Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Why does MSN read ALL cookies on login?

Posted on 2004-04-03
8
Medium Priority
?
277 Views
Last Modified: 2013-12-04
I noticed when logging into MSN, suddenly the "last accessed" date and time on ALL of the cookies in the users "Temporary Internet Files" folder suddenly change and indicate that all of the cookies were just accessed.  Presumably by Microsoft. And not just the MSN cookies, it reads EVERY SINGLE ONE OF THEM!

Is this legitimate? Or am I doing something wrong?

Thanks,
Steve
0
Comment
Question by:stevenl241
  • 5
8 Comments
 
LVL 12

Expert Comment

by:trywaredk
ID: 10749002
Run a spyware test on your computer:

Spybot:
http://security.kolla.de/index.php

Ad-aware Standard Edition is THE award winning, free*, multicomponent adware detection and removal utility:
http://www.lavasoft.de/software/adaware/

SpyFerret detects & removes spyware
http://www.onlinepcfix.com/spyware/spyware.htm

Bazooka Adware and Spyware Scanner v1.13.01
http://www.kephyr.com/spywarescanner/

Automatic check of your browser for parasites, adware and spyware
http://www.doxdesk.com/parasite/

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10749016
Microsoft Security Bulletin (MS00-033)
Patch Available for "Frame Domain Verification", "Unauthorized Cookie Access", and "Malformed Component Attribute" Vulnerabilities

http://www.microsoft.com/technet/security/bulletin/ms00-033.mspx
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10749020
You need to patch up with the last servicepack and hotfixes from microsoft

About Windows Update (SUS)
http://v4.windowsupdate.microsoft.com/en/about.asp

Download and install Microsofts automatic update server (also known as SUS)
http://www.microsoft.com/windows2000/downloads/recommended/susclient/default.asp
0
Ready for your healthcare security check-up?

In the past few years, healthcare organizations have become a prime target for advanced attacks. Does your organization have what it needs to defend itself? Schedule your healthcare security check-up today and download our free Healthcare Security Resource Kit today!

 
LVL 12

Expert Comment

by:trywaredk
ID: 10749027
You should also protect yourself in the future against virus

Use this free online Trend Housecall scanner to find and clean every known virus/rootkits/backdoors:
http://housecall.trendmicro.com/housecall/start_corp.asp

Some viruses can't be removed by housecall. If so, use the free Trend Micro system cleaner:
http://www.trendmicro.com/download/tsc.asp

If you get's an ActiveX error, when loading the HouseCall web page:
http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=4317

If you want to secure your one workstation in the future, consider to purchase PC-cillin with builtin firewall:
http://www.trendmicro.com/en/products/desktop/pc-cillin/evaluate/overview.htm



0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10749030
Getting a personal Firewall
http://www.zensecurity.co.uk/default.asp?URL=personal

Download the free version of Sygate personal firewall
http://smb.sygate.com/support/documents/spf/default.htm
http://smb.sygate.com/download/download.php?pid=spf

Download the free version of ZoneAlarm firewall
http://www.zonelabs.com/store/content/company/zap_za_grid.jsp?lid=ho_za

Comparative reviews of personal firewall software:
http://www.firewallguide.com/software.htm 

Firewall Product Selector - Choose yourself which one to compare
http://www.spirit.com/cgi-new/report.pl?dbase=fw&function=view
0
 
LVL 6

Accepted Solution

by:
Joseph_Moore earned 500 total points
ID: 10762838
I don't think that is happening. If you really want to know what cookie files MSN uses when you hit their site, download and fire up Filemon from Sysinternals:
http://www.sysinternals.com/ntw2k/source/filemon.shtml
It is a file access monitor program. It will tell you EVERY FILE that is access, in real-time.

When IE opens, it will hit the Index.DAT file that is in the cookie directory. When I hit MSN.com, it opens JOE@www.msn[2].txt , JOE@www.msn[3].txt, JOE@www.msn[1].txt and JOE@www.admt[2].txt, along with the index.DAT file. Maybe since the index file is hit a WHOLE LOT, that explains what you are seeing. But in my scan with Filemon, MSN.com did not open or read or query from any other cookie file.
It did a DIR listing of the Cookie directory, apparently.

And it calls a whole bunch of dlls, drv driver files, Macromedia files, and thousands more. Now, that is probably mostly from me starting up IE, but this is how it works.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
This Micro Tutorial will teach you how to add a cinematic look to any film or video out there. There are very few simple steps that you will follow to do so. This will be demonstrated using Adobe Premiere Pro CS6.
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question