50 Tracking Cookies

Norton Security | Norton Internet Security
1

I am running two system, one with XP Pro SP3 and one with Win7 Enterprise 64bit SP1.  Both are running NIS 2011 with Firefox 5.0 and IE 8.  For the last several weeks both Quick and Full System scans have been detecting and supposedly removing exactly 50 tracking cookies.  That is to say if i immediately rescan the systems, it comes up clean.  However, if I run Firefox (with internet connected), the 50 reappear in the next scan.  Firefox Options>Privacy was set exclude third party cookies, but now keeps showing up accepting them, and there is indeed a list of cookies, including a rogues gallery of the most notorious privacy invaders in the industry, that refuse to be deleted.  I've run the Norton Power Erast tool and scanned the XP system from the NBRT.  Both come up empty (no detection).  Interestingly, in IE8 (cookies set the same as Firefox), I was able to delete the cookie site list.

 

Is anyone else seeing this problem, and has anyone found a way to permanently get rid of the infestation?

 

-- Jim

2

StekertJ,

I think I'd want to run a free version of Malwarebytes scanner. It does things a bit differently and might find the root of your problem. If that didn't do the trick I'd be heading to www.bleepingcompputer.com for some real help :smileyhappy:

3

Dick,

 

Thanks for the suggestions.  I went to the malwarebytes site and downloaded what turned out to be ARO 2011.  When I ran it, it cleaned a carload of items from the XP system but didn't get the 50 tracking cookies (they returned when I reopened Firefox).

 

I was browsing the bleepingcomputer site when it occurred to me that if IE cleaned up but FF didn't, the problem might be with the FF add ons.  So I started FF in safe mode with all add ons disabled, and found I then was able to delete the FF cookie list.  By then enabling the extensions one at a time, I found the culprit to be the one called Privacy Choice Tracker Block v.2.0.1. It was reinstalling the tracking cookies NIS was removing and then preventing their deletion while FF was open.  It's now long gone, and FF has remained clean through several cycles.  I've reset the cookie filter parameters and the other privacy add ons, so let's see if it stays clean.

 

Thanks again.

 

-- Jim

4

Hi StekertJ,

 

I am wondering if TrackerBlock was retaining opt-out cookies, which is one of the stated methods used by this add-on.  Many sites that use tracking cookies allow you to opt-out, but they will need to set an opt-out cookie on your browser in order to recognize you as having opted-out of tracking.  It may well be that TrackerBlock was maintaining such a cache of opt-out cookies that Norton was removing and TB was restoring.

5

Could be.  But I don't trust those trackers on my systems for any reason.  The only way I'll opt out is to make sure they have no access in the first place.  My strategy here is the same as for spam and other intruders.  I stealth the system to the extent I can, restrict access, don't respond to inquiries without trust, and hope I don't do something dumb :-].   Where I fail, I clean up, adjust my filters, and chalk it up to the cost of doing business on the Net.  Hense, TB goes.

 

-- Jim

6

Hi StekertJ,

 

The best way to handle cookies in Firefox is to configure the browser to delete all cookies, except the ones you specifically allow, when the browser closes.  Here's how you do that:

 

http://www.ghacks.net/2011/03/09/configure-firefox-to-delete-all-cookies-on-exit-but-select-ones/

 

I would also recommend SpywareBlaster, a free program that uses passive protection to block bad sites.  It will populate the Firefox Cookies Exception List with sites that are known to set tracking cookies, and will instruct Firefox to block them from setting cookies, as shown here:

 

Firefox Cookies Exceptions.JPG

7

Interesting.  I'll give Spyware Blaster a try.

 

Many thanks.

 

-- Jim

8

The three main things that SpywareBlaster does is to set killbits for known malicious ActiveX controls, populate the Restricted Sites Zone in IE with a list of known dangerous sites, and populate the Cookies Exceptions lists in IE and Firefox with sites to be blocked.  SpywareBlaster doesn't actually run its own protection components - it just sets these controls for you and then you close it.  Basically it just simplifies a tedious process that you could otherwise do yourself, if you had a compiled list of sites to block.  There are some extra tools included, but they are really extraneous for the most part.