Solved

Why does MSN read ALL cookies on login?

Posted on 2004-04-03
8
266 Views
Last Modified: 2013-12-04
I noticed when logging into MSN, suddenly the "last accessed" date and time on ALL of the cookies in the users "Temporary Internet Files" folder suddenly change and indicate that all of the cookies were just accessed.  Presumably by Microsoft. And not just the MSN cookies, it reads EVERY SINGLE ONE OF THEM!

Is this legitimate? Or am I doing something wrong?

Thanks,
Steve
0
Comment
Question by:stevenl241
  • 5
8 Comments
 
LVL 12

Expert Comment

by:trywaredk
ID: 10749002
Run a spyware test on your computer:

Spybot:
http://security.kolla.de/index.php

Ad-aware Standard Edition is THE award winning, free*, multicomponent adware detection and removal utility:
http://www.lavasoft.de/software/adaware/

SpyFerret detects & removes spyware
http://www.onlinepcfix.com/spyware/spyware.htm

Bazooka Adware and Spyware Scanner v1.13.01
http://www.kephyr.com/spywarescanner/

Automatic check of your browser for parasites, adware and spyware
http://www.doxdesk.com/parasite/

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10749016
Microsoft Security Bulletin (MS00-033)
Patch Available for "Frame Domain Verification", "Unauthorized Cookie Access", and "Malformed Component Attribute" Vulnerabilities

http://www.microsoft.com/technet/security/bulletin/ms00-033.mspx
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10749020
You need to patch up with the last servicepack and hotfixes from microsoft

About Windows Update (SUS)
http://v4.windowsupdate.microsoft.com/en/about.asp

Download and install Microsofts automatic update server (also known as SUS)
http://www.microsoft.com/windows2000/downloads/recommended/susclient/default.asp
0
What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

 
LVL 12

Expert Comment

by:trywaredk
ID: 10749027
You should also protect yourself in the future against virus

Use this free online Trend Housecall scanner to find and clean every known virus/rootkits/backdoors:
http://housecall.trendmicro.com/housecall/start_corp.asp

Some viruses can't be removed by housecall. If so, use the free Trend Micro system cleaner:
http://www.trendmicro.com/download/tsc.asp

If you get's an ActiveX error, when loading the HouseCall web page:
http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=4317

If you want to secure your one workstation in the future, consider to purchase PC-cillin with builtin firewall:
http://www.trendmicro.com/en/products/desktop/pc-cillin/evaluate/overview.htm



0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10749030
Getting a personal Firewall
http://www.zensecurity.co.uk/default.asp?URL=personal

Download the free version of Sygate personal firewall
http://smb.sygate.com/support/documents/spf/default.htm
http://smb.sygate.com/download/download.php?pid=spf

Download the free version of ZoneAlarm firewall
http://www.zonelabs.com/store/content/company/zap_za_grid.jsp?lid=ho_za

Comparative reviews of personal firewall software:
http://www.firewallguide.com/software.htm

Firewall Product Selector - Choose yourself which one to compare
http://www.spirit.com/cgi-new/report.pl?dbase=fw&function=view
0
 
LVL 6

Accepted Solution

by:
Joseph_Moore earned 125 total points
ID: 10762838
I don't think that is happening. If you really want to know what cookie files MSN uses when you hit their site, download and fire up Filemon from Sysinternals:
http://www.sysinternals.com/ntw2k/source/filemon.shtml
It is a file access monitor program. It will tell you EVERY FILE that is access, in real-time.

When IE opens, it will hit the Index.DAT file that is in the cookie directory. When I hit MSN.com, it opens JOE@www.msn[2].txt , JOE@www.msn[3].txt, JOE@www.msn[1].txt and JOE@www.admt[2].txt, along with the index.DAT file. Maybe since the index file is hit a WHOLE LOT, that explains what you are seeing. But in my scan with Filemon, MSN.com did not open or read or query from any other cookie file.
It did a DIR listing of the Cookie directory, apparently.

And it calls a whole bunch of dlls, drv driver files, Macromedia files, and thousands more. Now, that is probably mostly from me starting up IE, but this is how it works.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now