помогите понять что оно сделало с Хромом и надо ли его "лечить"?

[Owyn]

Не знал куда именно написать раз не нужно лечить вирусы, а всего лишь настройки хрома, пишу сюда.

google chrome Версия 34.0.1847.131 m

Устанавливал программу, накликал agree - оно решило подарить мне пучок вирусо-хлама в ответ раз я такой добрый... хлам то убрал, а вот что с хромом оно сделала не понятно (и сделало ли вообще) - по виду только поиск по умолчания поменяло (исправил уже), до установки был запущен AnVir,

вот его лог:

08/11 14:33:30 window created by download-rdedit.exe RDEdit 2.4.2 08/11 14:33:43 sp-downloader.exe 1580 started by download-rdedit.exe Owyn\Admin C:\Windows\Temp\DLG\exe\conduit-ltd-great-search-protect-1.0-default\sp-downloader.exe -carrier_type=ctid -carrier_id=CT3322197 -platform=all -startpage=true -defaultsearch=true -searchrevert=true -install_time_revert=true
08/11 14:33:45 nsx3660.exe 4264 started by sp-downloader.exe Owyn\Admin C:\Windows\Temp\nsx3660.exe -carrier_type=ctid -carrier_id=CT3322197 -platform=all -startpage=true -defaultsearch=true -searchrevert=true -install_time_revert=true -sessionid=MEA98F558-EFAB-4001-9F06-436992BB9B6C -downloadlength=1155
08/11 14:33:48 WmiPrvSE.exe 5564 started by svchost.exe NT AUTHORITY\NETWORK SERVICE C:\Windows\System32\wbem\WmiPrvSE.exe
08/11 14:33:51 nsx3660.exe 2580 started by nsx3660.exe Owyn\Admin C:\Windows\Temp\nsx3660.exe -carrier_type=ctid -carrier_id=CT3322197 -platform=all -startpage=true -defaultsearch=true -searchrevert=true -install_time_revert=true -sessionid=MEA98F558-EFAB-4001-9F06-436992BB9B6C -downloadlength=1155 -orbiter
08/11 14:33:55 nsh56EA.tmp 5724 started by nsx3660.exe Owyn\Admin C:\Windows\Temp\nsh56EA.tmp -carrier_type=ctid -carrier_id=CT3322197 -platform=all -startpage=true -defaultsearch=true -searchrevert=true -install_time_revert=true -sessionid=MEA98F558-EFAB-4001-9F06-436992BB9B6C -downloadlength=1155 -installerdownloadlength=1637
08/11 14:33:57 nsx3660.exe 2580 terminated, worked 0:05, CPU 0:00 C:\Windows\Temp\nsx3660.exe
08/11 14:33:59 nsc7851.exe 1044 started by nsh56EA.tmp Owyn\Admin C:\Windows\Temp\nsc7851.exe -where=http://sp-installer.databssint.com -what={"event_type":"install_start","SP_ID":"SPC046FFDD-1249-4D05-B462-916F95176318","SP_version":"2.16.20.192","OS_name":"MicrosoftNBSPWindowsNBSP7NBSPProfessionalNBSPServiceNBSPPackNBSP1NBSP(buildNBSP7601)NBSP32-bit","OS_version":"6.1","browser":"Chrome","browser_version":"34.0.1847.131","carrier_type":"ctid","carrier_ID":"CT3322197","carrier_version":"","carrier_userid":"","carrier_UM":"","machine_ID":"TCPZKNDDVGG1UCTNGIONSDNEKM%2BJHWDCMLZ4M0ISKXJNY1PXZD2TAFZ0CM8QSWZQWX3BOBOBPHIBTPHWMATQDG","hp_takeover":"true","other_takeover":"true","environment":"","sequence_timestamp":"1407753239055","profile_number":"1","user_number":"2",NBSP"installation_session_id":"MEA98F558-EFAB-4001-9F06-436992BB9B6C",NBSP"download_length":NBSP1637,NBSP"install_type":NBSP"install",NBSP"result":NBSP"SP_RESULT",NBSP"reason":NBSP"SP_FAIL_REASON","v_env_tests":"V_ENV_TESTS_ALIAS","v_env_codes":"V_ENV_CODES_ALIAS","channel_id":NBSP"",NBSP"brand":NBSP"SP"NBSP,
08/11 14:34:01 nsc7851.exe 1044 terminated, CPU 0:00 C:\Windows\Temp\nsc7851.exe
08/11 14:34:01 ns7F83.tmp 2412 started by nsh56EA.tmp Owyn\Admin C:\Windows\Temp\nss630A.tmp\ns7F83.tmp cmd /C MKLink /D c:\windows\AppPatch\spbin "C:\PROGRA~1\SearchProtect\SearchProtect\bin"
08/11 14:34:01 conhost.exe 3096 started by csrss.exe Owyn\Admin C:\Windows\System32\conhost.exe "-81001161496163491-19808279351819457524149765907684222222-419177020-962560998"
08/11 14:34:03 ns7F83.tmp 2412 terminated, CPU 0:00 C:\Windows\Temp\nss630A.tmp\ns7F83.tmp
08/11 14:34:03 conhost.exe 3096 terminated, CPU 0:00 C:\Windows\System32\conhost.exe
08/11 14:34:03 ns83D8.tmp 4684 started by nsh56EA.tmp Owyn\Admin C:\Windows\Temp\nss630A.tmp\ns83D8.tmp c:\windows\system32\sdbinst -q "C:\Windows\TEMP\browsers32.sdb"
08/11 14:34:03 conhost.exe 5056 started by csrss.exe Owyn\Admin C:\Windows\System32\conhost.exe "-1651037095883176165-249391218-1831203781-1680295174-2110025491-975851562208863122
08/11 14:34:03 sdbinst.exe 5280 started by ns83D8.tmp Owyn\Admin C:\Windows\System32\sdbinst.exe -q "C:\Windows\TEMP\browsers32.sdb"
08/11 14:34:05 ns83D8.tmp 4684 terminated, worked 0:01, CPU 0:00 C:\Windows\Temp\nss630A.tmp\ns83D8.tmp
08/11 14:34:05 conhost.exe 5056 terminated, worked 0:01, CPU 0:00 C:\Windows\System32\conhost.exe
08/11 14:34:05 sdbinst.exe 5280 terminated, worked 0:01, CPU 0:00 C:\Windows\System32\sdbinst.exe
08/11 14:34:05 CltMngSvc.exe 3504 started by nsh56EA.tmp Owyn\Admin C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe -install -start -serviceDispalyName="Search Protect Service" -serviceDescription="This service loads the Search Protector, which maintains your selected Search settings, and enables auto-updates."
08/11 14:34:07 CltMngSvc.exe 3504 terminated, worked 0:02, CPU 0:00 C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
08/11 14:34:07 CltMngSvc.exe 5052 started by services.exe NT AUTHORITY\ñèñòåìà C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
08/11 14:34:07 cltmng.exe 3620 started by CltMngSvc.exe Owyn\Admin C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
08/11 14:34:07 cltmngui.exe 2288 started by CltMngSvc.exe Owyn\Admin C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
08/11 14:34:24 new startup item found AppInit_Dlls: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
08/11 14:34:24 new startup item found (prohibited by user) Search Protect Service: C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe
08/11 14:34:25 new startup item automatically deleted Search Protect Service: C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe result=ok
08/11 14:34:25 sp-downloader.exe 1580 terminated, worked 0:40, CPU 0:00 C:\Windows\Temp\DLG\exe\conduit-ltd-great-search-protect-1.0-default\sp-downloader.exe
08/11 14:34:25 nsx3660.exe 4264 terminated, worked 0:38, CPU 0:00 C:\Windows\Temp\nsx3660.exe
08/11 14:34:25 nsh56EA.tmp 5724 terminated, worked 0:28, CPU 0:05 C:\Windows\Temp\nsh56EA.tmp
08/11 14:34:29 VOPackage.exe 5820 started by download-rdedit.exe Owyn\Admin C:\Windows\Temp\DLG\exe\clickmein-ltd-vuupc-1.0-default\VOPackage.exe /start /ch=covus
08/11 14:34:47 chrome.exe 2384 started by chrome.exe Owyn\Admin C:\Program Files\Google\Chrome\Application\chrome.exe --type=renderer --disable-touch-drag-drop --touch-events=disabled --enable-direct-write --lang=ru --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/DisabledViaNoRichNotifications/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Unifo
08/11 14:34:51 svchost.exe 3900 started by services.exe NT AUTHORITY\ñèñòåìà C:\Windows\System32\svchost.exe -k WerSvcGroup
08/11 14:34:51 window created by dwm.exe AB-Tools.com - Forum - Threads on the topic "RDEdit" - Google Chrome
08/11 14:34:55 chrome.exe 4396 started by chrome.exe Owyn\Admin C:\Program Files\Google\Chrome\Application\chrome.exe --type=renderer --disable-touch-drag-drop --touch-events=disabled --enable-direct-write --lang=ru --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/DisabledViaNoRichNotifications/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Unifo
08/11 14:34:55 chrome.exe 3464 started by chrome.exe Owyn\Admin C:\Program Files\Google\Chrome\Application\chrome.exe --type=ppapi-broker --channel="172.384.1807725725\1301078708" --lang=ru /prefetch:845217598
08/11 14:35:03 VOPackage.exe 5820 terminated, worked 0:34, CPU 0:02 C:\Windows\Temp\DLG\exe\clickmein-ltd-vuupc-1.0-default\VOPackage.exe
08/11 14:35:03 window created by AnVir.exe AnVir Task Manager
08/11 14:35:10 download-rdedit.exe 2372 terminated, worked 1:42, CPU 0:05 C:\Downloads\download-rdedit.exe
08/11 14:35:10 window created by AnVir.exe AnVir Task Manager
08/11 14:35:12 window created by AnVir.exe AnVir Task Manager
08/11 14:35:18 cltmngui.exe 2288 terminated, worked 1:10, CPU 0:00 C:\Program Files\SearchProtect\UI\bin\cltmngui.exe
08/11 14:35:18 window created by AnVir.exe AnVir Task Manager
08/11 14:35:21 chrome.exe 2384 terminated, worked 0:36, CPU 0:00 C:\Program Files\Google\Chrome\Application\chrome.exe
08/11 14:35:21 window created by AnVir.exe AnVir Task Manager
08/11 14:35:23 chrome.exe 4396 terminated, worked 0:28, CPU 0:00 C:\Program Files\Google\Chrome\Application\chrome.exe
08/11 14:35:23 window created by AnVir.exe AnVir Task Manager
08/11 14:35:27 CltMngSvc.exe 5052 terminated, worked 1:21, CPU 0:00 C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe
08/11 14:35:27 cltmng.exe 3620 terminated, worked 1:20, CPU 0:01 C:\Program Files\SearchProtect\SearchProtect\bin\cltmng.exe
08/11 14:35:39 dllhost.exe 5268 started by svchost.exe Owyn\Admin C:\Windows\System32\dllhost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
08/11 14:35:39 consent.exe 5512 started by svchost.exe NT AUTHORITY\ñèñòåìà C:\Windows\System32\consent.exe 920 396 198E5478
08/11 14:35:39 window created by explorer.exe C:\Program Files\SearchProtect\Main\bin
08/11 14:35:41 consent.exe 5512 terminated, CPU 0:00 C:\Windows\System32\consent.exe
08/11 14:35:41 dllhost.exe 1472 started by svchost.exe NT AUTHORITY\ñèñòåìà C:\Windows\System32\dllhost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
08/11 14:35:41 dllhost.exe 3288 started by svchost.exe NT AUTHORITY\ñèñòåìà C:\Windows\System32\dllhost.exe /Processid:{E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
08/11 14:35:41 uninstall.exe 2128 started by explorer.exe Owyn\Admin C:\Program Files\SearchProtect\Main\bin\uninstall.exe
08/11 14:35:43 uninstall.exe 2128 terminated, CPU 0:00 C:\Program Files\SearchProtect\Main\bin\uninstall.exe
08/11 14:35:45 dllhost.exe 5268 terminated, worked 0:05, CPU 0:00 C:\Windows\System32\dllhost.exe
08/11 14:35:47 dllhost.exe 1472 terminated, worked 0:04, CPU 0:00 C:\Windows\System32\dllhost.exe
08/11 14:35:47 dllhost.exe 3288 terminated, worked 0:04, CPU 0:00 C:\Windows\System32\dllhost.exe
08/11 14:35:49 window created by AnVir.exe AnVir Task Manager
08/11 14:35:52 new startup item found SpUninstallCleanUp: REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect /f
08/11 14:35:53 chrome.exe 3464 terminated, worked 0:57, CPU 0:00 C:\Program Files\Google\Chrome\Application\chrome.exe
08/11 14:36:16 chrome.exe 5788 started by chrome.exe Owyn\Admin C:\Program Files\Google\Chrome\Application\chrome.exe --type=renderer --disable-touch-drag-drop --touch-events=disabled --enable-direct-write --lang=ru --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/DisabledViaNoRichNotifications/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Unifo
08/11 14:36:16 chrome.exe 4692 started by chrome.exe Owyn\Admin C:\Program Files\Google\Chrome\Application\chrome.exe --type=ppapi-broker --channel="172.386.1357312946\1201264020" --lang=ru /prefetch:845217598
08/11 14:36:24 chrome.exe 5788 terminated, worked 0:08, CPU 0:01 C:\Program Files\Google\Chrome\Application\chrome.exe
08/11 14:36:52 svchost.exe 3900 terminated, worked 2:01, CPU 0:00 C:\Windows\System32\svchost.exe
08/11 14:36:54 chrome.exe 4692 terminated, worked 0:37, CPU 0:00 C:\Program Files\Google\Chrome\Application\chrome.exe
08/11 14:37:18 WmiPrvSE.exe 5564 terminated, worked 3:29, CPU 0:25 C:\Windows\System32\wbem\WmiPrvSE.exe

Скрыть

а именно интересуют строки:

C:\Program Files\Google\Chrome\Application\chrome.exe --type=renderer --disable-touch-drag-drop --touch-events=disabled --enable-direct-write --lang=ru --force-fieldtrials="BrowserBlacklist/Enabled/BrowserPreReadExperiment/100-pct-default/ChromeSuggestions/Most Likely with Kodachrome/ExtensionInstallVerification/Enforce/FlashHardwareVideoDecode/HwVideo/GoogleNow/DisabledViaNoRichNotifications/NetworkConnectivity/disable_network_stats/Prerender/PrerenderEnabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/SettingsEnforcement/no_enforcement/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-New-Install-Uniformity-Trial/Experiment/UMA-Population-Restrict/normal/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_12/UMA-Uniformity-Trial-1-Percent/group_32/UMA-Uniformity-Trial-10-Percent/group_08/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Unifo


08/11 14:36:16 chrome.exe 4692 started by chrome.exe Owyn\Admin C:\Program Files\Google\Chrome\Application\chrome.exe --type=ppapi-broker --channel="172.386.1357312946\1201264020" --lang=ru /prefetch:845217598

и надо ли исправлять последствия их работы.

[Info_bot]

Уважаемый(ая) Owyn, спасибо за обращение на наш форум!

Удаление вирусов - абсолютно бесплатная услуга на VirusInfo.Info. Хелперы, в самое ближайшее время, ответят на Ваш запрос. Для оказания помощи необходимо предоставить логи сканирования утилитами АВЗ и HiJackThis, подробнее можно прочитать в правилах оформления запроса о помощи.

Если наш сайт окажется полезен Вам и у Вас будет такая возможность - пожалуйста поддержите проект.

[Макcим]

Я не понял Ваш вопрос. Если нужно проверить компьютер на вирусы, сделайте логи. Если проблема с Chrome, сформулируйте её.