I have been finding a data miner on quite a few machines , it is QUANTSERVE.COM, it appears to start mining as soon as firefox is open. Have to knock off cookies as well as never allow that site.
A hosts file applies to all network traffic not only browsers, and is applicable to most operating systems. The MVPS host file specifically deals with "parasites"... http://www.mvps.org/winhelp2002/hosts.htm As defined in the current version (10/23/08) of the MVPS hosts file... 127.0.0.1 quantserve.com 127.0.0.1 edge.quantserve.com 127.0.0.1 flash.quantserve.com 127.0.0.1 pixel.quantserve.com #[WebBug] 127.0.0.1 secure.quantserve.com # [Statcounter][Aodhan Cullen] 127.0.0.1 c1.statcounter.com #[Ad-Aware.Tracking.Cookie] 127.0.0.1 c2.statcounter.com #[SecuritySpace.WebBug] 127.0.0.1 c3.statcounter.com #[eTrust.Tracking.Cookie] 127.0.0.1 c4.statcounter.com 127.0.0.1 c5.statcounter.com #[SpySweeper.Spy.Cookie] 127.0.0.1 c6.statcounter.com #[MVPS.Criteria] 127.0.0.1 c7.statcounter.com 127.0.0.1 c8.statcounter.com #[McAfee.Cookie-Statcounter] 127.0.0.1 c10.statcounter.com 127.0.0.1 c11.statcounter.com #[Ewido.TrackingCookie.Statcounter] 127.0.0.1 c12.statcounter.com 127.0.0.1 c13.statcounter.com 127.0.0.1 c14.statcounter.com 127.0.0.1 c15.statcounter.com #[Panda.Spyware:Cookie/Statcounter] 127.0.0.1 c16.statcounter.com 127.0.0.1 c17.statcounter.com 127.0.0.1 c18.statcounter.com 127.0.0.1 c19.statcounter.com 127.0.0.1 c20.statcounter.com 127.0.0.1 c21.statcounter.com 127.0.0.1 c22.statcounter.com 127.0.0.1 c23.statcounter.com 127.0.0.1 c24.statcounter.com 127.0.0.1 c25.statcounter.com 127.0.0.1 c26.statcounter.com 127.0.0.1 c27.statcounter.com 127.0.0.1 c28.statcounter.com 127.0.0.1 c29.statcounter.com 127.0.0.1 c30.statcounter.com 127.0.0.1 c31.statcounter.com 127.0.0.1 c32.statcounter.com 127.0.0.1 c33.statcounter.com 127.0.0.1 c34.statcounter.com 127.0.0.1 c35.statcounter.com 127.0.0.1 c36.statcounter.com 127.0.0.1 c37.statcounter.com 127.0.0.1 c38.statcounter.com 127.0.0.1 c39.statcounter.com 127.0.0.1 c40.statcounter.com 127.0.0.1 c41.statcounter.com 127.0.0.1 c42.statcounter.com 127.0.0.1 c43.statcounter.com 127.0.0.1 my.statcounter.com 127.0.0.1 my8.statcounter.com 127.0.0.1 s2.statcounter.com #[SunBelt.statcounter.com] 127.0.0.1 secure.statcounter.com 127.0.0.1 www.statcounter.com
My FF only tries to load this quantserve crap when I load ET (NoScript catches it).... So it's likely somehow connected with this site not with FF in general...
Quantcast stuff apparently is attached to ET forum page..... Can this be done without ET owners knowing this?