have I been hacked on Chrome browser?

Page 5 of 6 FirstFirst ... 3456 LastLast

  1. Posts : 1,413
    Windows 7 Home Premium 64Bit
       #41

    i was referring to the delete part of roguekiller, As for the trojan, i found several trojans with similar names but not the exact name of the one found in your system, i then done a search into "Ticket.Zip" Do you know what it is?
    From what i read it can be a spam email that people pretending to be airlines can send you with the option to download your flight ticket, thats all i could gather on it, perhaps another member could shed some light.
      My Computer


  2. Posts : 705
    Windows 7 Ultimate x64
    Thread Starter
       #42

    I have no recollection of what ticket.zip was or came from, none at all.
    I searched our email accounts and nothing comes up.
      My Computer


  3. Posts : 1,413
    Windows 7 Home Premium 64Bit
       #43

    C:\Users\Tricia\Pictures\Downloads look in there and see if its still there.
      My Computer


  4. Posts : 705
    Windows 7 Ultimate x64
    Thread Starter
       #44

    I looked, it is gone.
      My Computer


  5. Posts : 1,413
    Windows 7 Home Premium 64Bit
       #45

    Looks like we could be done here for the moment, If there are any further problems, please post back here in this thread, thank you for your time and co-operation. Take care
    Michael
      My Computer

  6.    #46

    Are you monitoring your browser Add-On's in its tools tab to assure that only Flash player is enabled? This is where I start. Nothing else is really needed unless you know for sure it's required to display a page in your browser, like a Reader.

    Then visit Control Panel>Programs and Features to see that only programs you know and use are installed. Uninstall all others - google or ask back first if unsure.

    Next establish a Clean Boot from Troubleshooting Steps for Windows 7 for best performance.

    Once MBAM reports back after a full Updated scan to be clean, I always run SUPERAntiSpyware to root out any spyware from the registry where it can hide even if you uninstall it in Programs and features.

    Most important is to have a perfect baseline install and use only the tools and methods which work best for Win7, which are compiled in these same steps for Clean Reinstall - Factory OEM Windows 7.
      My Computer


  7. Posts : 705
    Windows 7 Ultimate x64
    Thread Starter
       #47

    With Chrome, I had it synced with my other PCs.
    So in the tools, they all have the same ones enabled.
    And lots of them.
    I reinstalled chrome and it is not synced. Chrome wants me to log in.
    Do you think syncing chrome across multiple pcs is an issue?
    Attached Thumbnails Attached Thumbnails have I been hacked on Chrome browser?-tools1.png   have I been hacked on Chrome browser?-tools2.png  
      My Computer


  8. Posts : 705
    Windows 7 Ultimate x64
    Thread Starter
       #48

    So far superantispyware says it has found 93 threats, mostly tracking and one trojan.agent.
    Attached Thumbnails Attached Thumbnails have I been hacked on Chrome browser?-sas1.png  
      My Computer


  9. Posts : 705
    Windows 7 Ultimate x64
    Thread Starter
       #49

    Log
    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 02/14/2014 at 01:50 PM

    Application Version : 5.7.1018

    Core Rules Database Version : 11041
    Trace Rules Database Version: 8853

    Scan type : Quick Scan
    Total Scan Time : 00:08:53

    Operating System Information
    Windows 7 Ultimate 32-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 875
    Memory threats detected : 0
    Registry items scanned : 29693
    Registry threats detected : 0
    File items scanned : 10110
    File threats detected : 93

    Adware.Tracking Cookie
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\tricia@apmebf[1].txt [ /apmebf ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\tricia@mediaplex[1].txt [ /mediaplex ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\XQS0MGYL.txt [ /serving-sys.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\3R111W3L.txt [ /www.googleadservices.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\0K9US7X6.txt [ /c.atdmt.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\SI10WRJU.txt [ /revsci.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\MJ45RN34.txt [ /accounts.google.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\RTV6MIZ6.txt [ /demandmedia.trc.taboola.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\9GVS4F80.txt [ /doubleclick.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\BKKLLYW2.txt [ /nwpc.revenuewire.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\AMR6OG6V.txt [ /demandmedia.trc.taboola.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\JT3B4EN2.txt [ /dmtracker.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\W90YCQWA.txt [ /accounts.google.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\V8Y1JJN6.txt [ /interclick.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\E493RCWY.txt [ /microsoftsto.112.2o7.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q73YVRM4.txt [ /mediaplex.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\5XCNAKSW.txt [ /media6degrees.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\7BTX93JV.txt [ /serving-sys.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\615UQWYK.txt [ /zedo.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\DG2H73NR.txt [ /ru4.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\U4Y9ZRVJ.txt [ /ads.pubmatic.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@h.atdmt[2].txt [ /h.atdmt.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\8BEYCMOK.txt [ /pointroll.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z4S0X9R6.txt [ /advertising.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@www.googleadservices[1].txt [ /www.googleadservices.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\4IGR4XS5.txt [ /adtechus.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\CJVEI5S7.txt [ /survey.g.doubleclick.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\WA9Q4M7F.txt [ /media.adfrontiers.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\W3G1NCCB.txt [ /ads.pointroll.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@statcounter[1].txt [ /statcounter.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@tribalfusion[2].txt [ /tribalfusion.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z00ZH6WY.txt [ /lucidmedia.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\V83ABE6G.txt [ /fastclick.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\BB6HX20V.txt [ /c1.adform.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZKPNBR38.txt [ /c.atdmt.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\56PKGP2N.txt [ /revsci.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\SOOGKD2U.txt [ /imrworldwide.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\T3CUEZLQ.txt [ /demandmedia.trc.taboola.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\MS4LGKAC.txt [ /adform.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\J5L5KZC7.txt [ /doubleclick.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\2P8MPJJL.txt [ /ads.yahoo.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\1TSXRILB.txt [ /collective-media.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\VMHRUBY9.txt [ /overture.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\PRM1P1NH.txt [ /smartadserver.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\5UZXWB6C.txt [ /demandmedia.trc.taboola.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\5E9RPX0B.txt [ /questionmarket.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\C0DE8VUK.txt [ /www.burstnet.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y4DBC5UZ.txt [ /dmtracker.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\CMJ7YY1B.txt [ /atdmt.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\83PUTEGA.txt [ /interclick.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\I7WVXI6T.txt [ /track.adform.net ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@c1.atdmt[2].txt [ /c1.atdmt.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\IISILUR4.txt [ /casalemedia.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@at.atwola[1].txt [ /at.atwola.com ]
    C:\Users\Tricia\AppData\Roaming\Microsoft\Windows\Cookies\Low\tricia@specificclick[1].txt [ /specificclick.net ]
    .imrworldwide.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    statse.webtrendslive.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .eyeviewads.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .insightexpressai.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ads.pointroll.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .collective-media.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\TRICIA\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

    Trojan.Agent/Gen-Tracur
    C:\WINDOWS\SYSTEM32\DISCHANDLER.EXE
    Attached Thumbnails Attached Thumbnails have I been hacked on Chrome browser?-sas2.png  
      My Computer


  10. Posts : 705
    Windows 7 Ultimate x64
    Thread Starter
       #50

    C:\WINDOWS\SYSTEM32\DISCHANDLER.EXE is supposedly part of the klite codec pack, so supposedly not a trojan.

    should i be worried?

    http://www.pcpitstop.com/libraries/p...ndler.exe.html

    So is it or isn't it.:)

    I deleted it anyway. I can always reinstall klite codec pack.
      My Computer


 
Page 5 of 6 FirstFirst ... 3456 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:46.
Find Us