I have tracked an annoying program called c.betrad.com on my computer to Internet Explorer. The program loads onto my machine daily on startup of google. It loads a script into local-storage which I assume it runs on load-up and sends all my private stuff back to its warehouse. Thing is, I do not use IE. I deleted it from my programs list and as far as I am aware, I do not have a copy or does windows sneak IE in through the back-door.
Where is the startup for c.betrad.com lurking? I have disabled my preload folder and kept a copy of the script in local-storage (attached). I always delete my local-storage and other temp folders daily but I assume its too late for this problem. My data has been sent. I attach a snip of the storage directory. I did not use youtube or the daily telegraph either so I assume they load too.
Is there any way I can catch the data being sent. I could turn off the internet and send the stuff to a file, say.
I have turned off the run javascript in google settings.
:info: Please download SuperAntiSpyware Free Version SUPERAntiSpyware Download
Save to the Desktop
Install the program: Express Install
At the program console, click: Check for updates Once the update is finished, on the main screen, Check: Quick Scan Next, click: Scan your computer
Superantispyware scans the computer, and when finished, lists whatever is found.
Make sure everything found has a check next to it, and let the scanner fix it.
Obtain the SuperAntiSpyware report by clicking the following at the main program console: View Scan Logs Double-click the log shown, and it opens in Notepad.
:ar: Please copy the information in the SuperAntiSpyware log and post in your reply.
One of the other things you can try is clearing the cookies and other offline content by going into the Tools/Internet/Browsing history options and checking off the Delete browsing history on exit box along with the Delete button to clear things out.
Switching home pages from Google to Bing will help on top of that since Google is known for adwares/adbots. That particular site isn't good but not any immediate threat just to let you know however. It comes up flagged at various security and antivirus support sites and appears to be a site that was shutdown. http://support.clean-mx.de/clean-mx/viruses.php?domain=betrad.com
You may want to check the Programs & Features as well as the IE addons to see if it shows up there at all since it will likely be ignored by most antispyware/antivirus programs as a rule since no malwares are evident.
W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 Pro
CPU
AMD Phenom II X4 975 Deneb 3.6ghz - 965 2nd remote pc
Motherboard
Gigabyte GA-790XTA-UD4-Gigabyte GA-880GM-D2H remote pc
Memory
Kingston Hyper X DDR3 1600 1.5v 16gb - Hyper X Fury 8gb 2nd
Graphics Card(s)
MSI HD Radeon 5750 1gb - MSI HD Radeon 6450 on mini tower
Sound Card
Creative Labs X-Fi Xtreme Audio P - Realtek onooard 2nd case
Monitor(s) Displays
ASUS VW199T-P 19" HP 2082a Main-HP 2082a 20" remote pc
Screen Resolution
Asus 1440x900 - HP 1600x900
Hard Drives
WD Black 1TB HD per OS W7, W10, and pending W11 presently on 500gb OS Drive - Pending Triple 1TB HDs for Spanned Storage/backup volume
Single 2TB external USB enclosure, single 1TB System 7 Host/Boot drive, Pending 8TB external HD for system image b
PSU
Corsair 750TX - primary / Corsair CX600 - second
Case
Antec 900-2 - SSD compatible / NZXT Vulcan mini tower
I deleted my preload history, cookies and ALL the temp files; set my browser to no script and betrad has not appeared today. If it appears I will do your suggestions.
Thank you for the advice and its good to know that betrad is no longer working. Maybe my data was not 'copied'.
Sounds like a minor intrusion and you know you are glad not to be seeing it. Sometimes the offline browsing history can act like favorites/bookmarks depending on the browser being used and needs to be cleared out entirely. Your browsing habits collected for marketing usually turn out to be the cookies which reveal the sites you visit and should be dumped every so often to avoid "bugs" of one type or another.
W7 Ultimate x64/W10 Pro x64/W11 Pro Triple Boot - Main PC W7 Remote PC Micro ATX W7 Pro x64/W11 Pro
CPU
AMD Phenom II X4 975 Deneb 3.6ghz - 965 2nd remote pc
Motherboard
Gigabyte GA-790XTA-UD4-Gigabyte GA-880GM-D2H remote pc
Memory
Kingston Hyper X DDR3 1600 1.5v 16gb - Hyper X Fury 8gb 2nd
Graphics Card(s)
MSI HD Radeon 5750 1gb - MSI HD Radeon 6450 on mini tower
Sound Card
Creative Labs X-Fi Xtreme Audio P - Realtek onooard 2nd case
Monitor(s) Displays
ASUS VW199T-P 19" HP 2082a Main-HP 2082a 20" remote pc
Screen Resolution
Asus 1440x900 - HP 1600x900
Hard Drives
WD Black 1TB HD per OS W7, W10, and pending W11 presently on 500gb OS Drive - Pending Triple 1TB HDs for Spanned Storage/backup volume
Single 2TB external USB enclosure, single 1TB System 7 Host/Boot drive, Pending 8TB external HD for system image b
PSU
Corsair 750TX - primary / Corsair CX600 - second
Case
Antec 900-2 - SSD compatible / NZXT Vulcan mini tower
Thanks for the Forum help. Found on a search for "betrad".
Just wanted to post a little more info I found. I could not rid my computer of c.betrad cookie.
Searched computer and found betrad in:
C:\Users\DavidJ\AppData\Local\Packages\windows_ie_ac_001\AC\Microsoft\Internet Explorer\DOMStore\3WR66FJC - Replace "davidj" above with your username.
Could only delete it from there.
You need to check the "show hidden files" to see app data.
But even with show hidden files, I could not manually go to the above folder. Inside the Internet Explorer folder showed nothing. Only showed when I searched for the file in my entire pc.
Seams to store itself away from any cookie removal tools. CCleaner and ADWCleaner did not remove it.
In Internet explorer 11, tools/internet options/advanced
uncheck Load sites and content in the background and
uncheck enable dom storage(mine was unchecked but it still loaded the c.betrad)
Thanks again for the help, hope this helps someone else.
) 
