Every time I do a scan with SUPERAntiSpyware on my XP-SP3 system I get the following "bad" cookie report: media.legacy[2].txt I remove it with SAS but it's always back the next time I run SAS. It doesn't appear when I run Malwarebytes, MSE or Spybot S&D . I can't find out much about it on Google or Bing. Does anyone know what it is or if it is dangerous? TIA
Cookies per se are not dangerous in and of themselves. They are strings of text, therefore basically static or inert and not dangerous. They are placed on your machine by the web servers of the websites you visited. This is by design. They can however be used to uniquely identify the website's visitor (that is *you*) and may contain information about you. Some anti-spyware will flag cookies that are known to be tracking you. You may or may not care that there is tracking going on. So with some anti-spyware programs you can set them to ignore cookies. Why not just turn off cookies in your browser? This is a solution, but makes browsing difficult. Interactive websites might not work without your browser setting cookies. Another solution is to download a hosts file from the Microsoft Most Valued Professional website and place it in the CWindows\System32\drivers\etc folder (overwriting the blank hosts file already there). Here's the link to the website: http://www.mvps.org/winhelp2002/hosts.htm and a direct link to the hosts file: http://www.mvps.org/winhelp2002/hosts.txt It must be renamed from "hosts.txt" to just "hosts" - no file extension - before being placed in the CWindows\System32\drivers\etc folder. Once done, log off then back on and a whole slew of web tracking servers will never reach your browser. Have a look at the content of the hosts.txt file to get an idea of the type of domains that place tracking cookies. You will not miss them. And because these tracking domains are blocked many of those annoying ads you see in websites won't appear. Have a nice weekend. "bobster" <fauxie@bogus.net> wrote in message news:e#RjQrBrKHA.1800@TK2MSFTNGP02.phx.gbl... > Every time I do a scan with SUPERAntiSpyware on my XP-SP3 system I get the > following "bad" cookie report: > > media.legacy[2].txt > > I remove it with SAS but it's always back the next time I run SAS. It > doesn't appear when I run Malwarebytes, MSE or Spybot S&D . > > I can't find out much about it on Google or Bing. > > Does anyone know what it is or if it is dangerous? > > TIA > >
bobster wrote: > Every time I do a scan with SUPERAntiSpyware on my XP-SP3 system I get the > following "bad" cookie report: > > media.legacy[2].txt > > I remove it with SAS but it's always back the next time I run SAS. It > doesn't appear when I run Malwarebytes, MSE or Spybot S&D . > > I can't find out much about it on Google or Bing. > > Does anyone know what it is or if it is dangerous? > > TIA Cookies are NOT malware. They are just text files. Whether they are used to track your web navigation depends on the sites that you visit. So don't visit whatever sites create this cookie if you don't want it. Since cookies are not malware, whether an anti-malware product reports the cookie depends either on settings in that security program or if they are trying to bloat their perceived effectiveness by reporting on something rather than reporting on real problems. In SuperAntispyware, disable the option to scan for tracking cookies. All cookies despite their content *can* be used for tracking. A tire iron can be used to murder, too. Any site can create a cookie .txt file. However, only the site whose domain matches the one recorded inside the cookie can access the contents of that cookie. So domain A could write a cookie for domain B and if you happen to visit domain B then it can see the cookie's content which would have stuff written in it from domain A. So why not configure your web browser to purge all cookies when you exit that web browser? You might also want to up the enforcement policy on what cookies are allowed on your host. How that's done depends on what web browser(s) you use. There are tons of methods to manage cookies. You can probably use a text editor to look inside the cookie to see for what domain it was written for its access. The domain inside the cookie might for the domain you visit that wrote the cookie (but that's not required). That would lead you to which site you keep revisiting that creates this cookie file. Rather than use a text editor and decipher its content, you could use Nirsoft's IE Cookie Viewer (*if* IE is the web browser that you use since you didn't mention it).
Thanks, VanguardLH and Saucy for your helpful suggestions. You have both eased my mind on the dangers of tracking cookies. I found the option to "scan for tracking cookies" under Scanning Control in SUPRERAntiSpyware preferences and have unchecked it. ==================================================================== "VanguardLH" <V@nguard.LH> wrote in message news:hl4vo6$1tn$1@news.albasani.net... bobster wrote: > Every time I do a scan with SUPERAntiSpyware on my XP-SP3 system I get the > following "bad" cookie report: > > media.legacy[2].txt > > I remove it with SAS but it's always back the next time I run SAS. It > doesn't appear when I run Malwarebytes, MSE or Spybot S&D . > > I can't find out much about it on Google or Bing. > > Does anyone know what it is or if it is dangerous? > > TIA Cookies are NOT malware. They are just text files. Whether they are used to track your web navigation depends on the sites that you visit. So don't visit whatever sites create this cookie if you don't want it. Since cookies are not malware, whether an anti-malware product reports the cookie depends either on settings in that security program or if they are trying to bloat their perceived effectiveness by reporting on something rather than reporting on real problems. In SuperAntispyware, disable the option to scan for tracking cookies. All cookies despite their content *can* be used for tracking. A tire iron can be used to murder, too. Any site can create a cookie .txt file. However, only the site whose domain matches the one recorded inside the cookie can access the contents of that cookie. So domain A could write a cookie for domain B and if you happen to visit domain B then it can see the cookie's content which would have stuff written in it from domain A. So why not configure your web browser to purge all cookies when you exit that web browser? You might also want to up the enforcement policy on what cookies are allowed on your host. How that's done depends on what web browser(s) you use. There are tons of methods to manage cookies. You can probably use a text editor to look inside the cookie to see for what domain it was written for its access. The domain inside the cookie might for the domain you visit that wrote the cookie (but that's not required). That would lead you to which site you keep revisiting that creates this cookie file. Rather than use a text editor and decipher its content, you could use Nirsoft's IE Cookie Viewer (*if* IE is the web browser that you use since you didn't mention it).
bobster wrote: > Thanks, VanguardLH and Saucy for your helpful suggestions. You have both > eased my mind on the dangers of tracking cookies. > > I found the option to "scan for tracking cookies" under Scanning Control in > SUPRERAntiSpyware preferences and have unchecked it. Cookies only allow a small amount of storage on your host: typically 300 cookies total, 20 cookies per domain, 4096 bytes per cookie. These are the recommended minimums [but are *not* required] by RFC 2109. IE goes its own way with a maximum cookie count of 20 (but got upped to 50) with a total of 4096 bytes maximum consumed by all cookies (upped to 10KB in IE; see (see http://blogs.msdn.com/ieinternals/archive/2009/08/20/WinINET-IE-Cookie-Internals-FAQ.aspx. You'll have to do your own research regarding maximums in other web browsers. Some web servers also have their own maximums. Apache will fail with "Size of a request header field exceeds server limit" if the total of all cookies retrieved by the Cookie: request header exceeds 8190 bytes. http://en.wikipedia.org/wiki/Http_cookie Another source of cookies are with Flash which has its own .sol files. You can manage how big they can become or if any are saved on your host at all. http://en.wikipedia.org/wiki/Flash_cookie Cookies are not the only means of saving site data (euphemistically called "user data" for a site) on your host. User persistent data is a separate cache and allows far more storage of site data on your host. Check if you have the following options enabled: Internet Options - Advanced tab Security section Enable DOM Storage - Security tab <pick a security zone, like Internet> Custom Level Miscellaneous section Userdata persistence See: http://msdn.microsoft.com/en-us/library/cc197062(VS.85).aspx http://en.wikipedia.org/wiki/DOM_storage https://developer.mozilla.org/En/DOM:Storage#Description DOM storage is new as of IE8 (http://dev.w3.org/html5/webstorage/). As I recall, the persistent data is stored under the %userprofile%\UserData folder for IE. Other web browsers have their own DOM storage location (e.g., Firefox uses an SQLlite file). I've had these options disabled for so long and probably did cleanup at the time that there is nothing to find on my host under this folder. There may be freeware that not only purges the classic .txt cookies (and possibly the Flash .sol cookies) but also the UserData records.