PDA

View Full Version : Deselecting Cookies.sbe in File Sets doesn't stop innocent cookies from being deleted



cuteswan
2008-02-14, 16:20
I'm using SSD version 1.5.2.20 and am up to date (02/13/2008) under Windows 2000 SP4 and Firefox 2.0.0.12. Since upgrading from SSD 1.4 last week, every night it deletes all of my #HttpOnly_ cookies during every scan, but the Fixes...txt only reports "Congratulations!: No immediate threats were found. ()" (same as the Checks...txt).

These cookies don't show up under SSD's Ignore cookies settings, so I can't select them there. Manually editing the Cookies.sbe didn't help: the program wipes the file and loses even the previously-accepted entries if I try to add entries manually, even non-HttpOnly cookies. Two days ago I unchecked Cookies.sbi from the File Sets choice, but it still monkeys around with my Firefox cookies every night so I have to restore my old cookies in the morning. Cookies.sbi is still unchecked when I go back into SSD, but it's listed in the log files (Checks and Fixes are identical):


--- Report generated: 2008-02-14 03:55 ---

Congratulations!: No immediate threats were found. ()



--- Spybot - Search & Destroy version: 1.5.2 (build: 20080128) ---

2008-01-28 blindman.exe (1.0.0.7)
2008-01-28 SDDelFile.exe (1.0.2.4)
2008-01-28 SDMain.exe (1.0.0.5)
2007-10-07 SDShred.exe (1.0.1.2)
2008-01-28 SDUpdate.exe (1.0.8.8)
2008-01-28 SDWinSec.exe (1.0.0.11)
2008-01-28 SpybotSD.exe (1.5.2.20)
2008-01-28 TeaTimer.exe (1.5.2.16)
2008-02-01 unins000.exe (51.41.0.0)
2008-02-07 unins001.exe (51.49.0.0)
2008-01-28 Update.exe (1.4.0.6)
2008-01-28 advcheck.dll (1.5.4.5)
2007-04-02 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2007-11-17 DelZip179.dll (1.79.7.4)
2008-01-28 SDFiles.dll (1.5.1.19)
2008-01-28 SDHelper.dll (1.5.0.11)
2008-01-28 Tools.dll (2.1.3.3)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2008-02-13 Includes\Cookies.sbi
2007-12-26 Includes\Dialer.sbi (*)
2008-02-13 Includes\DialerC.sbi (*)
2008-02-13 Includes\HeavyDuty.sbi (*)
2008-02-13 Includes\Hijackers.sbi (*)
2008-02-13 Includes\HijackersC.sbi (*)
2008-02-13 Includes\Keyloggers.sbi (*)
2008-02-13 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2008-02-13 Includes\Malware.sbi (*)
2008-02-13 Includes\MalwareC.sbi (*)
2007-10-24 Includes\PUPS.sbi (*)
2008-02-13 Includes\PUPSC.sbi (*)
2008-02-13 Includes\Revision.sbi (*)
2008-01-09 Includes\Security.sbi (*)
2008-02-13 Includes\SecurityC.sbi (*)
2008-02-13 Includes\Spybots.sbi (*)
2008-02-13 Includes\SpybotsC.sbi (*)
2007-11-06 Includes\Tracks.uti
2008-02-13 Includes\Trojans.sbi (*)
2008-02-13 Includes\TrojansC.sbi (*)
2007-12-24 Plugins\TCPIPAddress.dll


SSD is running from a Scheduled Task under the same account I use Firefox under, with the command line

"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /AUTOCHECK /AUTOFIX /AUTOCLOSE

(Every three days it runs the update with

"C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /AUTOUPDATE /AUTOIMMUNIZE /AUTOCLOSE
)


The cookies were also deleted by SSD 1.4, but only if it found other cookies to delete. In those cases, I'd restore Cookies.txt from the nightly backup and delete the offending entry myself (and add it to the exceptions list so it won't be picked up again).

Tech support's answer was to make sure Tracks.uti was unchecked in File Sets, but it is not and has never been checked. Since it's free, I don't want to bug them too much if others have already found a way to stop it from needlessly messing with my cookies. Any ideas?

P.S. I did try using the forum search before posting, but whenever I managed to get those image verification images correct it would just drop me at a blank page. So, I searched through several pages of topics instead.

cuteswan
2008-02-16, 18:38
Ironically enough, it's wiping out my cookies for this forum as well. :)

#HttpOnly_forums.spybot.info/snluserid
#HttpOnly_forums.spybot.info/snlpassword

Now it's even harder to believe that no one else has encountered this problem. Is there some obscure Firefox option to force #HttpOnly cookies to be stored as plain ones that I should be using?

cuteswan
2008-02-28, 14:39
I've given up and downgraded to version 1.4.

It still has the bug but will only mess up my cookies whenever it actually finds a bad one. At least I won't have to restore the file every single day (which happens under 1.5.2 even when I tell SSD not to check cookies at all).