Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


persistent nuisance tracking cookie - minadvertising

  • Please log in to reply
1 reply to this topic

#1 The Feet

The Feet

  • Members
  • 31 posts
  • Gender:Not Telling
  • Local time:08:25 AM

Posted 09 January 2015 - 09:53 AM

Hi Folks
I'm not sure where to post this thread so forgive me if this is the wrong
section of the forum.

Has anybody else come across this tracking cookie ?
It gets regularly picked up and deleted by Super AntiSpyware.
I'm not a particular fan of this malware tool , and much prefer MalwareBytes ,
but it DOES pick up some tracking cookies that MBAM misses.

It also appears as "ad.minadvertising.com"
Before posting this , I searched on various forums and the internet generally , to try and
find some clue as to which sites I visit regularly that could be delivering it , and I found nothing.

I've tried to block it on a browser by browser basis but it still keeps coming back.
I've now tracked it down to the Internet Explorer cookies folder but the weird thing is
that I've disabled IE some time ago and cleared everything out with PrivaZer.

I'm thinking that maybe it constantly re-appears because some other software is still using IE in a
"phone-home" type of situation , and running it in the background.

Anybody got any hints or tips to stomp this thing out of existence    [ at least on MY computer :devil: clear.png ]     ?

Thanks !

Edited by hamluis, 09 January 2015 - 11:24 AM.
Moved from Gen Security to Am I Infected - Hamluis.

BC AdBot (Login to Remove)


#2 quietman7


    Bleepin' Janitor

  • Global Moderator
  • 52,090 posts
  • Gender:Male
  • Location:Virginia, USA
  • Local time:02:25 AM

Posted 09 January 2015 - 03:07 PM

Malwarebytes intentionally does not search for and remove cookies because they pose no significant threat...it has more important things to look for.

We do not detect or remove cookies as they are not considered a malware threat to your system. There are plenty of 3rd party programs to remove or you can even have most browsers automatically remove if you like.

Malwarebytes forum, Post #2 by AdvancedSetup (Root Admin)

Cookies are text string messages given to a Web browser by a Web server. Whenever you visit a web page or navigate different pages with your browser, the web site generates a unique ID number which your browser stores in a text (cookie) file that is sent back to the server each time the browser requests a page from that server. Cookies allow third-party providers such as ad serving networks, spyware or adware providers to track personal information.

Cookies are NOT a "threat" in the typical sense we think of malware infection. As text files, cookies are inherently harmless and cannot be executed to cause any damage. Cookies do not cause any pop ups or install malware and they cannot erase or read information from a computer.

Cookies cannot be used to run code (run programs) or to deliver viruses to your computer. The purpose of a cookie is to tell the Web server that you have returned to a specific Web page.

Microsoft's Description of Cookies

Cookies are short pieces of data used by web servers to help identify web users. The popular concepts and rumors about what a cookie can do has reached almost mystical proportions, frightening users and worrying their managers.

Do cookies pose a security risk?

The primary purpose of cookies is to identify users and prepare customized web pages for them. There are two different types of cookies.

  • Persistent cookies have expiration dates set by the Web server when it passes the cookie and are stored on a user's hard drive until they expire or are deleted. These types of cookies are used to store information between visits to a site and collect identifying information about the user such as surfing behavior or preferences for a specific web site.
  • Session cookies (transient or Non-persistent cookies) cookies are not saved to the hard drive, do not collect any information and have no set expiration date. They are used to temporarily hold information in the form of a session identification stored in memory as you browse web pages. These types of cookies are cached only while a user is visiting the Web server issuing the session cookie and are deleted from the cache when the user closes the session.

Cookies can be categorized as:

  • Trusted cookies are from sites you trust, use often, and want to be able to identify and personalize content for you.
  • Nuisance cookies are from those sites you do not recognize or often use but somehow it's put a cookie on your machine.
  • Bad cookies (i.e. persistent cookies, long term and third party tracking cookies) are those that can be linked to an ad company or something that tracks your movements across the web.

The type of persistent cookie that is a cause for some concern are "tracking cookies" because they can be considered a privacy risk. These types of cookies are used to track your Web browsing habits...your movement from site to site. Ad companies use them to record your activity on all sites where they have placed ads. They can keep count of how many times you visited a web page, store your username and password so you don't have to log in and retain your custom settings. When you visit one of these sites, a cookie is placed on your computer. Each time you visit another site that hosts one of their ads, that same cookie is read, and soon they have assembled a list of which of their sites you have visited and which of their ads that you have clicked on. Cookies are used all over the Internet and advertisement companies often plant them whenever your browser loads one of their banners.

Flash cookies (or Local Shared Objects) and Evercookies are a newer way of tracking user behavior and surfing habits but they too are not a threat, and cannot harm your computer.

An Evercookie is a Javascript-based application which creates Zombie cookies that can be used to identify a user even after they have removed standard and Flash cookies. This is accomplished by creating a new cookie and storing the data in as many storage locations (currently eight) as it can find on the local browser. Storage mechanisms range from Standard HTTP and Flash cookies to HTML5's new storage methods. When evercookie finds that other types of cookies have been removed, it recreates them so they can be reused over and over.

Flash cookies are cookie-like data stored on a computer and used by all versions of Adobe Flash Player and similar applications. They can store much more information than traditional browser cookies and they are typically stored within each user’s Application Data directory with a ".SOL" extension, under the Macromedia\FlashPlayer\#SharedObjects folder. Unlike traditional cookies, Flash cookies cannot be managed through browser controls so they are more difficult to find and remove. However, they can be viewed, managed and deleted using the Website Storage Settings panel at Macromedia's Support Site. From this panel, you can change storage settings for a website, delete a specific website or delete all sites which erases any information that may have been stored on the computer. To prevent any Flash Cookies from being stored on your computer, go to the Global Storage Settings panel and uncheck the option “Allow third-party Flash content to store data on your computer”. For more information, please refer to:

However, new research has disclosed that cookies can be used to allow remote attackers to bypass a secure protocol (HTTPS) and reveal private session information, and that modern browsers currently provide no protection against the attack vector. A cookie injection attack can be mounted by man-in-the-middle attackers who set cookies throughout their invasive session allowing them to facilitate the disclosure of any private data being transmitted in the session.

As long as you surf the Internet, you are going to get cookies and some of your security programs will flag them for removal. Anti-malware scanners have more important things to look for, so I would recommend disabling the option to search for cookies which will also decrease the amount of time it takes to perform a scan. You can minimize the number of cookies which are stored on your computer by using tools like SpywareBlaster, WinPatrol’s Cookie Manager and Ghostery, a browser tool which allows you to block beacons, trackers, advertising, analytics, widgets and cookies.

More resources in these articles...

Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users