Whenever I go into PPRuNe forums my SpyBot reports that it has blocked an attempted infection by Avenue A.

Avenue A is essentially a way of garnering information from our PCs to make us better targets for SPAM. http://www.safersite.com/PestInfo/a/avenuea.com_spyware_cookie.asp

I would like to know if it is PPRuNe policy to infect us with this pest or if it is happening without Danny's agreement.

Tvm

W

Aaaaarghhh!

I thought I'd got the pesky viruses and worms and spybots all corralled.

But this one hasn't popped up on my ZoneAlarm screen, nor has anything else (such as Mozilla's cookie-killer) seen it.

What indications do you get from the PPRuNe site? I must go take a look.

I also get that warning and decline to install it. I also use Ad-aware and spyware blaster, to frequently decontaminate my machine

Ozzy

This has come up before, Danny has denied it - I believe him, as I get no more or less spam now than ever.

Should this not be moved to the computers and internet forum as its a big yawn:p

Yes, Ian, this should be in the Computers/Internet forum, so I'm going to re-direct it there. I'll leave a pointer in this forum.

WCollins, this topic (specifically the AvenueA issue) has been addressed in depth in the Computers/Internet forum. Here is a thread which will help you find your answers.

http://www.pprune.org/forums/showthread.php?s=&threadid=91440&perpage=15&pagenumber=1

FWIW, I (and many others, as you'll see when you go to the above link) also use spyware detection software (including spybot), and have NEVER had an alert regarding PPRuNe.

McD, then you may need to update the reference files for the spybot app.

Ozzy

Should this not be moved to the computers and internet forum as its a big yawn

What qualification does the brainless low-life calling himself "iainpoll" have that allows him to describe the topic of this thread as a big yawn? I'd be happy to slug it out privately with the said person to see who has the more interesting flying experience.

McD, shame on you for supporting this assertion.

CrashDive, please could you send this worthless thread back from whence it came!:yuk:

Bah! The very idea. :*

Brainless low life, eh? Sir, you do not even know me.

If you wish to slug it out privately, I look forward to the opportunity:}

As for your flying experience, I don't doubt you, but that was hardly the point was it..I apologise if I upset you.


Iain x

Against my better judgement I will continue this exchange one more time.

You apologise but with qualification. Such apologies are worthless.

In this forum we welcome PPRuNers with questions about the problems they are experiencing with their IT equipment. I personally spend between 5 and 20 hours a week researching the answers to these questions. I learn from this exercise and enjoy it when I have a success.

You imply that when you encounter a topic that is, in your view, a "big yawn" it should be consigned to the Computer Forum. I hope that in the fullness of time and with maturity you will modify this somewhat narrow view.

I do what I do after a flying career of 44 years, 9000 hours on 65+ types in which the only discipline I have no experience is LTA.

Bah! :*

FOBOTCSO,

Having re-read my original post, I can see how offence was taken. The big yawn comment was not aimed at this forum, it was just a throw away comment on this particular topic.

I do very much respect the work you, Naples Air Centre et all do on this forum. I do not find this forum a bore at all, in fact it has proved a mine of useful information.

I do apologise without reservation - I will think twice before posting such things in the future.



PS, You have me well and truly whipped on the flying front...

Sorry once again.

Okay, accepted.

When one's flying career is ended and all that is left is to help others in some way or other it goes agianst the grain to feel that one's efforts are regarded as worthless. I hope you will make to the point where you can find this out for yourself.

At McD's suggestion, I have moved my attention to the thread at http://www.pprune.org/forums/showthread.php?s=&threadid=91440&perpage=15&pagenumber=1 as it is on entirely the same topic.

I apologise for starting a new one* but I do not normally look in the computers area.

I will however pick up McD's comment:

FWIW, I (and many others, as you'll see when you go to the above link) also use spyware detection software (including spybot), and have NEVER had an alert regarding PPRuNe.

...then I am afraid that your precautions are just not up to scratch....either you are implying that we are all lying (why should we?), or that the attack is only directed at certain members (why should it be?) or you are simply asserting that some of us are more careful/paranoid than others.

W

*(and am particularly sorry that it resulted in fisticuffs and a pissing competition)

MCD, I am afraid you are wrong. Avenue A and Valueclick do come from Pprune. See my post on the other thread.

WCollins and stickyb,

If I'm wrong, then I'll be glad to admit it. (Actually, I'm not concerned about being "right" or "wrong" -- I am trying to help solve the problems that you and others are encountering.)

However, at the moment, I'm still thinking that there might be differences in the way our browsers are set.

I've just downloaded the latest version of SpyBot, and ran it. Nothing from PPRuNe. (Actually, nothing at all, thankfully). Same thing when I ran AdAware from Lavasoft. Then, I cleared all my caches, histories, etc. (using PurgeIE -- a great tool, IMHO) so that I could start with a "clean slate". I then went to more than 10 different PPRuNe pages and got no warnings. But, just to be safe, I ran SpyBot again. Nothing at all.

So, am I wrong? Are others (who posted on this thread and the related thread, who also have no problems with PPRuNe) wrong too? Or do we just have different browser settings which have a different way of handling cookies?

Remember that AvenueA is advertising spyware. Remember also Danny's quote in the previous thread "The product you have referred to is probably something one of the advertisers uses to track you if you visit their website and it will be able to verify that you came from PPRuNe but that's it." It really sounds to me like the warnings are coming from the ads on PPRuNe pages, but not PPRuNe itself.

Again, I could be wrong, but rather than taking an adversarial stance, let's work on this together.

I'll tell you what ... take a look at your browser settings and see how your browser is set to handle cookies. I'll do some more tests with SpyBot and Lavasoft and see if I can duplicate any of the warnings you're getting.

I have set up cookies on my PC the way I need them (I use, and indeed write and sell, ASP products, and these depend on cookies being allowed.)

I have SpyBot set to pick up the latest updates, and to warn me when it catches a pest. I get

---------------------------
Spybot-S&D Resident
---------------------------
Spybot-S&D has blocked the download of "Avenue A, Inc."!
---------------------------
OK
---------------------------

whenever I change pages in PPRuNe

W

McD, try this.

Run SpyBot earch and destro to check you have a clean machine.

Run spybot immunize, click install for the permantly running blocker, and select display diagloge when blocking.

Then surf around, and you should get a message every time something like Avenue A is encountered.

I have set up my system like that just the check out things, and a W Collins says, I get a warning about every 4th page on Pprune

Of course, if you are blocking cookies some other way before Spybot, then you won't see anything.

No spyware from PPruNe. However the valueclick ads are localised for the part of the world you're logging in from. I'll have a chat with Danny. It's possible some localised sales types at valueclick are allowing naughties that are verbotten by us. They know it's no pop ups, audio or spyware. Otherwise we'll bin them worldwide.

Regards
Rob

PPRuNe Towers

THANK YOU :D :D

That is the response that we have been waiting for!

W

And Mr. Towers, sir, could you also see if you can find where the occasional Active-X control comes from ? My browser is set to prompt me when the bl**dy things arrive, so no exposure, but what are they ? About once a session on average.

ta

Addendum: just noticed a "downloading from oz.valueclick...." flash by in the status bar while on PPRuNe, so yes it is coming from here. (And I'm nowhere near Oz !)

Thanks, Rob, for letting us know why some people get warnings and others don't.

Thanks too WCollins and stickyb for your inputs. (Incidentally, after taking all your info into account, and doing a lot of experimenting, I never got any warnings about any PPRuNe pages. I do allow cookies, so it must be the geography as Rob says.)

Have the cookies been altered at all? Just today I'm finding that the thread updated type efforts aint working. As in read thread, use link to return to forum, posts waiting indicator still lit.

I do proon from several different PCs but I've never had a problem today. Clicked the update thread dooberies link on the main page but it didn't solve nowt.

Well, the powers that be have clearly strutted their stuff.

I am pleased to report that I no longer get the warning from Spybot that Avenue A is trying to sneak in.

Thank you, guys...as ever your help and dedication are appreciated!!

W

Cheers,

But it is all everchanging and we don't kid ourselves. The competition to get information is utterly ruthless big business. We appreciate you keeping us updated whenever you find something fishy.

Before writing though please take the time to check with a fresh, uncookied browser and navigate directly to PPRuNe - we end up wasting a lot of time on folks who've visited other sites first and blame their little secret visitors on us
:ugh: :ugh:

Rob

Sure, but SpyBot tells me about them as they arrive, so I can identify the culprit every time!

W

Oooop, apologies - Didn't make it clear that it was generic advice to all rather than directed at your good self:confused: :=

Regards
Rob

They are back with a vengance!
Have just had 6 warnings in 10 minutes that Avenue A has been blocked, again coming from a Pprune advert

At 7.30 I posted:Nothing seen here in London...presumably this is again a regional issue, centred on Asia this time? and now, at 0800 I must eat my words and say...yup, confirmed sighting here in London as well.

W

Have just lifted this bit of code from pprune forum index page. If I read this correctly (and I am more than happy to be proved wrong), it looks like a bit of code which displays a slightly different screen if the valueadd cookie is detected. Clearly whoever wrote has the expectation that a cookie may be there.

<SCRIPT LANGUAGE=JavaScript><!--
// ValueParameters
ValueHost = "hs0182282";
ValueLoaded = false;
ValueID = "valueid";
ValueVersion = "1.1";
ValueWidth = 120;
ValueHeight = 60;
//--></SCRIPT> <SCRIPT LANGUAGE=Javascript src="http://oz.valueclick.com/jsmaster"></SCRIPT>
<SCRIPT LANGUAGE=JavaScript><!--
if (ValueLoaded) ValueShowAd();
//--></SCRIPT> <NOSCRIPT> <A HREF="http://oz.valueclick.com/redirect?host=hs0182282&size=120x60&b=forums2&v=0" TARGET="_top"><IMG SRC="http://oz.valueclick.com/cycle?host=hs0182282&amp;size=120x60&amp;b=forums2&amp;noscript=1" ALT="Click here to visit our sponsor" WIDTH=120 HEIGHT=60 BORDER=0 ALIGN=bottom></A>
</NOSCRIPT> <!-- vc active --></P>
</TD>
</TR>

I've installed Spyware Blaster, available via Spybot- Immunize, which permanently blocks all spyware.

mr sqk0612 sir, can't agree more. new version just out. installed it on TCS/fobotcso recommendation. blocks an oz.valueclick every time on pprune.

you can add your own blocks in IE6.0 via tools, internet options, privacy, edit, then input the name of the offender, eg 'valueclick.com'.

if you open up the cookies in notepad, you can copy and paste the offending address.

also from that earlier thread on hidden data mining, ozpax mentioned how much info was taken from website visitors. what i couldn't get him to expand upon can be found here

http://www.privacy.net , make sure you visit these bits, http://www.privacy.net/logfile/ and http://www.privacy.net/track/ . fascinating stuff.

that pprune take a proper interest in their advertisers, and methods, is much to their credit.

Each day in the office I receive up to fifty or sixty SPAM messages, the majority of which are clearly based upon scans of my internet traffic to determine my interests. These unwanted messages are duplicated into each of my two personal mail boxes. I just deleted 70 SPAM messages from one mail box alone and I guess that half of the computer users in Nigeria have already been in touch with me.

I know that the internet has to be paid for in some way, but advertising based on spying and intrusions has become ridiculous. E-mail is such a mess these days that it is useless for normal communications and I have reverted to using Fax for essential messaging at the office.

Unless something is done about SPAM, and intrusions that use legal services like cookies in an unacceptable way, the internet is in danger of grinding to a halt. I for one would be willing to pay for a secured internet message transmission service incorporating uncrackable code to make it immune to Spamming.

Then of course there's the illegal stuff - in the past forty five minutes BlackIce blocked no less than three SQL_SSRP_StackBo DNS probes and another dozen less threatening probes from strange computers. :mad:

**************************
Through difficulties to the cinema

I have just spoken to a friend who is one of the UK's Data Protection guru's and apparently he believes that some spyware may contravene UK DP law to the extent that he is looking to put together a paper on the subject for publication. If his initial assessment is right, then any spyware/trackers which are downloaded from, or, pass through any UK based servers could result in the owners of those servers finding themselves in court. The key thing here is the pass through, so all those UK based ISP's are potential targets for the knock on the door.

Of course, for the ISP's etc., all they have to do is include a statement of 'you will be tracked' in their T's & C's and make a positive opt in part of the process and they are in the clear. , , and if we all bothered to read the registration T's & C's, then we would at least know who is assisting the spammer.

I'm still getting messages to say that Spybot has blocked 'Avenue A' when I'm on Pprune. I thought this had been sorted out?

It only seems to come up when the Ad for some Casino comes up, if that is any use....

It certainly is bad this morning. I'm getting the "Avenue A Inc" warning from Spybot just about every time I change the page.

Yup, I'm getting the warning about Avenue A from logging into the PPRuNe Homepage and on several other pages as well!

I'm no expert but the problem seems to be with the Debt Buster ad on the Home page and The Tele West ad on the forums page to name but two!

I agree...every single change of page, apparently regardless of advert.

Doesn't happen in Opera.

W

Well, I suspected that it wouldn't be an end to our problems in my previous post.

As you've collectively discovered, the scumbags went straight at it again with barely a pause. Therefore yesterday we pulled the rug on valueclick. Got another set of wheedling promises just like the incidents with pop ups and audio ads but we told them exactly where to go. Gives us some short term financial problems but nothing we haven't faced before.

As ever, our thanks to you all for keeping us on the ball - I'm off to see if I can get a paper round now and Danny's working as security man on a Glasgow book signing tomorrow night:O :O :O

Regards
Rob

I have been using Opera on one machine and rarely get any uninvited guests on my machine. On another, I use IE6 and it full of the blighters.

I have stuck CookieWall, a freebie from AnalogX (www.analogx.com), on the IE6 machine with a 1 minute testing interval and lo and behold, it regularly finds stuff, and gives the option to accept, delete or do a temporarly accept - even finds the nasty DoubleClick test cookie

I've downloaded Cookiewall

What happens now if I remove all my cookies, and, say, want to log in to Pprune again- Would I have to give all my details over again?

Pardon my ignorance!