Ping: Jan Il (re the funny cookie)

[newsrider3]

Ping: Jan Il (re the funny cookie)
Subject: Re: funny cookie "~~local~~", can't control it [a thread from Feb
6-8]

The funny cookie has finally returned. It is named simply:
owner@~~local~~.txt. Ad-Aware found it and says it's a tracking cookie. I
saved a copy, and have copied the contents below:

css
null
~~local~~/
1600
211547264
29799766
959063376
29696769
*

The following is speculative...

I still don't know where it came from. I compared the time of creation of
the cookie with the times of items in my TIF and History, and nothing
coincided exactly. So maybe it's generated locally by my computer, but I
don't know.

Maybe it's generated while a particular webpage is open, in response to some
operation therein. Looking at the time order of creation of my cookies, the
one immediately prior (by 35 minutes) was
(e-mail address removed)/housecall. That's from a trendmicro.com
website that provides an online scan for viruses. I did a full system scan
using their service. The cookie immediately after (by 5 minutes) was
(e-mail address removed).

I'll also note FWIW that I have a local home page for use in IE, which is
mostly a list of frequently visited url's, and a few local links to .html
files on my computer. I also have several Gmail accounts, one of them using
SSL pop3/smtp in OE. Of course Gmail uses a cookie of its own.

 

[Jan Il]

Hi newsrider3!

Thank you for the update! I'm checking out a couple of things on this here
and I get back to you soon with my findings. Hang tight!

Jan
Smiles are meant to be shared,
that's why they're so contagious.

Ping: Jan Il (re the funny cookie)
Subject: Re: funny cookie "~~local~~", can't control it [a thread from Feb
6-8]

The funny cookie has finally returned. It is named simply:
owner@~~local~~.txt. Ad-Aware found it and says it's a tracking cookie. I
saved a copy, and have copied the contents below:

css
null
~~local~~/
1600
211547264
29799766
959063376
29696769
*

The following is speculative...

I still don't know where it came from. I compared the time of creation of
the cookie with the times of items in my TIF and History, and nothing
coincided exactly. So maybe it's generated locally by my computer, but I
don't know.

Maybe it's generated while a particular webpage is open, in response to
some operation therein. Looking at the time order of creation of my
cookies, the one immediately prior (by 35 minutes) was
(e-mail address removed)/housecall. That's from a trendmicro.com
website that provides an online scan for viruses. I did a full system scan
using their service. The cookie immediately after (by 5 minutes) was
(e-mail address removed).

I'll also note FWIW that I have a local home page for use in IE, which is
mostly a list of frequently visited url's, and a few local links to .html
files on my computer. I also have several Gmail accounts, one of them
using SSL pop3/smtp in OE. Of course Gmail uses a cookie of its own.
--
newsrider3
(not a MS-MVP)

Hi newsrider3


I'll check back here for a few days more. But, if it goes pas that, then
please feel free to PING me on the newsgroup and I'll get back with you.
There may be more to this than on the surface. Hopefully, not, and you
have
now seen the last of it for good.

Jan

 

[Jan Il]

Hi newsrider3

See below....

Ping: Jan Il (re the funny cookie)
Subject: Re: funny cookie "~~local~~", can't control it [a thread from Feb
6-8]

The funny cookie has finally returned. It is named simply:
owner@~~local~~.txt. Ad-Aware found it and says it's a tracking cookie. I
saved a copy, and have copied the contents below:

css
null
~~local~~/
1600
211547264
29799766
959063376
29696769
*

The following is speculative...

I still don't know where it came from. I compared the time of creation of
the cookie with the times of items in my TIF and History, and nothing
coincided exactly. So maybe it's generated locally by my computer, but I
don't know.

Maybe it's generated while a particular webpage is open, in response to
some operation therein. Looking at the time order of creation of my
cookies, the one immediately prior (by 35 minutes) was
(e-mail address removed)/housecall. That's from a trendmicro.com
website that provides an online scan for viruses. I did a full system scan
using their service. The cookie immediately after (by 5 minutes) was
(e-mail address removed).

I'll also note FWIW that I have a local home page for use in IE, which is
mostly a list of frequently visited url's, and a few local links to .html
files on my computer. I also have several Gmail accounts, one of them
using SSL pop3/smtp in OE. Of course Gmail uses a cookie of its own.

I wanted to do a bit of sleuthing of my own by going to the TrendMicro
Housecall, which I use often, and Techspot sites to see if they would put
the same kind of cookie on my system. They did not show up when I did an
AdAware scan or system Search. However, when I went into my Cookies folder
and did a visual search, the one from techspot.com was there, but, not one
from the housecall.trendmicro. So, I would say that at most, it would appear
that it is nothing too harmful, but, any tracking cookies should be removed,
or at the least, quarantined. I have my AdAware set for auto-quarantine, so
in case I make a boo-boo and delete something by accident that I shouldn't
have (BTDT), I have a backup. If all functions well after the removal, then
I will delete the quarantine. The 'owner' part of (e-mail address removed)
*appears* to be the User name of whomever was logged on and went there. My
Cookies all start with my User name.

I always clear my TIF's and Cookies every day as a matter of good
housekeeping and security for my system. It only takes a couple of minutes
that way, and there be anything I don't want hanging around that might cause
trouble. However, these files should only be cleared according to the
instructions here, as using other methods could corrupt or damage the cache
or folders.
Safely Delete the Temporary Internet Files
http://www.mvps.org/winhelp2002/delcache.htm

I'm very glad you were able to track down more defined information on this.
Thank you for posting back and letting me know what you found, and the
relationship to viable sites. One at least appears to be a "friendly foe."


Jan
Smiles are meant to be shared,
that's why they're so contagious.

 

[newsrider3]

I guess the main point of my original post was there's no way to block the
funny cookie because that format isn't accepted into the IE Privacy-Sites
list. At least I couldn't get it accepted there.

Re deleting TIF, Cookies, and History: The ways suggested in that reference
either don't work or aren't the easiest for me. My usual procedure is to
boot into Safe mode/Windows, login as Administrator, and delete whatever I
want from there. Occasionally something is still denied a deletion there, in
which case booting into Safe mode/Recovery Console may be the only way.
--
newsrider3
(not a MS-MVP)

Hi newsrider3

See below....

Ping: Jan Il (re the funny cookie)
Subject: Re: funny cookie "~~local~~", can't control it [a thread from
Feb 6-8]

The funny cookie has finally returned. It is named simply:
owner@~~local~~.txt. Ad-Aware found it and says it's a tracking cookie. I
saved a copy, and have copied the contents below:

css
null
~~local~~/
1600
211547264
29799766
959063376
29696769
*

The following is speculative...

I still don't know where it came from. I compared the time of creation of
the cookie with the times of items in my TIF and History, and nothing
coincided exactly. So maybe it's generated locally by my computer, but I
don't know.

Maybe it's generated while a particular webpage is open, in response to
some operation therein. Looking at the time order of creation of my
cookies, the one immediately prior (by 35 minutes) was
(e-mail address removed)/housecall. That's from a trendmicro.com
website that provides an online scan for viruses. I did a full system
scan using their service. The cookie immediately after (by 5 minutes) was
(e-mail address removed).

I'll also note FWIW that I have a local home page for use in IE, which is
mostly a list of frequently visited url's, and a few local links to .html
files on my computer. I also have several Gmail accounts, one of them
using SSL pop3/smtp in OE. Of course Gmail uses a cookie of its own.

I wanted to do a bit of sleuthing of my own by going to the TrendMicro
Housecall, which I use often, and Techspot sites to see if they would put
the same kind of cookie on my system. They did not show up when I did an
AdAware scan or system Search. However, when I went into my Cookies
folder and did a visual search, the one from techspot.com was there, but,
not one from the housecall.trendmicro. So, I would say that at most, it
would appear that it is nothing too harmful, but, any tracking cookies
should be removed, or at the least, quarantined. I have my AdAware set
for auto-quarantine, so in case I make a boo-boo and delete something by
accident that I shouldn't have (BTDT), I have a backup. If all functions
well after the removal, then I will delete the quarantine. The 'owner'
part of (e-mail address removed) *appears* to be the User name of whomever
was logged on and went there. My Cookies all start with my User name.

I always clear my TIF's and Cookies every day as a matter of good
housekeeping and security for my system. It only takes a couple of
minutes that way, and there be anything I don't want hanging around that
might cause trouble. However, these files should only be cleared
according to the instructions here, as using other methods could corrupt
or damage the cache or folders.
Safely Delete the Temporary Internet Files
http://www.mvps.org/winhelp2002/delcache.htm

I'm very glad you were able to track down more defined information on
this. Thank you for posting back and letting me know what you found, and
the relationship to viable sites. One at least appears to be a "friendly
foe."

Jan
Smiles are meant to be shared,
that's why they're so contagious.