Every time I do a scan with SUPERAntiSpyware on my XP-SP3 system I get the
following "bad" cookie report:

media.legacy[2].txt

I remove it with SAS but it's always back the next time I run SAS. It
doesn't appear when I run Malwarebytes, MSE or Spybot S&D .

I can't find out much about it on Google or Bing.

Does anyone know what it is or if it is dangerous?

TIA

 

Cookies per se are not dangerous in and of themselves. They are strings of
text, therefore basically static or inert and not dangerous. They are placed
on your machine by the web servers of the websites you visited. This is by
design.

They can however be used to uniquely identify the website's visitor (that is
*you*) and may contain information about you.

Some anti-spyware will flag cookies that are known to be tracking you. You
may or may not care that there is tracking going on.

So with some anti-spyware programs you can set them to ignore cookies.

Why not just turn off cookies in your browser? This is a solution, but makes
browsing difficult. Interactive websites might not work without your browser
setting cookies.

Another solution is to download a hosts file from the Microsoft Most Valued
Professional website and place it in the CWindows\System32\drivers\etc
folder (overwriting the blank hosts file already there).

Here's the link to the website:

http://www.mvps.org/winhelp2002/hosts.htm

and a direct link to the hosts file:

http://www.mvps.org/winhelp2002/hosts.txt

It must be renamed from "hosts.txt" to just "hosts" - no file extension -
before being placed in the CWindows\System32\drivers\etc folder.

Once done, log off then back on and a whole slew of web tracking servers
will never reach your browser. Have a look at the content of the hosts.txt
file to get an idea of the type of domains that place tracking cookies. You
will not miss them. And because these tracking domains are blocked many of
those annoying ads you see in websites won't appear.

Have a nice weekend.



"bobster" <fauxie@bogus.net> wrote in message
news:e#RjQrBrKHA.1800@TK2MSFTNGP02.phx.gbl...
> Every time I do a scan with SUPERAntiSpyware on my XP-SP3 system I get the
> following "bad" cookie report:
>
> media.legacy[2].txt
>
> I remove it with SAS but it's always back the next time I run SAS. It
> doesn't appear when I run Malwarebytes, MSE or Spybot S&D .
>
> I can't find out much about it on Google or Bing.
>
> Does anyone know what it is or if it is dangerous?
>
> TIA
>
>

 

bobster wrote:

> Every time I do a scan with SUPERAntiSpyware on my XP-SP3 system I get the
> following "bad" cookie report:
>
> media.legacy[2].txt
>
> I remove it with SAS but it's always back the next time I run SAS. It
> doesn't appear when I run Malwarebytes, MSE or Spybot S&D .
>
> I can't find out much about it on Google or Bing.
>
> Does anyone know what it is or if it is dangerous?
>
> TIA

Cookies are NOT malware. They are just text files. Whether they are used
to track your web navigation depends on the sites that you visit. So don't
visit whatever sites create this cookie if you don't want it. Since cookies
are not malware, whether an anti-malware product reports the cookie depends
either on settings in that security program or if they are trying to bloat
their perceived effectiveness by reporting on something rather than
reporting on real problems.

In SuperAntispyware, disable the option to scan for tracking cookies. All
cookies despite their content *can* be used for tracking. A tire iron can
be used to murder, too.

Any site can create a cookie .txt file. However, only the site whose domain
matches the one recorded inside the cookie can access the contents of that
cookie. So domain A could write a cookie for domain B and if you happen to
visit domain B then it can see the cookie's content which would have stuff
written in it from domain A.

So why not configure your web browser to purge all cookies when you exit
that web browser? You might also want to up the enforcement policy on what
cookies are allowed on your host. How that's done depends on what web
browser(s) you use. There are tons of methods to manage cookies.

You can probably use a text editor to look inside the cookie to see for what
domain it was written for its access. The domain inside the cookie might
for the domain you visit that wrote the cookie (but that's not required).
That would lead you to which site you keep revisiting that creates this
cookie file. Rather than use a text editor and decipher its content, you
could use Nirsoft's IE Cookie Viewer (*if* IE is the web browser that you
use since you didn't mention it).

 

Thanks, VanguardLH and Saucy for your helpful suggestions. You have both
eased my mind on the dangers of tracking cookies.

I found the option to "scan for tracking cookies" under Scanning Control in
SUPRERAntiSpyware preferences and have unchecked it.

====================================================================
"VanguardLH" <V@nguard.LH> wrote in message
news:hl4vo6$1tn$1@news.albasani.net...
bobster wrote:

> Every time I do a scan with SUPERAntiSpyware on my XP-SP3 system I get the
> following "bad" cookie report:
>
> media.legacy[2].txt
>
> I remove it with SAS but it's always back the next time I run SAS. It
> doesn't appear when I run Malwarebytes, MSE or Spybot S&D .
>
> I can't find out much about it on Google or Bing.
>
> Does anyone know what it is or if it is dangerous?
>
> TIA

Cookies are NOT malware. They are just text files. Whether they are used
to track your web navigation depends on the sites that you visit. So don't
visit whatever sites create this cookie if you don't want it. Since cookies
are not malware, whether an anti-malware product reports the cookie depends
either on settings in that security program or if they are trying to bloat
their perceived effectiveness by reporting on something rather than
reporting on real problems.

In SuperAntispyware, disable the option to scan for tracking cookies. All
cookies despite their content *can* be used for tracking. A tire iron can
be used to murder, too.

Any site can create a cookie .txt file. However, only the site whose domain
matches the one recorded inside the cookie can access the contents of that
cookie. So domain A could write a cookie for domain B and if you happen to
visit domain B then it can see the cookie's content which would have stuff
written in it from domain A.

So why not configure your web browser to purge all cookies when you exit
that web browser? You might also want to up the enforcement policy on what
cookies are allowed on your host. How that's done depends on what web
browser(s) you use. There are tons of methods to manage cookies.

You can probably use a text editor to look inside the cookie to see for what
domain it was written for its access. The domain inside the cookie might
for the domain you visit that wrote the cookie (but that's not required).
That would lead you to which site you keep revisiting that creates this
cookie file. Rather than use a text editor and decipher its content, you
could use Nirsoft's IE Cookie Viewer (*if* IE is the web browser that you
use since you didn't mention it).

 

bobster wrote:

> Thanks, VanguardLH and Saucy for your helpful suggestions. You have both
> eased my mind on the dangers of tracking cookies.
>
> I found the option to "scan for tracking cookies" under Scanning Control in
> SUPRERAntiSpyware preferences and have unchecked it.

Cookies only allow a small amount of storage on your host: typically 300
cookies total, 20 cookies per domain, 4096 bytes per cookie. These are the
recommended minimums [but are *not* required] by RFC 2109. IE goes its own
way with a maximum cookie count of 20 (but got upped to 50) with a total of
4096 bytes maximum consumed by all cookies (upped to 10KB in IE; see (see
http://blogs.msdn.com/ieinternals/archive/2009/08/20/WinINET-IE-Cookie-Internals-FAQ.aspx.
You'll have to do your own research regarding maximums in other web
browsers. Some web servers also have their own maximums. Apache will fail
with "Size of a request header field exceeds server limit" if the total of
all cookies retrieved by the Cookie: request header exceeds 8190 bytes.

http://en.wikipedia.org/wiki/Http_cookie

Another source of cookies are with Flash which has its own .sol files. You
can manage how big they can become or if any are saved on your host at all.

http://en.wikipedia.org/wiki/Flash_cookie

Cookies are not the only means of saving site data (euphemistically called
"user data" for a site) on your host. User persistent data is a separate
cache and allows far more storage of site data on your host. Check if you
have the following options enabled:

Internet Options

- Advanced tab
Security section
Enable DOM Storage

- Security tab
<pick a security zone, like Internet>
Custom Level
Miscellaneous section
Userdata persistence

See:

http://msdn.microsoft.com/en-us/library/cc197062(VS.85).aspx
http://en.wikipedia.org/wiki/DOM_storage
https://developer.mozilla.org/En/DOM:Storage#Description

DOM storage is new as of IE8 (http://dev.w3.org/html5/webstorage/). As I
recall, the persistent data is stored under the %userprofile%\UserData
folder for IE. Other web browsers have their own DOM storage location
(e.g., Firefox uses an SQLlite file). I've had these options disabled for
so long and probably did cleanup at the time that there is nothing to find
on my host under this folder. There may be freeware that not only purges
the classic .txt cookies (and possibly the Flash .sol cookies) but also the
UserData records.