Lyrics & Knowledge Personal Pages Record Shop Auction Links Radio & Media Kids Membership Help
The Mudcat Cafemud

Post to this Thread - Sort Descending - Printer Friendly - Home


Tech: Unremovable cookies: virus, worm?

Genie 07 May 12 - 08:58 PM
JohnInKansas 07 May 12 - 10:15 PM
bobad 07 May 12 - 10:30 PM
Genie 07 May 12 - 11:26 PM
Genie 07 May 12 - 11:28 PM
W y s i w y G ! 07 May 12 - 11:35 PM
Genie 07 May 12 - 11:40 PM
Reinhard 08 May 12 - 02:28 AM
Jack Campin 08 May 12 - 05:13 AM
GUEST,CJB 08 May 12 - 05:26 AM
Jack Campin 08 May 12 - 05:48 AM
JohnInKansas 08 May 12 - 05:55 AM
Jack Campin 08 May 12 - 06:38 AM
Bonnie Shaljean 08 May 12 - 06:56 AM
Stilly River Sage 08 May 12 - 09:52 AM
JohnInKansas 08 May 12 - 06:20 PM
GUEST,.gargoyle 08 May 12 - 11:45 PM
Share Thread
more
Lyrics & Knowledge Search [Advanced]
DT  Forum
Sort (Forum) by:relevance date
DT Lyrics:



Subject: Tech: Unremovable cookies: virus, worm?
From: Genie
Date: 07 May 12 - 08:58 PM

I'm hoping some of you super techies may be able to explain what's going on with my cookie cache, and I'm worried it may be sign of my security having been compromised.

Normally I remove most of the cookies from my browser's (Safari) cache every few days.   I'm increasingly annoyed and puzzled, btw, at how many cookies keep cropping up from sites I've never visited, and how some of these cookies pop up not long after I've deleted them, even if I haven't gone anywhere on the internet since I deleted them, but that's not what's got me really worried.

About a week ago I wanted to watch a TV show (ABC) online after it aired, and I found a site that would let me do that without having to fill out a SPAM-ready survey or set up an account or give them a credit card, etc. But I had to download a video player, which seemed to be a common one. (I think it was Flash Player, but I've since deleted it.)    Starting shortly after that (I didn't try to delete cookies for a couple days), I noticed that there are a handful of what seem to be cookies that I can't delete.   I hit "delete" and they disappear but pop right back up again -- even if I am not connected to the internet at the time.

Here are what a few of these look like:


106]
Plug-ins

111]
Plug-ins

123g.us]
Plug-ins


34]
Plug-ins


93]
Plug-ins


Anyone know what the heck these are? How they get into my Safari cache when I'm not online?   And, most importantly, are they dangerous? And if so, how can I get rid of them?

Thanks,

Genie


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: JohnInKansas
Date: 07 May 12 - 10:15 PM

Genie -

Mac or Windows or Unix?

In Windows, Flash is buggy with lots of vulnerabilities, but so far as has been reported is seldom infected itself in new installations or reinstalls.

In Mac, a notorious bit of malware has been appearing as a phony Flash download or update. Fixes for it are easily available, but apparently lots of Mac users don't believe in malware removal so it's reported as being still in very active circulation. If you're infected with this particular one, you could lose all web access on June 9. (That gives you reasonable time to clean it up if it's what's bugging you, so no need to panic.)

For either Mac or Windows, there are lots of "tracking cookies" that function cross-sites, so that any "member" of the agency that creates them can drop the cookie onto you, and any other "member" of the same agency can tell where the cookie has gone. This might explain why it looks like the "same site" is replacing the cookie you just deleted. It may be the same cookie, but doesn't necessarily come from the same place.

Let us know what OS you're using and maybe somebody can come up with something more.

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: bobad
Date: 07 May 12 - 10:30 PM

You can try Flash Cookie Cleaner


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: Genie
Date: 07 May 12 - 11:26 PM

My computer is a Mac. (I don't think Safari works with Windows, does it?) And my system is OS X 6.8 (Leopard).   

The thing about these particular pesky "cookies" (the ones that say "plug-in") is that I can delete them 10 times in a row, in rapid succession, and they just pop up again immediately.

I was wary about downloading the Flash Player, but a lot of my friends and family keep posting videos that I can't see without having Flash Player, and when I finally downloaded it, I went directly to the Adobe website, not via a link somewhere else.

I'm aware that there's been some nasty malware spreading among Macs, but I didn't know it was being spread via Flash Player, especially if you download the Player directly from Adobe's website.   

I plan to check into a good malware cleaner-upper soon anyway (before June 9), but I was just wondering what the significance is of cookies that say "plug-in" and won't go away no matter how often you delete them -- even when you're not online.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: Genie
Date: 07 May 12 - 11:28 PM

So, Bobad, is it safe to download that Flash Cookie Cleaner? : )


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: W y s i w y G !
Date: 07 May 12 - 11:35 PM

OK, I will post it:

Unremovable cookies? Try exlax on the puder!

;~)

~S~


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: Genie
Date: 07 May 12 - 11:40 PM

Well, my 'puter doesn't seem to be constipated (though it can be a bit sluggish online sometimes), and I haven't noticed any evidence of a virus so far.   Just the weird cookies.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: Reinhard
Date: 08 May 12 - 02:28 AM

You don't need any extra programs to remove Flash cookies. My Mac has in the System Settings' menu's bottom line an icon for the Flash player settings. There I can remove existing cookies and can select that I don't want any of them in the future.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: Jack Campin
Date: 08 May 12 - 05:13 AM

It is safe to download the Flash Player if you get the real one from Adobe.

If you get one from anywhere else (like by following a link on a "free video downloads" site) you are very likely to get a trojan that will mess up your systems as you describe (and which will be extremely difficult to remove).

Description of how to sort it if you have a Mac:

http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_c.shtml

Flash cookies are different from ordinary cookies and not removable in the same way. (There is a Firefox add-on called BetterPrivacy that deals with them). They are an obnoxious plague but they aren't what Genie has.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: GUEST,CJB
Date: 08 May 12 - 05:26 AM

Use Cookie Cleaner - its a great app. and its free.

http://www.piriform.com/ccleaner


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: Jack Campin
Date: 08 May 12 - 05:48 AM

Using a cookie cleaner on a bogus-Flash-Player trojan is like trying to treat bubonic plague with mouthwash.

The Piriform product is doubtless fine for what it does, but cookies that reappear without connecting to any site are a sure sign that some kind of Trojan is at work.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: JohnInKansas
Date: 08 May 12 - 05:55 AM

Genie -

You should understand that a "plug in" is not (in usual terms) the same thing as a cookie.

A cookie identifies that your computer has been "someplace" and can also indicate whether or not you logged in at a place. Since some cookies can be read by other sites, even if they're not the ones who placed them on your machine, cookies of that kind are called "tracking cookies," and most popup/cookie blockers will remove them or block them from being loaded. In some cases the cookie serves a purpose on the site that issues it but you'd like to be rid of it when you leave that site. Some cookie/popup blockers can handle "using them as needed and deleting them when not."

A plugin, also referred to as an "add on," as usually defined, is a "program" that allows a site to provide information that your computer otherwise wouldn't understand. The most commonly annoying ones are probably the Java and/or JavaScript plugins, but even those are necessary in enough places that you probably want them present on your computer.

In most browsers, and I would assume that it's the same for Safari, it's usual to have the plug in on your computer, but to have it "turned off" (deactivated) when you're not actually using it.

When I site wants to send you something that requires the plugin, it's "turned on" until you're done looking at whatever "content" the plugin was supposed to display. You should be able to select whether sites can turn these things on automatically when needed, or must ask for your permission to turn them on. A few sites may turn them off when they're done, but that's pretty rare.

As a "convenience" in your browsing, it is a good idea to have the plugins already downloaded and on your computer. (This also allows you to make sure you have the latest versions, and won't be downloading obsolete and vulnerable versions from random sites.) It's generally a good idea to have most of them "turned off" except when you actually need them, although many users feel that many of them are "safe enough" to be left on.

Most browsers have settings where you can decide whether they'll be inactive whenever they're not needed, but having them "handy," already installed on your computer, will avoid the delays attendant to downloading and installing a new one each time one is needed.

Provided that the plugins are ones that serve a useful purpose in your internet browsing you should not try to delete them. You should find the place in your browser where you can turn them on and off, so that you'll know what you have and what they're doing for (or to) you.

Flash (probably in your browser as "Shockwave Flash") is an addon/plugin.

Your PDF reader is an addon/plugin

Your Media Player probably is an addon/plugin

You probably have a Java addon/plugin

Your Google toolbar, or Bing, or any others you use are all plugins.

By all means, turn them off if you're worried about them, but if you just delete them all you'll spend the time when you could be enjoying the web just downloading the ones you need, everytime you change sites and need a new one to see (or hear) what's on the web. And every time you go to a new site, they're likely to download one or more that's needed for the content on that site.

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: Jack Campin
Date: 08 May 12 - 06:38 AM

From what he or she is saying, these *are* cookies, but they have "plug-in" as part of their name.

Most of the names you list are too short to search for, but 123g.us seems from googling to relate to a Christian inspirational e-card site. Have you sent or received anything like that? (E-cards are a very good way of spreading malware - never open one).

The origin isn't all that important anyway - you just need to do a malware scan to eliminate the problem.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: Bonnie Shaljean
Date: 08 May 12 - 06:56 AM

John - quick question about the related issue in the thread linked below, which I think bears repeating anyway (do you mean July 9th or has it now changed to June as you cited above?): I have run the two tests on all our computers and got the green go-ahead. Will this result hold, or do I need to keep checking? All security patches are up to date.

Tech: A REAL Internet Shutdown - Malware
http://mudcat.org/thread.cfm?threadid=143499#3312360


> I don't think Safari works with Windows, does it?

Yes, it does - I have it on my Windows-7 PC, where it sits nicely alongside Firefox.


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: Stilly River Sage
Date: 08 May 12 - 09:52 AM

A large number of these browsers are written to work in Windows, Mac, and Linux. Here is a list of browsers and where they work.

A while back I was asked about virus scans and such by a Mac user and I asked Amos about it - he's one of Mudcat's more hard-core Mac Zealots. He recommended Sophos. They have a free version and a paid version, I believe.

SRS


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: JohnInKansas
Date: 08 May 12 - 06:20 PM

Bonnie -

I believe the thread you linked was originally the first of two threads on the subject. The second one, that seemed to have mysteriously disappeared from my record indicated that the courts have approved an extension of the FBI operation of their "replacement servers" so the new deadline is "later." My recollection was that the new drop-dead date was in June, but it is the July date.

The two threads have been merged, which explains why I didn't find the later one and had to spout off from my inadequate memory.

With either date, you have plenty of time.

The second report indicated that a "red" from either site definitely means you are infected.

A "green" from the FBI site means you probably aren't infected but they've found a way that the FBI check could be wrong.

A "green" from the consortium site claims to confirm that you really are not infected, for sure, guaranteed; so you should be good if you've run both sites.

There have been some reports of changes in the Flashback bug, but no changes in methods of infecting or spreading it have appeared where I've seen them. It never hurts to watch for reports of new discoveries, but you shouldn't need to worry about having the current form on your computer now.

Of course it's possible you could still become infected after getting a good check if you trade stuff next week with someone who is infected and if you don't have good enough AV on your machine to block it, but that concern is just "the way things are," and there are a few dozen other infections that you might get in the same ways.

The recent "big surge" in concerns for Macishvillainsvillians is with the 'phones and 'pads:
a.) Millions of new devices sold, all pretty much the same.
b.) Many new users, many of whom don't even have prior web experience.
c.) Devices so new that nobody really knows what they're supposed to do, and can't recognize abnormal behavior.
d.) Lots of "youngsters" prone to take risks and "click on anything" just to see what's there.
e.) Almost complete absence of any AV or other malware protections.
f.) Every kid knows daddy's credit card numbers.
g.) Lots of cheap "aps" that are easy to bug, and immensely popular (to buy with daddy's credit card).

John


Post - Top - Home - Printer Friendly - Translate

Subject: RE: Tech: Unremovable cookies: virus, worm?
From: GUEST,.gargoyle
Date: 08 May 12 - 11:45 PM

A very long time ago...in a thread long forgotten

A warning was given about the persistance of "flash " cookies ... the SOL 's.

I crashed two PC machines with their removal.

If paranoia gives you a thrill ... follow these linked articles from that most liberal of newspapers, The Financial Times of London.

http://www.ft.com/intl/indepth/cyber-warfare


Sincerely,
Gargoyle

Sleep well little kartuffins.


Post - Top - Home - Printer Friendly - Translate
  Share Thread:
More...

Reply to Thread
Subject:  Help
From:
Preview   Automatic Linebreaks   Make a link ("blue clicky")


Mudcat time: 19 September 5:50 AM EDT

[ Home ]

All original material is copyright © 1998 by the Mudcat Café Music Foundation, Inc. All photos, music, images, etc. are copyright © by their rightful owners. Every effort is taken to attribute appropriate copyright to images, content, music, etc. We are not a copyright resource.