Cookies from Drudge or FreeRepublic?

My Computer | 11/1/02 | Self

[Positive]

On any regular day I will go to Drudge then come to FreeRepublic, I've been doing this for years now.

Lately, when I move from one to the other I get a full screen pop-up taking me to a site called WWW.SpyOnYou.com. It always seems to occur after I click on my link to FR while on Drudge or vice versa.

I've searched for cookies and sure enough I find one - then I delete it - then later the popup occurs again - and the cookie is back.

Any ideas on how to skip this part of my internet experience?

[Jorge]

"But what really ticked me off is the program generating phoney virus files and producing these pop-up alarms...telling me that it has detected files infected with viruses on my computer but wasn't able to neutralize them because my Norton Antivirus program was not up to date."

Producing phony virus files?? I apologize but I have trouble believing that Norton would do that. I would contact them if I were you, but I seriously doubt if a reasonably reputable company like Norton would do that.

Don't apologize. I wouldn't have believed it either prior to this experience.
But when you look at the sequence of events, I challange you to come up with a more plausible explanation.

1. I had my Norton program operating for almost a year and no viruses were ever found on my computer, and I had no problems.

2. I then had the Norton program notify my a couple of times that my subscription was about to run out and I should renew it to keep my virus protection up to date.
I ignored this.

3. I then began having Norton give me warnings that my subscription had expired and that it was important that I purchase updates to protect my computer.

These new warnings were a shocking red color and full of explanation marks etc.

I don't like these kinds of high pressure sales tactics and so I ignored these messages as well.

4. After repeatedly getting the above sort of messages almost daily....next thing I know I got a message telling me that Norton had detected a file containing a virus on my computer but could not protect my computer from it unless I purchased new updates from Norton.
OK? Are you following this?

5. I located and checked out the so-called "virus" that Norton warned me about....and it turned out to be NOTHING. It was totally empty. It's content equaled ZERO bytes. NADA. ZIP.

I had this same thing occur a few times...and each time the "viruses" not only did no damage to my computer...but they were totally empty files.

______________________

Explain these increasingly high pressure sales pitches coming from Norton....which ultimately turned into false virus alarms.

And how Norton didn't find a single virus the entire time my subscription was paid for and up to date.
But as soon as my subscription ran out all of a sudden Norton was sounding the alarm about "viruses" on my computer which I could only kill if I purchased new Norton updates.

Give me a break. I know when I'm being conned.

Tell me...how is it that the Norton program even KNEW these files were "viruses" if it wasn't updated to handle them as it claimed?
How could it possibly identify them?

The fact is it couldn't. This is BS. Norton generates phoney virus files to try to scare people into purchasing updates.
There is no other plausible explanation. They are thieves.

I wouldn't contact Norton about this as you suggested....if anything I would contact the Better Business Bureau.
I have the origin Norton AntiVirus disk and I am certain this little deception is programed into it.
These people are freakin stupid.

[Bella]

OK, we did exactly as you said, and we're STILL getting that Internet Script Error....What do you think is wrong?? Could it be that we have Windows ME--is this compatible??

[meyer]

Explain these increasingly high pressure sales pitches coming from Norton....which ultimately turned into false virus alarms.

And how Norton didn't find a single virus the entire time my subscription was paid for and up to date. But as soon as my subscription ran out all of a sudden Norton was sounding the alarm about "viruses" on my computer which I could only kill if I purchased new Norton updates.

Give me a break. I know when I'm being conned.

Well, I can't explain that, particularly without seeing exactly what's happening. Its just that I have never heard of this happening with Norton, McAffee, or many other reputable software companies. Doesn't mean it isn't happening. Perhaps they've changed their strategy in a desparate attempt to gain customers.

I have, however, noticed a real downturn in the functionality of Norton Utilities since I bought a version for my new XP machine. And this is after years of swearing by Norton products on my older Win 3.1 through Win-98 machines.

Tell me...how is it that the Norton program even KNEW these files were "viruses" if it wasn't updated to handle them as it claimed? How could it possibly identify them?

The fact is it couldn't. This is BS. Norton generates phoney virus files to try to scare people into purchasing updates. There is no other plausible explanation. They are thieves.

Well, maybe they are older viruses. Ones defined already. There are tens of thousands of viruses out there, and only a handful of new ones every week. At any rate, I'll be checking the newsgroups for a second opinion before I chuck Norton from my computer.

I wouldn't contact Norton about this as you suggested....if anything I would contact the Better Business Bureau.

Why not contact both? See if Norton has a satisfactory explanation first. Then, if they don't, call the BBB and explain the situation. I have the origin Norton AntiVirus disk and I am certain this little deception is programed into it. These people are freakin stupid.

[SupplySider]

I'm still having this problem. In fact, "SpyOnYou" just popped up. It does seem to be related to Drudge and/or FR.

I've tried several pop-up blockers, constantly clear cache and cookies, tried AdAware...Anyone have anymore ideas, short of switching to Mozilla?

[SupplySider]

Did you ever solve this problem? I was still getting it after trying numerous pop-up blockers and in spite of always cleaning the cache and removing cookies. It was consistent with visiting Drudge. Could it have been some kind of hidden program that was put on my system that created the 'spyonyou' cookie?

I finally broke down last weekend and wiped my hard drive clean, and reinstalled everything from scratch. The problem seems to be solved..

[Positive]

No the SpyOnYou still shows up and it seems to always occur while transitioning between Drudge and FreeRepublic.

Interesting that it disappeared and has not yet re-appeared since you reformated your disk.

Would you let me know if it comes back...if it is related to a website we have visited, I would expect it to be put back on your computer if and when you visit that site.

[TBP]

Very interesting discussion.

[SupplySider]

I will let you know if it comes back, or in a couple of weeks in any case. By the way, I have a hardware firewall (Linksys router)and always used virus protection. This is a mystery to me, and even made me wonder if it was some kind of mischief by folks opposed to conservative sites.

[nutmeg]

bookmark bump

[SupplySider]

Almost three weeks now since I wiped my hard drive and reinstalled all my programs and no sign of "spyonyou" or the 2-3 other noxious websites that were popping up. I still visit Drudge, FreeRepublic and all my usual sites.

[Positive]

Hi - Thanks for the update. I still get spyonyou but I haven't been getting the other (obnoxious/porno) ones. I have detected and deleted a couple of "back-door trojan horses" and installed (Ad-Subtract) popup killer, still get spyonyou.

I guess you approach is the one that works - been trying to avoid it, I have 57 Gigs of stuff on my 80 gig drive. We're talking many hours of re-installing and restoring, just to avoid Xing that popup. One day I'll do it.

[SupplySider]

May I ask, how did you find the trojan horses?

Good luck. That reinstall took me all weekend, but besides eliminating the infernal "spyonyou" it also cleared up a few other software problems.

[Positive]

Hi - "May I ask, how did you find the trojan horses?"

I found them with Norton AntiVirus 2002. Problem is that even though I quarantined them then deleted them, the SpyOnYou page still pops up from time to time and I've run the AntiVirus again and no Trojans. So it ain't trojans.

Ad-Subtract pop-up killer doesn't stop it either.

I'm sure that doing what you did would cure me too, but my concern is that however it got into my computor it can do it again - unless they quit trying.

[Coleus]

Where can you find your register and what files should I look for?

[Nick Danger]

This has nothing to do with FR, or AdWare. It doesn't really have anything to do with cookies, except that Drudge's advertiser puts one on your machine to make sure they don't send you a pop-up too often.

If you "View|Source" on drudgereport.com, you'll see this near the top of the HTML:

< POP-UNDER CODE v1.7 for drudgereport.com >
<
var doc=document;  var url=escape(doc.location.href); var date_ob=new Date();
doc.cookie='h2=o; path=/;';var bust=date_ob.getSeconds();
if(doc.cookie.indexOf('e=llo') <= 0 && doc.cookie.indexOf('2=o') > 0){
doc.write('scr'+'ipt language="javascript" src="http://media.fastclick.net');
doc.write('/w/pop.cgi?sid=8627&m=2&v=1.7e&u='+url+'&c='+bust+'">');
date_ob.setTime(date_ob.getTime()+43200000);
doc.cookie='he=llo; path=/; expires='+ date_ob.toGMTString();} // 

< POP-UNDER CODE v1.7 for drudgereport.com -->

That's where the pop-up is coming from (actually it's a pop-under). It's a JavaScript on Drudge's home page. You could disable JavaScript (called "Active Scripting" on IE) and that will kill all pop-ups of this sort. Unfortunately, it will also disable a lot of the commercial sites you visit.

You can delete cookies until you're blue in the face, and you won't make this go away. In fact it will happen more often, because these guys use a cookie to limit how often they hit you with the ad.

[Consort]

I'm using Mozilla v3.1.

[Political Junkie Too]

I endorse this recommendation.

I use AdSubtract Pro as well as Zone Alarm Pro. I don't use Zone Alarm's cookie blocking because it is all or nothing. I like the customization of AdSubtract. Furthermore, AdSubtract will stop redirects and auto-updates, providing you with a manual switch instead.

I take things one step further. I use the McAfee suite of virus protection called Internet Security. This suite combines their previously separate products VirusScan, Guard Dog, and Firewall. I don't use Firewall, but I love Guard Dog. Guard Dog will alert you if sites are putting cookies on your machine, especially when indirect sites (sites you haven't visited but have banners on the current site) try to put cookies on your machine. Also, Guard Dog will automatically delete cookies for sites not bookmarked when you exit the browser. Furthermore, Guard Dog will alert you when one program tries to launch another program, when personal information (like your name) is being sent across the internet, etc.

You will be surprised at the number of cookies FreeRepublic puts on your computer because of all the imbedded graphics posted on threads. Guard Dog is constantly telling me that MSNBC or some such site is trying to put a cookie on my PC when I open a thread with photos linked from these sites.

-PJ

[Freedom2specul8]

"spybot search and destroy" did a great job removing xupiter from our computer.. man, that was one of the worst I've ever seen. I sent them a nasty email about their product.. Ha ha, like they'd care.

[Varmint Al]

I have been running Ad Aware for about 4 months and it seems to work very well keeping my cookies from loaded up from spyware.

However, each time I get a new pop-up window, I right click on it, select properties. Then I copy the URL up to the end of .com and add it to the list of restricted sites. The drill is:

In IE, click on tools.
Click on the dropdown menu of Options.
Then click the Security tab and then click on Restricted sites, then click on Sites.
This brings up a text slot "Add this Web site to the zone: where I paste the URL and then click Add.

Here is the list of sites I have added to my restricted site list. For heavens sake don't click on any of these links. I put them in a format so they shouldn't be hot links.

Web sites that have either popped up or have generated bad cookies:
http://ad.doubleclick.net
http://m2.doubleclick.net
http://m.doubleclick.net
*.doubleclick.net
*.doubleclick.com
*.fastclick.net
*.doubleclick.com
*.fastclick.net
*.fastclick.com
http://ads.x10.com
*.x10.com
http://cserver.mii.instacontent.net
*.x10.com
http://cserver.mii.instacontent.net
*.instacontent.net
*.instacontent.com
http://ww2.weatherbug.com
*.weatherbug.com
http://ww2.weatherbug.com
*.weatherbug.com
http://www.sharewareonline.com
http://banners.valuead.com
http://banners.valuead.net
http://ads.yourfreedvds.com
http://banners.valuead.net
http://ads.yourfreedvds.com
http://ad.trafficmp.com
http://images.trafficmp.com
http://a248.g.akamaitech.net
http://www.netvisionsenterprises.com
http://a248.g.akamaitech.net
http://www.netvisionsenterprises.com
http://z1.adserver.com
http://www.angelfire.com
http://us.a1.yimg.com
http://www.image.ft.com
http://us.a1.yimg.com
http://www.image.ft.com
http://info.accumail.com
http://shopping.webmarket.com
http://amch.questionmarket.com
http://clickit.go2net.com
http://amch.questionmarket.com
http://clickit.go2net.com
servedby.advertising.com
http://servedby.advertising.com
http://bannerfarm.ace.advertising.com
servedby.advertising.net
http://bannerfarm.ace.advertising.com
servedby.advertising.net
*.servedby.advertising.*
servedby.advertising.us
*.servedby.advertising
http://img.mediaplex.com
*.servedby.advertising
http://img.mediaplex.com
http://view.atdmt.com
http://spd.atdmt.com
http://www.flowgo.com
http://www.linkfinding.com
http://www.flowgo.com
http://www.linkfinding.com
http://ads.fortunecity.com
http://www.fortunecity.com
http://a.tribalfusion.com
http://ad.smni.com
http://a.tribalfusion.com
http://ad.smni.com
http://static.smni.com
http://ads.hitcents.com
http://radiop1.xr1.net
http://ad.linksynergy.com
http://radiop1.xr1.net
http://ad.linksynergy.com
http://www.jit-software.com
http://www.hotels.net
http://www.perfiliate.com
http://www3.bannerspace.com
http://www.perfiliate.com
http://www3.bannerspace.com
http://global.msads.net
http://subs.timeinc.net
*.valueclick.net
*.valueclick.com
*.valueclick.net
*.valueclick.com
*.valueclick.org
*.valueclick.usa
*.valueclick.info
http://www.youclick2earn.com
*.valueclick.info
http://www.youclick2earn.com
http://63.246.3.5
http://209.164.32.120
http://208.253.92.54

Some of these might be redundant, but this list is working. Very seldom does Ad Aware find any new offending cookies now.

[VRWC_minion]

In fact it will happen more often, because these guys use a cookie to limit how often they hit you with the ad.

Whats really needed then is a cookie that lies.