bugs away like it was an aerosol can you could spray at cookies and malware, I'm beginning to believe it.. :up:

Thanks :up:

Hogndog

 
#24 ·
Dear Hogndog,
all the credit goes to hewee! If you read his posts, you will find ,what a mine of info' he is and how well he has grasped the essence of computer knowledge! I can tell you, that i have benefited immenensely both from TSG and people like hewee! Check out for ex. "cookieculler"! Thank you and wish you all the best!:):)
 
#25 ·
There's another small software "G-Zapper" (G for Google), which is free for one month and then the nags start!
 
#26 ·
The both of you deserve credit, I wish Avira would start using the version 10 definitions, so far I've only been able to bring those for version 9.

Hogndog...

Thanks again! :up:

 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top