Jump to content


Photo

What is C:\Windows\Prefetch and C:\Windows\Update.exe?


  • Please log in to reply
29 replies to this topic

#1 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 15 July 2013 - 09:55 PM

My Superantispyware says that I have 4 infected files that should be deleted immediately.

 

 

Two are C:\Windows\Temp\(random letters and numbers).exe

 

Two are C:\Windows\Prefetch\Update(numbers and letters).exe

 

Then I have 126 cookies that were detected...

 

I need help, I need to know if my computer is under attack?

 

 

Thanks

 

 

~Goodwill44.

 

 



#2 GuiltySpark

GuiltySpark

    Volunteer Mod

  • Moderators
  • 999 posts
  • LocationThe Space Between Two Points

Posted 15 July 2013 - 10:05 PM

Hi Goodwill44,

 

Can you post the scan log here please.


                                                                                                           Using No Way - As Way, Having No Limitation - As Limitation.


                                                                                                                         Techstep123                            http://tgigeeks.net/

 

                                                                                                                         Anonysome Emporium                                T.I.M


#3 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 15 July 2013 - 10:17 PM

SUPERAntiSpyware Scan Log
 
Generated 07/15/2013 at 05:32 PM
 
Application Version : 5.6.1020
 
Core Rules Database Version : 10611
Trace Rules Database Version: 8423
 
Scan type       : Complete Scan
Total Scan Time : 00:53:24
 
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator
 
Memory items scanned      : 456
Memory threats detected   : 0
Registry items scanned    : 71572
Registry threats detected : 0
File items scanned        : 62400
File threats detected     : 131
 
Adware.Tracking Cookie
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\brandon@xxxxxx[2].txt [ /xxxxxxxx ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\88EBJKHA.txt [ /insightexpressai.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\JJEHXKA4.txt [ /ru4.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\A19VSYRO.txt [ /network.realmedia.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\VHO9A0MZ.txt [ /lucidmedia.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\13KF0XO1.txt [ /casalemedia.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\1F8A2IWE.txt [ /fastclick.net ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\2MIGMJ54.txt [ /ads.pubmatic.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\1O2JWNHN.txt [ /revsci.net ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\9XREGM94.txt [ /questionmarket.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\6VLA3YG3.txt [ /specificclick.net ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\UK9OIPIO.txt [ /ads.bridgetrack.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\06EP5YGZ.txt [ /mediaplex.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\XPRF5GXI.txt [ /zedo.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\1HDFFLKM.txt [ /doubleclick.net ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\AI46W3FT.txt [ /media.adfrontiers.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\LCKXWVX4.txt [ /clickbooth.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\D97QTQCR.txt [ /bs.serving-sys.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\IKD251HD.txt [ /mshakers.rotator.hadj7.adjuggler.net ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\9IDVFNCD.txt [ /t.pointroll.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\EGKM2WYM.txt [ /ads.adk2.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\98ES3I1V.txt [ /ads.creative-serving.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\XM3BD2NS.txt [ /tribalfusion.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\4PW8PWGE.txt [ /pointroll.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\W11KIVT8.txt [ /pro-market.net ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\N9D8WY0V.txt [ /burstnet.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\YZC0EUI4.txt [ /c.atdmt.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\Q67W19X0.txt [ /ad.360yield.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\CJFYRYND.txt [ /ar.atwola.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\HGK1SLJB.txt [ /realmedia.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\Y2X8AU04.txt [ /ads.p161.net ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\9E2VVBPN.txt [ /ad.mlnadvertising.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\LMALVMSH.txt [ /interclick.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\I3MQNA6X.txt [ /atwola.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\EUUHOBM6.txt [ /invitemedia.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\CS1UDJBV.txt [ /ads.us.e-planning.net ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\JNP0RWIS.txt [ /at.atwola.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\C8KK33JI.txt [ /media6degrees.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\MY0406K3.txt [ /collective-media.net ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\A75SYXLO.txt [ /ads.undertone.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\RWQT74IB.txt [ /ad.yieldmanager.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\30JZS6G8.txt [ /apmebf.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\64IA3Q0B.txt [ /a.intentmedia.net ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\G2ZOKUSF.txt [ /track.adform.net ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\BD1B4U49.txt [ /247realmedia.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\0AGZD2DE.txt [ /tacoda.at.atwola.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\GD3P0AHK.txt [ /a1.interclick.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\U0PRZCRM.txt [ /serving-sys.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\H7KR0CWG.txt [ /adtechus.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\GAK6UP6M.txt [ /ads.pointroll.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\24NB799Y.txt [ /advertising.com ]
C:\Users\brandon\AppData\Roaming\Microsoft\Windows\Cookies\41F9275V.txt [ /www.burstnet.com ]
.doubleclick.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.timeinc.122.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
findnsave.ledger-enquirer.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.estat.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.msnbc.112.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjlyeiazceo.stats.esomniture.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjlyghdpcfo.stats.esomniture.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
pulse-analytics-beacon.reutersmedia.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
media.gsimedia.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.usnews.122.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.warnerbros.112.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
pjmedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.leeenterprises.112.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.solvemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
de.sitestat.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nhl.112.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.survey.g.doubleclick.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nakedcelebgallery.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
insight.torbit.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.s.clickability.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sonygs.112.2o7.net [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\BRANDON\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
core.insightexpressai.com [ C:\USERS\BRANDON\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\6X9AJ33N ]
C:\USERS\BRANDON\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BRANDON@APMEBF[1].TXT [ /APMEBF ]
C:\USERS\BRANDON\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\BRANDON@REVSCI[1].TXT [ /REVSCI ]
 
Adware.Somoto
C:\USERS\BRANDON\DOWNLOADS\CHEATENGINE62.EXE
 
Trojan.Dropper/Win-NV
C:\WINDOWS\TEMP\3653B14C-5A82-412D-88FA-D531185DFABD\UPDATE.EXE
C:\WINDOWS\TEMP\A0F751FB-10C2-4B87-8594-7D77422EC057\UPDATE.EXE
C:\Windows\Prefetch\UPDATE.EXE-416143E6.pf
C:\Windows\Prefetch\UPDATE.EXE-EB004BFD.pf
 
 
I have Adblock and WOT, I dont see how they track my cookies if I cant see ads?


#4 GuiltySpark

GuiltySpark

    Volunteer Mod

  • Moderators
  • 999 posts
  • LocationThe Space Between Two Points

Posted 15 July 2013 - 10:36 PM

Cheatengine64.exe is considered questionable, however those numbered files maybe benign.

 

Best thing to do is to submit those files as a False Positive and if they are found to be harmful the Malware team will let you know.

 

As for Adblock and WOT....

 

Adblock will only block you from seeing adverts it does not prevent from tracking.

 

WOT will only give insight into good or bad rated sites.

 

If you really wish to stop tracking cookies you will have to change your browser set up.


                                                                                                           Using No Way - As Way, Having No Limitation - As Limitation.


                                                                                                                         Techstep123                            http://tgigeeks.net/

 

                                                                                                                         Anonysome Emporium                                T.I.M


#5 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 15 July 2013 - 10:41 PM

How do I do that?

 

I don't want creeps tracking my every move.

 

Is it safe to delete the Adware Cookies?



#6 GuiltySpark

GuiltySpark

    Volunteer Mod

  • Moderators
  • 999 posts
  • LocationThe Space Between Two Points

Posted 15 July 2013 - 10:46 PM

Is it safe to delete the Adware Cookies?

 

Tracking cookies are not harmful just more of an anoyance, yes it is perfectly safe to delete/remove them.

 

I don't want creeps tracking my every move.

 

Sadly a fact of life, yes even with TOR believe it or not.

 

How do I do that?

 

Not sure what you're referring to ?


                                                                                                           Using No Way - As Way, Having No Limitation - As Limitation.


                                                                                                                         Techstep123                            http://tgigeeks.net/

 

                                                                                                                         Anonysome Emporium                                T.I.M


#7 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 15 July 2013 - 10:46 PM

Also, I have a question about seth.avazutracking.net, it took me there earlier today, I've been in safe mode since.



#8 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 15 July 2013 - 10:47 PM

I was referring to how do I get people to stop tracking my cookies on google chrome?



#9 GuiltySpark

GuiltySpark

    Volunteer Mod

  • Moderators
  • 999 posts
  • LocationThe Space Between Two Points

Posted 15 July 2013 - 10:57 PM

Well one way is to stop using Google!

 

Although Google Chrome is a (slightly) different thing you will still easily be tracked, I haven't used Chrome in some time never liked it.

 

You could try incorporating Ghostery you'll be pleasantly surprised at how much "tracking" goes on "behind the scenes".

 

Also regularly cleaning out your temp files after every session with a program like CCleaner.

 

Personally I prefer PaleMoon as my browser choice and set it up for privacy and never except Third Party Cookies. I haven't had any tracking cookies even when online and running a scan with SAS.


                                                                                                           Using No Way - As Way, Having No Limitation - As Limitation.


                                                                                                                         Techstep123                            http://tgigeeks.net/

 

                                                                                                                         Anonysome Emporium                                T.I.M


#10 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 15 July 2013 - 11:01 PM

Are they free for download?

 

Can you download plug-ins on there?



#11 GuiltySpark

GuiltySpark

    Volunteer Mod

  • Moderators
  • 999 posts
  • LocationThe Space Between Two Points

Posted 15 July 2013 - 11:13 PM

All are free.

 

Ghostery is a plug-in.

 

CCleaner is a standalone cleaner (there are paid versions but you don't have to choose those ones). just run after every session, make sure you look at the tabs and check what you wish to check.

[attachment=380:ccle.PNG]

 

[attachment=381:apps.PNG]

 

PaleMoon is a browser (mozilla based Gecko engine slimmed down with less bells and whistles).

 

 


                                                                                                           Using No Way - As Way, Having No Limitation - As Limitation.


                                                                                                                         Techstep123                            http://tgigeeks.net/

 

                                                                                                                         Anonysome Emporium                                T.I.M


#12 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 15 July 2013 - 11:14 PM

I got ghostery, already 3 on the website!

 

I still wanna know about Palemoon, but I wanna know if it's all good to get out of safemood.

 

seth.avazutracking.net popped up earlier today and I wanna know if it's safe to get out of it.



#13 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 15 July 2013 - 11:21 PM

CCleaner wants to keep my persistant logins on yahoo, is that safe?



#14 GuiltySpark

GuiltySpark

    Volunteer Mod

  • Moderators
  • 999 posts
  • LocationThe Space Between Two Points

Posted 15 July 2013 - 11:23 PM

seth.avazutracking.net adds random advertising to web pages, open up task manager and try to find a process [randomname].exe, then locate the appdata file(usually hidden by default) and remove files
%AppData%\Protector-[rnd].exe
%AppData%\result.db
%AllUsersProfile%\{random}\
%AllUsersProfile%\{random}\*.lnk

 

Then look for registry items (only use this manual method if you are comfortable dabbling ib the registry as one false move could destroy your system)

HKEY_LOCAL_

MACHINESOFTWAREClassesBrowserSeekIEHelper.DNSGuardCLSID
HKEY_LOCAL_
MACHINESOFTWAREMicrosoftInternet ExplorerToolbar “Debtpuma/ilivid Toolbar” - (or something similar)
HKEY_LOCAL_
MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}
“Debtpuma.com Toolbar” - (ilivid.com etc)
HKEY_LOCAL_
MACHINESOFTWAREClassesBrowserSeekIEHelper.DNSGuardCurVer
HKEY_LOCAL_
MACHINESOFTWAREClassesBrowserSeekIEHelper.DNSGuard.1
HKEY_LOCAL_
MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}

                                                                                                           Using No Way - As Way, Having No Limitation - As Limitation.


                                                                                                                         Techstep123                            http://tgigeeks.net/

 

                                                                                                                         Anonysome Emporium                                T.I.M


#15 GuiltySpark

GuiltySpark

    Volunteer Mod

  • Moderators
  • 999 posts
  • LocationThe Space Between Two Points

Posted 15 July 2013 - 11:25 PM

CCleaner wants to keep my persistant logins on yahoo, is that safe?

 

Depends if you want to keep your passwords/auto log ins.


                                                                                                           Using No Way - As Way, Having No Limitation - As Limitation.


                                                                                                                         Techstep123                            http://tgigeeks.net/

 

                                                                                                                         Anonysome Emporium                                T.I.M


#16 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 15 July 2013 - 11:35 PM

I couldn't find anything, is my computer infected?

 

i didn't see any randomname.exe's

 

Only my malware bytes,SuperAntiSpyware,explorer.exe(I believe that is IE),18 Chrome.exe*32,taskmngr,and winlogon (system),ccleaner,avast,dllhost.



#17 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 15 July 2013 - 11:52 PM

I believe that those were false, my Microsoft scanning tool just went through like 500k files or something and picked up nothing.

 

Still haven't found anything involving random.exe files

 

Havent found anything that contains seth.avazutracking.net



#18 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 16 July 2013 - 12:17 AM

Can I get out of safe mode? You're a good moderator and I don't wanna get hacked or phished.

 

Please help ;)



#19 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 16 July 2013 - 12:39 AM

The Trojan.Dropper/Win-NV came back again..

 

Should I file them as false reports, this is my 3rd scan and they came back.



#20 Goodwill44

Goodwill44

    Member

  • Members
  • PipPip
  • 19 posts

Posted 16 July 2013 - 01:45 AM

Still in safe mode.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users