Hi malware fighters,

Normally webbugs, little 1x1 pixel cookies, go unnoticed by your web browser.
Re: http://w2.eff.org/Privacy/Marketing/web_bug.html
But when you have the Foxbeacon add-on in Flock or Firefox, and you visit the BBC News page, it alerts you to this webbug:

hxtp://switch.atdmt.com/action/agencyrep_bbc_usa_homepage

Infected with atdmt cookie ?

Free Scan
Description
Atdmt cookies store information about a PC user’s interaction with a specific website.
Standard Cookies are not inherently dangerous,
but they can be misused and exploited
and may allow a distinct and apparently unrelated website to access the same information.
If more than one website can access a cookie that has been placed on the user’s PC,
that cookie poses a security and privacy risk.
Tracking cookies can allow vendors to analyze browsing behaviour for marketing purposes.

Vendor
Its author is aQuantive, Inc.

Vendor URL
http://www. ATDMT.com

Tracks Browsing Activity (with cookies only)

After finding them up with FoxBeacon you can block them through ABP Open blockable items,
and then block that item,
Another way to swatt all web bugs, is blocking them in NoScript - go to NoScript - open “Options” - then “Advanced” - there tag forbid “Web bugs” - bye Web Bugs!

polonus

I believe the Web Bugs option is enabled by default, just checked mine and it is checked. I can’t recall if I set that myself though.

… but it’s not. I never touch advanced options in sensitive software unless I am advised by the people I trust. As I trust polonus, I opened those options and saw Web bugs unchecked.

Yes, it seems the default setting is to allow Web Bugs as mine was also unticked. Thanks for the information, polonus.

I block atdmt cookies before they get to my system by the use of a HOSTS file that works with all browsers.

I use HostsMan to manage my HOSTS file and its companion proxy HostsServer to speed up the Internet.
http://www.abelhadigital.com

I only use hpHosts and MVPS HOSTS file.

This also stops many other site tracking cookies plus blocks known malware sites and why the latest malware is modifying the HOSTS file to prevent access to removal sites such as avast.com and malwarebytes.org

Same here. Another thanks for the information, Polonus.

As Yokenny I am using MVPS host file.

switch.atdmt.com is one of the entries there.
and a lot of other atdmt.com entries,too.

Independent of browser-type and no connection is ever made to the sites.

I combine it with edexter to get quicker surfing by avoiding timeouts.

Hihly recommended, not only for avoiding cookies but a lot of ads, malicious sites…

HL

There are many versions of atdmt.com blocked by my host file as well as being blocked by browser entries. I get “can’t display” sections or “boxes with the little X” on most web pages I visit.

I am more than happy, in this instance, to let the Beeb count my visits.

It is worth it to help this island of fairly honest reporting in a world polluted by the likes of Rupert Murdoch and his putrid organs - even here in the land that is my home.

This thread is not about mr Murdoch or anybody else, but about a tracking company spreading
web-bugs, tracking cookies and the likes to unknowing and innocent people from all over the world.

That’s why they got some 13 entries in MVPS HOSTS file.

Be happy, but this is not good for the Net.

HL

I haven’t heard of mr Murdoch, but I couldn’t care less.

HostsServer which is HostsMan’s companion works similar but provides logging of the HOSTS file hits through its Log referrer option.

Edexter has logging options, too.

But I mainly have it turned off because I see no use of it.

But one thing is for sure: it gets filled up very quickly.

HL

That’s because you are not using a proxy like HostsServer to block the “can’t display” messages.

Please see:
http://forum.abelhadigital.com/index.php?showtopic=11

General question about using HostsMan and HostsServer:
http://forum.abelhadigital.com/index.php?act=idx

HostsServer does not get filled up quite quickly for me and I usually use CCleaner about once per day to clean it but that option is only available with its enhanced winapp2.ini
http://forum.piriform.com/index.php?showtopic=1110&hl=winapp2.ini

I didn’t mention that the log gets filled up as a problem, but as an evidence of all shit out there
that gets stopped by HOSTS.

HL

Hi YoKenny & hlecter,

In certain respects this using a host file does not work out sometimes, for instance Google Chrome also does not appear to use your host file. Google is checking with it’s own DNS server instead of going off of your hosts file.
Codeandcoffee say: “Why is this a big deal? For developers. We have a sandbox server that we use to build websites before they are rolled out. We direct our domains to these servers with our hosts files. Chrome never allows us to get to our sandbox servers via our host file.” link: http://www.codeandcoffee.com/2008/11/03/google-chrome-does-not-use-your-host-file/
I like the way the old SpywareBlaster places thousands of sites in the Internet Zone with restricted access.
And the block list for Flock and also for ad/tracking cookies,
But in some sense blacklisting and host lists are good, I use this in my Flock firekeeper ids: Malware Patrol - Block List - http://www.malwarepatrol.net

List for FireKeeper

Generated at: 20090108201647 UTC

NoScript is also preventing a lot of connecting to malware vectors wherever you may go, as is using link checking like WOR, finjan, and Scandoo.com, but I agree there is a lot of ill weed out there, folks, and you two know it “Ill weed grows …”,

polonus

for instance Google Chrome also does not appear to use your host file. Google is checking with it’s own DNS server instead of going off of your hosts file.

I like the way the old SpywareBlaster places thousands of sites in the Internet Zone with restricted access.

as is using link checking like WOR, finjan, and Scandoo.com,

I have not tried finjan nor Scandoo.com but I do use WoT on the old PIII with IE8 beta2 and McAfee SiteAdvisor on my other XP systems.

MBAM is also good:
http://www.malwarebytes.org/mbam.php