Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: have I been hacked on Chrome browser?

14 Feb 2014   #41
Devlin1888

Windows 7 Home Premium 64Bit
 
 

i was referring to the delete part of roguekiller, As for the trojan, i found several trojans with similar names but not the exact name of the one found in your system, i then done a search into "Ticket.Zip" Do you know what it is?
From what i read it can be a spam email that people pretending to be airlines can send you with the option to download your flight ticket, thats all i could gather on it, perhaps another member could shed some light.


My System SpecsSystem Spec
.
14 Feb 2014   #42
sdowney717

Windows 7 Ultimate x64
 
 

I have no recollection of what ticket.zip was or came from, none at all.
I searched our email accounts and nothing comes up.
My System SpecsSystem Spec
14 Feb 2014   #43
Devlin1888

Windows 7 Home Premium 64Bit
 
 

C:\Users\Tricia\Pictures\Downloads look in there and see if its still there.
My System SpecsSystem Spec
.

14 Feb 2014   #44
sdowney717

Windows 7 Ultimate x64
 
 

I looked, it is gone.
My System SpecsSystem Spec
14 Feb 2014   #45
Devlin1888

Windows 7 Home Premium 64Bit
 
 

Looks like we could be done here for the moment, If there are any further problems, please post back here in this thread, thank you for your time and co-operation. Take care
Michael
My System SpecsSystem Spec
14 Feb 2014   #46
gregrocker

 

Are you monitoring your browser Add-On's in its tools tab to assure that only Flash player is enabled? This is where I start. Nothing else is really needed unless you know for sure it's required to display a page in your browser, like a Reader.

Then visit Control Panel>Programs and Features to see that only programs you know and use are installed. Uninstall all others - google or ask back first if unsure.

Next establish a Clean Boot from Troubleshooting Steps for Windows 7 for best performance.

Once MBAM reports back after a full Updated scan to be clean, I always run SUPERAntiSpyware to root out any spyware from the registry where it can hide even if you uninstall it in Programs and features.

Most important is to have a perfect baseline install and use only the tools and methods which work best for Win7, which are compiled in these same steps for Clean Reinstall - Factory OEM Windows 7.
My System SpecsSystem Spec
14 Feb 2014   #47
sdowney717

Windows 7 Ultimate x64
 
 

With Chrome, I had it synced with my other PCs.
So in the tools, they all have the same ones enabled.
And lots of them.
I reinstalled chrome and it is not synced. Chrome wants me to log in.
Do you think syncing chrome across multiple pcs is an issue?


Attached Thumbnails
have I been hacked on Chrome browser?-tools1.png   have I been hacked on Chrome browser?-tools2.png  
My System SpecsSystem Spec
14 Feb 2014   #48
sdowney717

Windows 7 Ultimate x64
 
 

So far superantispyware says it has found 93 threats, mostly tracking and one trojan.agent.


Attached Images
have I been hacked on Chrome browser?-sas1.png 
My System SpecsSystem Spec
14 Feb 2014   #49
sdowney717

Windows 7 Ultimate x64
 
 

Log
Quote:
SUPERAntiSpyware Scan Log
SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

Generated 02/14/2014 at 01:50 PM

Application Version : 5.7.1018

Core Rules Database Version : 11041
Trace Rules Database Version: 8853

Scan type : Quick Scan
Total Scan Time : 00:08:53

Operating System Information
Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 875
Memory threats detected : 0
Registry items scanned : 29693
Registry threats detected : 0
File items scanned : 10110
File threats detected : 93

Adware.Tracking Cookie
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\tricia@apmebf[1].txt [ /apmebf ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\tricia@mediaplex[1].txt [ /mediaplex ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\XQS0MGYL.txt [ /serving-sys.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\3R111W3L.txt [ /www.googleadservices.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\0K9US7X6.txt [ /c.atdmt.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\SI10WRJU.txt [ /revsci.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\MJ45RN34.txt [ /accounts.google.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\RTV6MIZ6.txt [ /demandmedia.trc.taboola.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\9GVS4F80.txt [ /doubleclick.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\BKKLLYW2.txt [ /nwpc.revenuewire.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\AMR6OG6V.txt [ /demandmedia.trc.taboola.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\JT3B4EN2.txt [ /dmtracker.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\W90YCQWA.txt [ /accounts.google.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\V8Y1JJN6.txt [ /interclick.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\E493RCWY.txt [ /microsoftsto.112.2o7.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q73YVRM4.txt [ /mediaplex.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\5XCNAKSW.txt [ /media6degrees.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\7BTX93JV.txt [ /serving-sys.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\615UQWYK.txt [ /zedo.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\DG2H73NR.txt [ /ru4.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\U4Y9ZRVJ.txt [ /ads.pubmatic.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@h.atdmt[2].txt [ /h.atdmt.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\8BEYCMOK.txt [ /pointroll.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z4S0X9R6.txt [ /advertising.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@www.googleadservices[1].txt [ /www.googleadservices.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\4IGR4XS5.txt [ /adtechus.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\CJVEI5S7.txt [ /survey.g.doubleclick.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\WA9Q4M7F.txt [ /media.adfrontiers.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\W3G1NCCB.txt [ /ads.pointroll.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@statcounter[1].txt [ /statcounter.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@tribalfusion[2].txt [ /tribalfusion.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z00ZH6WY.txt [ /lucidmedia.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\V83ABE6G.txt [ /fastclick.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\BB6HX20V.txt [ /c1.adform.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZKPNBR38.txt [ /c.atdmt.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\56PKGP2N.txt [ /revsci.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\SOOGKD2U.txt [ /imrworldwide.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\T3CUEZLQ.txt [ /demandmedia.trc.taboola.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\MS4LGKAC.txt [ /adform.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\J5L5KZC7.txt [ /doubleclick.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\2P8MPJJL.txt [ /ads.yahoo.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\1TSXRILB.txt [ /collective-media.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\VMHRUBY9.txt [ /overture.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\PRM1P1NH.txt [ /smartadserver.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\5UZXWB6C.txt [ /demandmedia.trc.taboola.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\5E9RPX0B.txt [ /questionmarket.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\C0DE8VUK.txt [ /www.burstnet.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y4DBC5UZ.txt [ /dmtracker.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\CMJ7YY1B.txt [ /atdmt.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\83PUTEGA.txt [ /interclick.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\I7WVXI6T.txt [ /track.adform.net ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@c1.atdmt[2].txt [ /c1.atdmt.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\IISILUR4.txt [ /casalemedia.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@at.atwola[1].txt [ /at.atwola.com ]
C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@specificclick[1].txt [ /specificclick.net ]
.imrworldwide.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
statse.webtrendslive.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyeviewads.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

Trojan.Agent/Gen-Tracur
C:\WINDOWS\SYSTEM32\DISCHANDLER.EXE


Attached Images
have I been hacked on Chrome browser?-sas2.png 
My System SpecsSystem Spec
14 Feb 2014   #50
sdowney717

Windows 7 Ultimate x64
 
 

C:\WINDOWS\SYSTEM32\DISCHANDLER.EXE is supposedly part of the klite codec pack, so supposedly not a trojan.

should i be worried?

http://www.pcpitstop.com/libraries/p...ndler.exe.html

So is it or isn't it.

I deleted it anyway. I can always reinstall klite codec pack.
My System SpecsSystem Spec
Reply

 have I been hacked on Chrome browser?




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
google chrome browser
hi all I have windows 7 64 bit Microsoft installed ie 11 and bing bar I hate it mamaged to remove bing bar but not ie 11 trying to run google chrome it lets me download but for some reason will not run I have tried several different downloads they all will not let me sign in or run and most are...
Browsers & Mail
chrome over takes IE as No. 1 browser
Usage share of web browsers - Wikipedia, the free encyclopedia
News
Best web browser like Google chrome?
Hello, I was wondering if anyone knew about browsers similar to Google Chrome. I don't mean browsers like Safari, Firefox etc. I mean browsers that are unknown, such as Comodo Dragon and IceDragon. Thanks, -Rick Comodo Dragon Download Here.
Browsers & Mail
Typing lag in any browser IE9, Chrome or FF
We have been experiencing this behavior for some time. It happens at least once a day but only in the above mentioned browsers. All other applications like MS Office 2007 and Notepad and Wordpad work just fine. I followed someone else post who was experiencing the same issue and disabled the...
Browsers & Mail


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:31.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App