Prevx secret Persistent Cookie !

Well it might not be a secret to some people, but i wonder how many know about it, and it is Persistent. On every boot it's always there !

As this PPC is placed in, Documents and Settings/LocalService/Cookies it might be missed by some cleaners, but not mine



I'm NOT saying anything dodgy is happening, just wondered what it's for, and why it Always gets created on boot ?

TIA

 

How odd. I just did a search for *prevx*.txt and nothing came up. Secondly, no LocalService folder either. I am on XP.

 

Didn't come up on mine either, win7 x64.

 

Hmmm, I don't have this either and am not sure why it would have been saved there. I'd certainly be interested in any feedback from other users or if it comes back after deleting it!

 

I have one here:
Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\system@prevx[1].txt

will try to remember to check if it reappears on next reboot.

Edit: It did not reappear on the last reboot.

 

@ PrevxHelp

What's it for anyway ?

 

Perhaps to identify client (both free and paid) and facilitate communication with servers

 

I don't have that either. There is no 'Roaming' within AppData.

 

I have it right there in exact that path.

Inside cookie there are 9 lines, first line is : PXRouteCookie , other lines are some numbers.

Interesting

 

I don't even have a Cookies Folder in my path? Win 7 32bit and also not on Win 7 64bit.

TH

 

In folder options ->view tab-> uncheck 'Hide protected operating system files.'

I have no Prevx cookie in there though.

 

i have two cookies there (win7-32bit):

C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies

system at prevx[1].txt
username-pc$ at prevx[1].txt

and prevx is not installed now.

 

Our web guys think this is created automatically by the network connection althouggh frankly we don't know why. We're looking into preventing this from happening - thank you for the information!

 

Thanks I thought I had that Unchecked! But I have many and the last is from July!

TH



Info from the last Cookie!

 

__________________

 

Could anyone let me know if they see a cookie in there recently? I've checked and don't have any cookies here at all but it apparently came from database communication for SafeOnline taking place outside of the normal user process so the underlying OS attached it to the system profile.

I don't claim to be omniscient or have any control over what the OS does behind the scenes This cookie is not being explicitly written by Prevx, rather, by an underlying process within the OS that is saving cookies when they're sent in-stream.

 

______________

 

Here's mine-
I have Prevx paid w/ safe online

 

Your last one is in July like mine!

TH

 

No matter the date of creation, if you edit Prevx Cookies you can see:

1. Cookie is Available to: prevx.com/
2. Created: 10/18/2010 10:23:08 AM
3. Expires: 10/17/2011 09:23:00 PM
4. Lifetime 363 days 2 hours 23 minutes 10 seconds

If value is hashed using a private key it is part of the cookie standard that
cookies only be readable by creator, in this case Previx.

Otherwise any site could look at all of your cookies and use them to track you.
That can be read by any affiliate of a website advertiser. Doubleclick for example.

Bad enough that there are cookies from security comp. Security through obscurity.

Vote for the declaration of the day:

______________

 

From Win 7 64bit!

TH

 

The reason why I said it isn't being explicitly written by Prevx is because... it isn't being explicitly written by Prevx These cookies are created not under the browser's normal cookie cache but rather under the system account. The underlying communication libraries are writing these cookies - they don't serve any purpose when in the folder that CloneRanger pointed out as a browser can't read it back.

However, we do indeed have a normal prevx.com cookie which is written by our website and only contains information internal to our website (i.e. customer support conversation information, MyPrevx information, etc).

Virtually every security company has cookies (I haven't found one that doesn't). You can easily delete these if wanted, and the ones created under the folder in the thread can be removed without a problem and, as I've said, are not actually read by anything.

 

They are logging all PCS to stop terrorism, that,s why there is free version of SOL. I know it since long.

 

Yeah, another shell company used by the CIA
And I was wondering why is upload at max when PC is on idle

Darn it, now I must search all hard drives for files containing prevx in filename and after that to search content in every file for string prevx

 

1 - What CL's would be doing that ?

2 - How exactly ?

3 - Why ?

So what's the purpose of them ?

*

Re CIA snooping etc, so that's why i get soooooooo many DOD & other Very dodgy FW probes Every day