Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Reklamy superfisch, nabouravani se do emailu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
tommmmm
Návštěvník
Návštěvník
Příspěvky: 53
Registrován: 03 úno 2009 19:28

Reklamy superfisch, nabouravani se do emailu

#1 Příspěvek od tommmmm »

Ahoj mám problém s touto reklamou, která se objevuje asi v každém prohlížeči. Dále se mi zřejmě někdo naboutal emailu, protože jsem dostával emaily ze své vlastní adresy a nějaké další emaily s čínskými znaky.

LOG

Logfile of random's system information tool 1.09 (written by random/random)
Run by Toumes at 2014-01-08 20:20:21
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 171 GB (56%) free of 305 GB
Total RAM: 8190 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:20:24, on 8.1.2014
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16526)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Program Files\trend micro\Toumes.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ˙ţ127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: CrossriderApp0045362 - {11111111-1111-1111-1111-110411531162} - C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: fassurun - {e6efad0c-2d79-4b0d-8996-3e759a9c7914} - C:\Program Files (x86)\fassurun\fassurunbho.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HDInspector.exe] "C:\Program Files (x86)\Hard Drive Inspector\HDInspector.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Toumes\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Program Files (x86)\ICQ7.4\ICQ.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CS8\Services\Tcpip\..\{904C2CFD-1ACB-48CF-935A-C901E93533EC}: NameServer = 194.228.41.65,194.228.41.113
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HDD Information Service (HDDSvc) - AltrixSoft (http://www.altrixsoft.com/) - C:\Program Files (x86)\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Inkjet Printer/Scanner Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update fassurun - Unknown owner - C:\Program Files (x86)\fassurun\updatefassurun.exe
O23 - Service: Util fassurun - Unknown owner - C:\Program Files (x86)\fassurun\bin\utilfassurun.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13440 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
wininit.exe
C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Windows\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\fassurun\updatefassurun.exe"
"C:\Program Files (x86)\fassurun\bin\utilfassurun.exe"
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Windows\system32\Dwm.exe"
taskeng.exe {51018FDE-8F41-4134-BC7B-A6F46EB758FB}
taskeng.exe {E282F385-464D-4CC7-A038-CD73F17BB554}
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Defender\MSASCui.exe" -hide
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\ehome\ehtray.exe"
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1
"C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"C:\Program Files (x86)\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe"
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\ehome\ehmsas.exe -Embedding
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe"
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --extension-process --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.0.1511415001\1618419424" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --instant-process --disable-html-notifications --disable-accelerated-video-decode --channel="3424.1.571959901\254119625" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.2.1566385980\1526623898" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.3.1367678872\904422975" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.5.1983986385\1748281565" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.6.1953408820\245735088" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.7.101040031\193735025" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="3424.8.997343733\1140863248" --disable-d3d11 --supports-dual-gpus=false --gpu-driver-bug-workarounds=0,3,5,12,22,26 --disable-accelerated-video-decode --gpu-vendor-id=0x10de --gpu-device-id=0x1200 --gpu-driver-vendor=NVIDIA --gpu-driver-version=9.18.13.1106 --ignored=" --type=renderer " /prefetch:822062411
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.9.1700113849\1050133071" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.10.16150152\1974191963" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.12.2024832848\488242130" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.13.487949705\1570247366" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="3424.14.499766358\149136831" --ppapi-flash-args --lang=cs --ignored=" --type=renderer " /prefetch:-632637702
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.15.1290277853\492440363" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.16.570312278\1358805991" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.17.1599445805\280817346" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.18.78072950\2125077827" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.19.541834813\1257177906" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.21.2104318533\1112332522" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.22.1204319577\797875292" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.23.317312897\1320412342" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.24.409971032\841145555" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.26.1887779836\1533142112" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.27.1658222787\175789798" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.28.695062064\1039437130" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.29.1441902939\1110408060" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.30.1635639026\384016716" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.31.185932639\1103043475" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.32.455387074\1170655491" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.33.1321467537\122326108" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.34.1125283416\573106322" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.35.731008865\1722395246" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.36.1385238857\98001805" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.37.205626788\2078861867" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.38.865951127\1484419288" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.39.188419785\2003733281" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.40.1804662195\1813095312" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.41.116377425\583167355" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.42.1047712566\485490111" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.43.1076965391\142202680" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.44.960670034\2034800872" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.45.586080397\2138058809" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.46.1490663029\1794128774" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.47.2040069701\830343102" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.48.1215875850\322821639" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.49.287735611\1736205014" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.50.295906194\1390906154" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.51.1711381282\203427820" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.52.933130590\2101773506" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.53.659412277\667307805" /prefetch:673131151
"C:\Users\Toumes\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --lang=cs --force-fieldtrials="AutocompleteDynamicTrial_2/DefaultControl_R2_Stable/BrowserPreReadExperiment/100-pct-default/CookieRetentionPriorityStudy/ExperimentOn/DeferBackgroundExtensionCreation/RateLimited/ForceCompositingMode/thread/InstantExtended/Group20 pct:5 stable:r4 use_remote_ntp_on_startup:1 espv:210 suppress_on_srp:1/Prerender/PrerenderEnabled/PrerenderLocalPredictorSpec/LocalPredictor=Disabled/ShowAppLauncherPromo/ShowPromoUntilDismissed/Test0PercentDefault/group_01/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group3/UMA-Session-Randomized-Uniformity-Trial-5-Percent/group_09/UMA-Uniformity-Trial-1-Percent/group_98/UMA-Uniformity-Trial-10-Percent/group_04/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_03/UMA-Uniformity-Trial-5-Percent/group_06/UMA-Uniformity-Trial-50-Percent/group_01/" --renderer-print-preview --disable-html-notifications --disable-accelerated-video-decode --channel="3424.55.1308246512\1284390488" /prefetch:673131151
"C:\Windows\system32\wuauclt.exe"
"C:\Program Files (x86)\Opera\opera.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe" --channel=7520.b642000.536299641 "C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" - -greomni "C:\Program Files (x86)\Mozilla Firefox\omni.ja" 7520 "\\.\pipe\gecko-crash-server-pipe.7520" plugin
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --proxy-stub-channel=Flash7944.5E18FFC0.12420 --host-broker-channel=Flash7944.5E18FFC0.13493 --host-pid=7944 --host-npapi-version=27 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll"
"C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe" --channel=3308.0014F2C0.1555969157 --proxy-stub-channel=Flash7944.5E18FFC0.12420 --plugin-path="C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll" --host-npapi-version=27 --type=renderer
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 656 660 668 65536 664
"C:\Users\Toumes\Desktop\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\DiscountFrenzy-chromeinstaller.job
C:\Windows\tasks\DiscountFrenzy-codedownloader.job
C:\Windows\tasks\DiscountFrenzy-enabler.job
C:\Windows\tasks\DiscountFrenzy-firefoxinstaller.job
C:\Windows\tasks\DiscountFrenzy-updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146960782-3890957463-14812711-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4146960782-3890957463-14812711-1000UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}]
DiscountFrenzy - C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-bho64.dll [2013-12-26 965632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-02 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}]
DiscountFrenzy - C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-bho.dll [2013-12-26 637440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-07-03 463272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-10-21 606544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-07-03 171944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e6efad0c-2d79-4b0d-8996-3e759a9c7914}]
fassurun - C:\Program Files (x86)\fassurun\fassurunbho.dll [2013-11-07 249624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-01-02 1567016]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-10-21 606544]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1584184]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2010-02-25 10081312]
"CanonSolutionMenu"=C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [2008-03-11 689488]
"CanonMyPrinter"=C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2008-03-18 2114376]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1555968]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 138240]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2012-11-01 5629312]
""= []
"Google Update"=C:\Users\Toumes\AppData\Local\Google\Update\GoogleUpdate.exe [2013-11-12 116648]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2013-05-01 421888]
"HDInspector.exe"=C:\Program Files (x86)\Hard Drive Inspector\HDInspector.exe [2012-12-13 3163088]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2013-10-23 3567800]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-08 20:20:21 ----D---- C:\rsit
2013-12-30 22:37:02 ----D---- C:\Windows\SYSWOW64\Adobe
2013-12-26 20:49:48 ----D---- C:\Program Files (x86)\DiscountFrenzy
2013-12-26 20:48:23 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2013-12-26 20:47:29 ----D---- C:\Program Files (x86)\fassurun
2013-12-26 20:47:20 ----D---- C:\Users\Toumes\AppData\Roaming\COBRA XRS 9345 user guide
2013-12-13 05:07:44 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2013-12-13 05:07:44 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2013-12-13 05:07:44 ----A---- C:\Windows\system32\mshtmled.dll
2013-12-13 05:07:43 ----A---- C:\Windows\SYSWOW64\ieui.dll
2013-12-13 05:07:42 ----A---- C:\Windows\system32\ieui.dll
2013-12-13 05:07:41 ----A---- C:\Windows\SYSWOW64\url.dll
2013-12-13 05:07:41 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2013-12-13 05:07:41 ----A---- C:\Windows\system32\jsproxy.dll
2013-12-13 05:07:41 ----A---- C:\Windows\system32\ieUnatt.exe
2013-12-13 05:07:40 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2013-12-13 05:07:40 ----A---- C:\Windows\system32\url.dll
2013-12-13 05:07:39 ----A---- C:\Windows\SYSWOW64\wininet.dll
2013-12-13 05:07:38 ----A---- C:\Windows\system32\wininet.dll
2013-12-13 05:07:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2013-12-13 05:07:37 ----A---- C:\Windows\system32\urlmon.dll
2013-12-13 05:07:36 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2013-12-13 05:07:36 ----A---- C:\Windows\system32\msfeeds.dll
2013-12-13 05:07:34 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2013-12-13 05:07:34 ----A---- C:\Windows\SYSWOW64\jscript.dll
2013-12-13 05:07:34 ----A---- C:\Windows\system32\vbscript.dll
2013-12-13 05:07:34 ----A---- C:\Windows\system32\jscript9.dll
2013-12-13 05:07:34 ----A---- C:\Windows\system32\jscript.dll
2013-12-13 05:07:33 ----A---- C:\Windows\system32\iertutil.dll
2013-12-13 05:07:32 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2013-12-13 05:07:28 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2013-12-13 05:07:26 ----A---- C:\Windows\system32\mshtml.dll
2013-12-13 05:07:24 ----A---- C:\Windows\system32\ieframe.dll
2013-12-13 05:07:23 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2013-12-12 05:49:22 ----A---- C:\Windows\system32\win32k.sys
2013-12-12 05:49:17 ----A---- C:\Windows\system32\wscript.exe
2013-12-12 05:49:17 ----A---- C:\Windows\system32\scrrun.dll
2013-12-12 05:49:17 ----A---- C:\Windows\system32\cscript.exe
2013-12-12 05:49:16 ----A---- C:\Windows\SYSWOW64\wscript.exe
2013-12-12 05:49:15 ----A---- C:\Windows\SYSWOW64\wshcon.dll
2013-12-12 05:49:15 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2013-12-12 05:49:15 ----A---- C:\Windows\SYSWOW64\cscript.exe
2013-12-12 05:49:12 ----A---- C:\Windows\SYSWOW64\imagehlp.dll
2013-12-12 05:49:12 ----A---- C:\Windows\system32\imagehlp.dll
2013-12-12 05:49:09 ----A---- C:\Windows\system32\SysFxUI.dll
2013-12-12 05:49:09 ----A---- C:\Windows\system32\drivers\portcls.sys
2013-12-12 05:49:09 ----A---- C:\Windows\system32\drivers\drmk.sys

======List of files/folders modified in the last 1 month======

2014-01-08 20:20:24 ----D---- C:\Windows\Prefetch
2014-01-08 20:20:23 ----D---- C:\Windows\temp
2014-01-08 20:20:23 ----D---- C:\Program Files\trend micro
2014-01-08 19:31:05 ----SHD---- C:\System Volume Information
2014-01-08 19:16:46 ----D---- C:\Windows\system32\drivers
2014-01-08 19:16:35 ----D---- C:\Windows\System32
2014-01-08 19:16:35 ----D---- C:\Windows\inf
2014-01-08 19:16:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-01-08 19:15:29 ----D---- C:\Windows
2014-01-08 19:09:40 ----D---- C:\ProgramData\NVIDIA
2014-01-08 19:08:34 ----D---- C:\Windows\system32\config
2014-01-08 19:08:29 ----D---- C:\Windows\Tasks
2014-01-08 19:08:29 ----D---- C:\Windows\system32\Tasks
2014-01-08 19:08:29 ----D---- C:\Windows\system32\spool
2014-01-08 19:08:29 ----D---- C:\Windows\system32\Msdtc
2014-01-08 19:08:28 ----D---- C:\Windows\system32\wbem
2014-01-08 19:08:28 ----D---- C:\Windows\system32\catroot2
2014-01-02 10:42:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-01-02 10:39:22 ----RD---- C:\Program Files (x86)
2014-01-02 10:39:21 ----HD---- C:\ProgramData
2014-01-02 10:29:44 ----D---- C:\ProgramData\CanonIJPLM
2014-01-02 10:24:58 ----D---- C:\Program Files (x86)\Full Tilt Poker
2014-01-02 10:08:22 ----D---- C:\Windows\Minidump
2014-01-02 09:10:40 ----SHD---- C:\Windows\Installer
2014-01-02 09:05:40 ----D---- C:\Windows\SysWOW64
2013-12-30 22:38:22 ----D---- C:\Windows\winsxs
2013-12-22 10:21:51 ----D---- C:\Users\Toumes\AppData\Roaming\Vso
2013-12-16 05:49:17 ----D---- C:\Program Files (x86)\Google
2013-12-15 05:07:40 ----D---- C:\Windows\system32\MRT
2013-12-15 05:01:57 ----A---- C:\Windows\system32\mrt.exe
2013-12-13 05:47:26 ----D---- C:\Windows\SYSWOW64\migration
2013-12-13 05:47:26 ----D---- C:\Windows\system32\migration
2013-12-13 05:47:26 ----D---- C:\Program Files\Internet Explorer
2013-12-13 05:47:26 ----D---- C:\Program Files (x86)\Internet Explorer
2013-12-13 05:47:03 ----D---- C:\Windows\SYSWOW64\RTCOM
2013-12-13 05:10:49 ----D---- C:\ProgramData\Microsoft Help
2013-12-13 05:09:16 ----D---- C:\Windows\system32\catroot
2013-12-11 15:59:13 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2013-10-21 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2013-10-21 205320]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2011-04-14 513080]
R1 AppleCharger;AppleCharger; C:\Windows\system32\DRIVERS\AppleCharger.sys [2010-04-27 21544]
R1 AswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr.sys [2013-10-21 64752]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2013-10-21 1032416]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-01-08 409832]
R1 aswTdi;aswTdi; \??\C:\Windows\system32\drivers\aswTdi.sys [2013-10-21 65264]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R2 aswFsBlk;aswFsBlk; \??\C:\Windows\system32\drivers\aswFsBlk.sys [2013-10-21 38984]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-10-21 84328]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-04-14 254528]
R3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2014-01-08 25640]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2010-02-25 2276128]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2010-11-12 155752]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2013-02-25 11036448]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh64.sys [2010-02-09 302112]
R3 WudfPf;@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000; C:\Windows\system32\drivers\WudfPf.sys [2012-07-26 87040]
S3 atcnau6y;atcnau6y; C:\Windows\system32\drivers\atcnau6y.sys []
S3 drmkaud;Dekodér zvuků DRM jádra společnosti Microsoft; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 6144]
S3 HdAudAddService;Ovladač funkce Microsoft 1.1 UAA pro službu zvuku High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 273920]
S3 MSKSSRV;Server proxy služby datových proudů Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 11008]
S3 MSPCLOCK;Server proxy hodin datových proudů Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 7040]
S3 MSPQM;Server proxy správce kvality datových proudů Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 6656]
S3 MSTEE;Konvertor jímka-jímka typu T datových proudů Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 7936]
S3 nmwcd;Nokia USB Phone Parent Driver; C:\Windows\system32\drivers\ccdcmbx64.sys [2013-01-23 19968]
S3 nmwcdc;Nokia USB Communication Driver; C:\Windows\system32\drivers\ccdcmbox64.sys [2013-01-23 27136]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfdx64.sys [2012-10-17 26112]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys [2013-01-23 9216]
S3 usbser;USB Modem Driver; C:\Windows\system32\DRIVERS\usbser.sys [2013-08-29 32768]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys [2013-01-23 9216]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 46592]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2012-07-26 198656]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 8704]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 438328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2012-07-11 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-10-21 50344]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [2009-08-24 68136]
R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 27648]
R2 IJPLMSVC;Inkjet Printer/Scanner Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2008-01-22 103808]
R2 NVSvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2013-01-18 884512]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R2 Update fassurun;Update fassurun; C:\Program Files (x86)\fassurun\updatefassurun.exe [2013-11-07 66328]
R2 Util fassurun;Util fassurun; C:\Program Files (x86)\fassurun\bin\utilfassurun.exe [2013-12-27 66328]
R3 HDDSvc;HDD Information Service; C:\Program Files (x86)\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe [2012-11-26 484304]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-01 116648]
S2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2013-02-25 1260320]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 AppleChargerSrv;AppleChargerSrv; C:\Windows\system32\AppleChargerSrv.exe [2010-04-06 31272]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-01 116648]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-01-19 115608]
S3 NBService;NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%\sysWow64\perfhost.exe,-2; C:\Windows\SysWow64\perfhost.exe [2008-01-21 19968]
S3 ServiceLayer;ServiceLayer; C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe [2013-04-18 737616]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-07-20 1022632]

-----------------EOF-----------------
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy superfisch, nabouravani se do emailu

#2 Příspěvek od vyosek »

Zdravim :)

:arrow: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
  • Ulozte nejlepe na plochu
  • Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
  • Probehne vytvoreni zalohy a nasledne prohledavani
  • Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
:arrow: Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
  • Ulozte nejlepe na plochu
  • Ukoncete vsechny programy
  • Kliknete na Scan a nasledne Clean
  • Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
tommmmm
Návštěvník
Návštěvník
Příspěvky: 53
Registrován: 03 úno 2009 19:28

Re: Reklamy superfisch, nabouravani se do emailu

#3 Příspěvek od tommmmm »

Během testu mi Avast ohlásil nějaký útok, ale test se dokončil

LOG

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows (TM) Vista Home Premium x64
Ran by Toumes on st 08.01.2014 at 21:01:16,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0045362.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0045362.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0045362.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0045362.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110411531162}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220422532262}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550255675566}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550455535562}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660266676666}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660466536662}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440244674466}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440444534462}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110411531162}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220422532262}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550255675566}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{55555555-5555-5555-5555-550455535562}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660266676666}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660466536662}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440244674466}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444534462}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0045362.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0045362.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0045362.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0045362.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550255675566}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550455535562}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660266676666}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660466536662}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440244674466}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440444534462}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211671166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211671166}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550255675566}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{55555555-5555-5555-5555-550455535562}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660266676666}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660466536662}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440244674466}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\TypeLib\{44444444-4444-4444-4444-440444534462}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Toumes\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Program Files (x86)\sweetim"
Successfully deleted: [Folder] "C:\Windows\syswow64\arfc"
Successfully deleted: [Folder] "C:\Windows\syswow64\jmdp"
Successfully deleted: [Folder] "C:\Windows\syswow64\wnlt"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Toumes\AppData\Roaming\mozilla\firefox\profiles\9zzjui9y.default\extensions\41ed8dee-33ed-4769-bdf4-2707c4199b97@45a3c648-db86-4b41-92e2-a77bbbf91f1d.com
Successfully deleted: [Folder] C:\Users\Toumes\AppData\Roaming\mozilla\firefox\profiles\9zzjui9y.default\extensions\c4d22aeb-96c2-4873-91c1-95a7a726b342@4ef9d624-79c8-42e0-b8a9-8fd3126fefc8.com
Successfully deleted the following from C:\Users\Toumes\AppData\Roaming\mozilla\firefox\profiles\9zzjui9y.default\prefs.js

user_pref("extensions.crossrider.bic", "14330753a2b438fe6abb3efc4c00ba7e");
Emptied folder: C:\Users\Toumes\AppData\Roaming\mozilla\firefox\profiles\9zzjui9y.default\minidumps [13 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on st 08.01.2014 at 21:09:24,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy superfisch, nabouravani se do emailu

#4 Příspěvek od vyosek »

Pockam jeste na AdwCleaner
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
tommmmm
Návštěvník
Návštěvník
Příspěvky: 53
Registrován: 03 úno 2009 19:28

Re: Reklamy superfisch, nabouravani se do emailu

#5 Příspěvek od tommmmm »

Při startu systemu opět nějaký blokování ze strany Avastu.

# AdwCleaner v3.016 - Report created 08/01/2014 at 21:17:54
# Updated 23/12/2013 by Xplode
# Operating System : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Username : Toumes - TOMAS-PC
# Running from : C:\Users\Toumes\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\SimilarSites
[!] Folder Deleted : C:\Program Files (x86)\DeviceVM
[!] Folder Deleted : C:\Program Files (x86)\HDvidCodec.com
[!] Folder Deleted : C:\Program Files (x86)\SimilarSites
[!] Folder Deleted : C:\Program Files (x86)\DiscountFrenzy
[!] Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
[!] Folder Deleted : C:\Users\Toumes\AppData\Local\Temp\TempDir
[!] Folder Deleted : C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\ICQToolbarData
[!] Folder Deleted : C:\Users\Toumes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijlahccmdmhcnkhclomggcjibmhoffnh
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Users\Toumes\AppData\Local\Temp\Utils.dll
File Deleted : C:\Windows\Tasks\DiscountFrenzy-chromeinstaller.job
File Deleted : C:\Windows\System32\Tasks\DiscountFrenzy-chromeinstaller
File Deleted : C:\Windows\Tasks\DiscountFrenzy-codedownloader.job
File Deleted : C:\Windows\System32\Tasks\DiscountFrenzy-codedownloader
File Deleted : C:\Windows\Tasks\DiscountFrenzy-enabler.job
File Deleted : C:\Windows\System32\Tasks\DiscountFrenzy-enabler
File Deleted : C:\Windows\Tasks\DiscountFrenzy-firefoxinstaller.job
File Deleted : C:\Windows\System32\Tasks\DiscountFrenzy-firefoxinstaller
File Deleted : C:\Windows\Tasks\DiscountFrenzy-updater.job
File Deleted : C:\Windows\System32\Tasks\DiscountFrenzy-updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB797681-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03f248ba-f0af-4078-a1c8-4b61c93e0c10}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28d3acb5-ccc0-4732-820a-4c9fed7fe3ab}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7a0393d0-8b0f-4e99-9c56-e9b8fff585f2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b5056e5f-0835-477a-917c-2bad1d792af0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e97f84aa-fbb0-4018-a039-771895fc0ab0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03f248ba-f0af-4078-a1c8-4b61c93e0c10}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28d3acb5-ccc0-4732-820a-4c9fed7fe3ab}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7a0393d0-8b0f-4e99-9c56-e9b8fff585f2}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b5056e5f-0835-477a-917c-2bad1d792af0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e97f84aa-fbb0-4018-a039-771895fc0ab0}
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\DiscountFrenzy
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\DiscountFrenzy
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DiscountFrenzy
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\FLV Player
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DiscountFrenzy
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\wnlt

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16526


-\\ Mozilla Firefox v18.0.1 (cs)

[ File : C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\prefs.js ]

Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.InstallationThankYouPage", true);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.InstallationTime", 1388087384);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.active", true);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.addressbar", "NA");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.addressbarenhanced", "");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncdb_dbWasSet", true);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncdb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb_dbWasSet", true);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.backgroundver", 1);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.certdomaininstaller", "");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.changeprevious", false);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.InstallationTime.value", "%221388087384%22");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000628%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.jw_token.value", "%22bcb6b8b2-dd42-946f-96fa-ffea3ad983d3%22");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.description", "Get Discounts. Anywhere.");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.domain", "");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.enablesearch", false);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.homepage", "");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.iframe", false);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22BA5BED60FB5F4567AF5FEC82B7545[...]
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000628%22%2C%22sub_id%22%3A%220%22%2C%[...]
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000628%22%2C%22sub_id%22%3A%220%2[...]
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22BA5BED60FB5F4567AF5F[...]
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_appVer.value", "39");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_lastVersion.value", "1");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_nextCheck.expiration", "Thu Jan 09 2014 02:11:58 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22BA5BED60[...]
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.lastDailyReport", "1389208309082");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.lastUpdate", "1389208311438");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.manifesturl", "");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.name", "DiscountFrenzy");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.newtab", "");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.opensearch", "");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/45362/plugins/093/ff/plugins.json");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.pluginsversion", 32);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.publisher", "DiscountFrenzy");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.searchstatus", 0);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.setnewtab", false);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.thankyou", "");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.updateinterval", 360);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.ver", 39);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.apps", "45362");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.bic", "14330753a2b438fe6abb3efc4c00ba7e");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.cid", 45362);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.firstrun", false);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.hadappinstalled", true);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.installationdate", 1388087426);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.modetype", "production");
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.reportInstall", true);
Line Deleted : user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.statsDailyCounter", 5);
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
Line Deleted : user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");

[ File : C:\Users\Tomas.Tomas-PC.000\AppData\Roaming\Mozilla\Firefox\Profiles\j70dnbs1.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\Toumes\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [19201 octets] - [08/01/2014 21:12:29]
AdwCleaner[S0].txt - [16673 octets] - [08/01/2014 21:17:54]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16734 octets] ##########
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy superfisch, nabouravani se do emailu

#6 Příspěvek od vyosek »

:arrow: Muzete dat screen toho hlaseni??

:arrow: Poprosim o log dle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
tommmmm
Návštěvník
Návštěvník
Příspěvky: 53
Registrován: 03 úno 2009 19:28

Re: Reklamy superfisch, nabouravani se do emailu

#7 Příspěvek od tommmmm »

Muzete dat screen toho hlaseni?? -- nevím jaké hlášení, v cem jsem udelal chybu?


Log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-01-2014 01
Ran by Toumes (administrator) on TOMAS-PC on 08-01-2014 21:43:44
Running from C:\Users\Toumes\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: Czech
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files (x86)\Gigabyte\EasySaver\essvr.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(AltrixSoft (http://www.altrixsoft.com/)) C:\Program Files (x86)\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe
(forum.viry.cz) C:\Users\Toumes\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10081312 2010-02-25] (Realtek Semiconductor)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE [689488 2008-03-11] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2114376 2008-03-18] (CANON INC.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [HDInspector.exe] - C:\Program Files (x86)\Hard Drive Inspector\HDInspector.exe [3163088 2012-12-13] (Altrixsoft)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2014-01-08] (AVAST Software)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehtray.exe [138240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [Google Update] - C:\Users\Toumes\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-12] (Google Inc.)
MountPoints2: {c0691049-65ed-11e0-8729-1c6f65a067d5} - M:\autorun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Tomas\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Tomas.Tomas-PC\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Tomas.Tomas-PC.000\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\UpdatusUser\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
URLSearchHook: HKLM-x32 - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKCU - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {2A31C7B8-CF25-432f-BF9A-EA8CC139FE64} URL = http://www.google.com/cse?cx=partner-pu ... 4067623346
SearchScopes: HKCU - {2B6BCFF3-5572-4a44-9E16-55C3C4D7D733} URL = http://www.bing.com/search?q={searchTer ... R2&pc=SPLH
SearchScopes: HKCU - {CE772FF6-6A55-4237-9A7C-5225411C71F5} URL = http://search.yahoo.com/search?p={searc ... type=STDVM
BHO: DiscountFrenzy - {11111111-1111-1111-1111-110411531162} - C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-bho64.dll No File
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: fassurun - {e6efad0c-2d79-4b0d-8996-3e759a9c7914} - C:\Program Files (x86)\fassurun\fassurunBHO.dll (fassurun)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Winsock: Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Společnost Microsoft)
Winsock: Catalog5-x64 02 %SystemRoot%\system32\napinsp.dll [62976] (Společnost Microsoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default
FF Homepage: hxxp://www.seznam.cz/
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin - C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Toumes\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Toumes\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Toumes\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: fassurun - C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\Extensions\firefox@fassurun.co.xpi
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Plugin: (Shockwave Flash) - C:\Users\Toumes\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Toumes\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Toumes\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Google Wallet) - C:\Users\Toumes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [hjeglkhenpckoocpnajnnmcehdkcemnm] - C:\Program Files (x86)\fassurun\hjeglkhenpckoocpnajnnmcehdkcemnm.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-21] (AVAST Software)
R2 ES lite Service; C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE [68136 2009-08-24] ()
R3 HDDSvc; C:\Program Files (x86)\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe [484304 2012-11-26] (AltrixSoft (http://www.altrixsoft.com/))
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [103808 2008-01-22] ()
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21544 2010-04-27] ()
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-21] (AVAST Software)
R1 AswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2013-10-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-21] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2014-01-08] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-10-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-21] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2011-04-14] (DT Soft Ltd)
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [275432 2009-04-11] (Společnost Microsoft)
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [1513320 2013-03-03] (Společnost Microsoft)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-04-14] ()
U3 aul8xovq; C:\Windows\System32\Drivers\aul8xovq.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-08 21:43 - 2014-01-08 21:44 - 00015847 _____ C:\Users\Toumes\Desktop\FRST.txt
2014-01-08 21:42 - 2014-01-08 21:42 - 00112640 _____ (forum.viry.cz) C:\Users\Toumes\Desktop\FRSTLauncher.exe
2014-01-08 21:42 - 2014-01-08 21:42 - 00000000 ____D C:\FRST
2014-01-08 21:39 - 2014-01-08 21:39 - 01931770 _____ (Farbar) C:\Users\Toumes\Desktop\FRST64.exe
2014-01-08 21:11 - 2014-01-08 21:18 - 00000000 ____D C:\AdwCleaner
2014-01-08 21:11 - 2014-01-08 21:11 - 01233962 _____ C:\Users\Toumes\Desktop\adwcleaner.exe
2014-01-08 21:09 - 2014-01-08 21:09 - 00006694 _____ C:\Users\Toumes\Desktop\JRT.txt
2014-01-08 20:20 - 2014-01-08 20:20 - 00000000 ____D C:\rsit
2014-01-02 10:31 - 2014-01-02 10:31 - 00000680 _____ C:\Users\Toumes\AppData\Local\d3d9caps.dat
2013-12-30 22:37 - 2013-12-30 22:37 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-12-28 22:10 - 2013-12-28 22:10 - 00011032 _____ C:\Users\Toumes\Desktop\Sešit1 1 POLOVINA.xlsx
2013-12-26 20:56 - 2013-12-26 20:56 - 00269544 _____ C:\Windows\Minidump\Mini122613-01.dmp
2013-12-26 20:48 - 2013-12-28 05:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-26 20:47 - 2014-01-08 21:04 - 00000000 ____D C:\Program Files (x86)\fassurun
2013-12-26 20:47 - 2013-12-26 20:47 - 00000000 ____D C:\Users\Toumes\AppData\Roaming\COBRA XRS 9345 user guide
2013-12-13 05:07 - 2013-11-15 03:09 - 17847296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-13 05:07 - 2013-11-15 02:42 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-13 05:07 - 2013-11-15 02:37 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-13 05:07 - 2013-11-15 02:29 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-13 05:07 - 2013-11-15 02:29 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-13 05:07 - 2013-11-15 02:28 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-13 05:07 - 2013-11-15 02:28 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-13 05:07 - 2013-11-15 02:25 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-13 05:07 - 2013-11-15 02:22 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-13 05:07 - 2013-11-15 02:20 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-13 05:07 - 2013-11-15 02:20 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-13 05:07 - 2013-11-15 02:19 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-13 05:07 - 2013-11-15 02:19 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-13 05:07 - 2013-11-15 02:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-13 05:07 - 2013-11-15 02:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-13 05:07 - 2013-11-15 02:12 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-13 05:07 - 2013-11-15 00:13 - 12344320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-13 05:07 - 2013-11-14 23:50 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-13 05:07 - 2013-11-14 23:50 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-13 05:07 - 2013-11-14 23:43 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-13 05:07 - 2013-11-14 23:42 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-13 05:07 - 2013-11-14 23:42 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-13 05:07 - 2013-11-14 23:41 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-13 05:07 - 2013-11-14 23:40 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-13 05:07 - 2013-11-14 23:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-13 05:07 - 2013-11-14 23:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-13 05:07 - 2013-11-14 23:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-13 05:07 - 2013-11-14 23:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-13 05:07 - 2013-11-14 23:36 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-13 05:07 - 2013-11-14 23:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-13 05:07 - 2013-11-14 23:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-13 05:07 - 2013-11-14 23:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 05:49 - 2013-10-30 05:34 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2013-12-12 05:49 - 2013-10-30 04:55 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 05:49 - 2013-10-30 03:33 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 05:49 - 2013-10-30 03:10 - 02776064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 05:49 - 2013-10-22 10:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 05:49 - 2013-10-22 08:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 05:49 - 2013-10-11 05:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 05:49 - 2013-10-11 05:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 05:49 - 2013-10-11 03:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 05:49 - 2013-10-11 03:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 05:49 - 2013-10-11 03:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 05:49 - 2013-10-11 03:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 05:49 - 2013-10-11 03:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2013-12-12 05:49 - 2013-10-11 01:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 05:49 - 2013-10-11 01:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe

==================== One Month Modified Files and Folders =======

2014-01-08 21:44 - 2014-01-08 21:43 - 00015847 _____ C:\Users\Toumes\Desktop\FRST.txt
2014-01-08 21:42 - 2014-01-08 21:42 - 00112640 _____ (forum.viry.cz) C:\Users\Toumes\Desktop\FRSTLauncher.exe
2014-01-08 21:42 - 2014-01-08 21:42 - 00000000 ____D C:\FRST
2014-01-08 21:39 - 2014-01-08 21:39 - 01931770 _____ (Farbar) C:\Users\Toumes\Desktop\FRST64.exe
2014-01-08 21:30 - 2011-08-25 19:40 - 00003734 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{AFE8CF62-A90D-427E-BC8C-3942A6EB60F0}
2014-01-08 21:27 - 2008-01-21 10:32 - 01418466 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-08 21:27 - 2008-01-21 10:31 - 00607464 _____ C:\Windows\system32\perfh005.dat
2014-01-08 21:27 - 2008-01-21 10:31 - 00118128 _____ C:\Windows\system32\perfc005.dat
2014-01-08 21:26 - 2008-01-21 02:53 - 01098858 _____ C:\Windows\WindowsUpdate.log
2014-01-08 21:21 - 2011-03-16 19:47 - 00000147 _____ C:\service.log
2014-01-08 21:20 - 2013-04-01 16:12 - 00000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-08 21:19 - 2011-03-16 20:03 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-08 21:19 - 2011-03-16 19:58 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-01-08 21:19 - 2006-11-02 16:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-08 21:19 - 2006-11-02 16:22 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-08 21:19 - 2006-11-02 16:22 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-08 21:18 - 2014-01-08 21:11 - 00000000 ____D C:\AdwCleaner
2014-01-08 21:18 - 2006-11-02 16:42 - 00032572 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-08 21:11 - 2014-01-08 21:11 - 01233962 _____ C:\Users\Toumes\Desktop\adwcleaner.exe
2014-01-08 21:09 - 2014-01-08 21:09 - 00006694 _____ C:\Users\Toumes\Desktop\JRT.txt
2014-01-08 21:04 - 2013-12-26 20:47 - 00000000 ____D C:\Program Files (x86)\fassurun
2014-01-08 21:00 - 2013-07-01 04:51 - 01037068 _____ (Thisisu) C:\Users\Toumes\Desktop\JRT.exe
2014-01-08 20:53 - 2012-12-11 20:53 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-08 20:50 - 2013-04-01 16:12 - 00000952 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-08 20:20 - 2014-01-08 20:20 - 00000000 ____D C:\rsit
2014-01-08 20:20 - 2012-11-11 22:04 - 00935175 _____ C:\Users\Toumes\Desktop\RSITx64.exe
2014-01-08 20:20 - 2012-11-11 22:04 - 00000000 ____D C:\Program Files\trend micro
2014-01-08 20:18 - 2013-11-12 21:01 - 00000966 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4146960782-3890957463-14812711-1000UA.job
2014-01-08 19:16 - 2013-05-11 11:42 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-01-08 19:16 - 2013-05-11 11:42 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2014-01-08 19:16 - 2013-05-11 11:42 - 00001829 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-01-08 19:10 - 2011-03-16 19:44 - 00000000 ____D C:\Users\Toumes
2014-01-08 19:08 - 2012-01-27 14:26 - 00000000 ____D C:\Users\Tomas.Tomas-PC.000
2014-01-08 19:08 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\spool
2014-01-08 19:08 - 2006-11-02 14:34 - 00000000 ____D C:\Windows\system32\Msdtc
2014-01-08 19:08 - 2006-11-02 13:33 - 90701824 _____ C:\Windows\system32\config\software_previous
2014-01-08 19:08 - 2006-11-02 13:33 - 39845888 _____ C:\Windows\system32\config\system_previous
2014-01-08 19:00 - 2006-11-02 13:33 - 55836672 _____ C:\Windows\system32\config\components_previous
2014-01-08 19:00 - 2006-11-02 13:33 - 00262144 _____ C:\Windows\system32\config\sam_previous
2014-01-08 18:58 - 2006-11-02 13:33 - 00262144 _____ C:\Windows\system32\config\security_previous
2014-01-08 18:58 - 2006-11-02 13:33 - 00262144 _____ C:\Windows\system32\config\default_previous
2014-01-07 15:37 - 2013-11-12 21:01 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4146960782-3890957463-14812711-1000Core.job
2014-01-02 10:42 - 2013-01-19 11:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2014-01-02 10:31 - 2014-01-02 10:31 - 00000680 _____ C:\Users\Toumes\AppData\Local\d3d9caps.dat
2014-01-02 10:31 - 2013-05-11 11:42 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1388655205
2014-01-02 10:29 - 2011-03-18 21:04 - 00000000 ____D C:\ProgramData\CanonIJPLM
2014-01-02 10:24 - 2011-03-18 20:08 - 00000000 ____D C:\Users\Toumes\Desktop\Fotky
2014-01-02 10:24 - 2011-03-16 21:18 - 00000000 ____D C:\Program Files (x86)\Full Tilt Poker
2014-01-02 10:08 - 2011-06-03 15:55 - 00000000 ____D C:\Windows\Minidump
2014-01-02 10:01 - 2013-03-25 15:34 - 01450290 _____ C:\Windows\PFRO.log
2014-01-02 09:25 - 2011-12-17 18:55 - 00000000 ____D C:\Users\Toumes\Desktop\Nová složka (2)
2014-01-01 17:20 - 2011-03-16 21:18 - 00000000 ____D C:\Users\Toumes\AppData\Local\FullTiltPoker
2013-12-30 22:37 - 2013-12-30 22:37 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2013-12-28 22:35 - 2012-04-15 20:24 - 00010755 _____ C:\Users\Toumes\Desktop\Sešit1.xlsx
2013-12-28 22:10 - 2013-12-28 22:10 - 00011032 _____ C:\Users\Toumes\Desktop\Sešit1 1 POLOVINA.xlsx
2013-12-28 05:03 - 2013-12-26 20:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-12-26 20:56 - 2013-12-26 20:56 - 00269544 _____ C:\Windows\Minidump\Mini122613-01.dmp
2013-12-26 20:55 - 2011-06-03 15:55 - 334270647 _____ C:\Windows\MEMORY.DMP
2013-12-26 20:47 - 2013-12-26 20:47 - 00000000 ____D C:\Users\Toumes\AppData\Roaming\COBRA XRS 9345 user guide
2013-12-22 10:21 - 2011-11-19 21:02 - 00000000 ____D C:\Users\Toumes\Documents\ConvertXToDVD
2013-12-22 10:21 - 2011-11-18 16:12 - 01673737 _____ C:\Users\Toumes\AppData\Roaming\vso_ts_preview.xml
2013-12-22 10:21 - 2011-11-18 16:12 - 00000000 ____D C:\Users\Toumes\AppData\Roaming\Vso
2013-12-20 18:46 - 2013-04-02 20:01 - 00005931 _____ C:\Windows\setupact.log
2013-12-16 05:49 - 2013-04-01 16:14 - 00002115 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-16 05:49 - 2013-04-01 16:12 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-15 08:34 - 2012-12-14 21:57 - 00000000 ____D C:\Users\Toumes\Desktop\Nová složka (6)
2013-12-15 05:07 - 2013-08-16 04:07 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 05:01 - 2006-11-02 13:35 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-12-13 05:50 - 2006-11-02 16:21 - 00375832 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-13 05:47 - 2011-03-16 19:52 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2013-12-13 05:10 - 2011-04-18 15:31 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 22:07 - 2011-03-18 21:05 - 00000000 ____D C:\Users\Toumes\AppData\Local\Canon Easy-PhotoPrint EX
2013-12-11 15:59 - 2012-03-30 04:47 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 15:59 - 2012-03-30 04:47 - 00003766 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 15:59 - 2011-05-20 15:47 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Toumes\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Toumes\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Toumes\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Toumes\AppData\Local\Temp\Quarantine.exe
C:\Users\Toumes\AppData\Local\Temp\uninstaller.exe
C:\Users\Toumes\AppData\Local\Temp\WSSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================


==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Toumes\Desktop" je 19219 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================
Nahoru
tommmmm
Návštěvník
Návštěvník
Příspěvky: 53
Registrován: 03 úno 2009 19:28

Re: Reklamy superfisch, nabouravani se do emailu

#8 Příspěvek od tommmmm »

Ještě ten addition
Přílohy
Desktop.rar
(3.01 KiB) Staženo 34 x
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy superfisch, nabouravani se do emailu

#9 Příspěvek od vyosek »

:arrow: Screen\fotku tohoto jsem myslel
tommmmm píše:Při startu systemu opět nějaký blokování ze strany Avastu.
:arrow: Tvorba fixlistu pro FRST
  • Spustte poznamkovy blok (Start-spustit-notepad)
  • Zkopirujte skript nize

  • Kód: Vybrat vše

    Start
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [Google Update] - C:\Users\Toumes\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-12] (Google Inc.)
MountPoints2: {c0691049-65ed-11e0-8729-1c6f65a067d5} - M:\autorun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Tomas\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Tomas.Tomas-PC\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Tomas.Tomas-PC.000\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\UpdatusUser\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

URLSearchHook: HKLM-x32 - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKCU - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
SearchScopes: HKCU - {2A31C7B8-CF25-432f-BF9A-EA8CC139FE64} URL = http://www.google.com/cse?cx=partner-pu ... e=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
SearchScopes: HKCU - {2B6BCFF3-5572-4a44-9E16-55C3C4D7D733} URL = http://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
SearchScopes: HKCU - {CE772FF6-6A55-4237-9A7C-5225411C71F5} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM
BHO: DiscountFrenzy - {11111111-1111-1111-1111-110411531162} - C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-bho64.dll No File
BHO-x32: fassurun - {e6efad0c-2d79-4b0d-8996-3e759a9c7914} - C:\Program Files (x86)\fassurun\fassurunBHO.dll (fassurun)

FF Extension: fassurun - C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\Extensions\firefox@fassurun.co.xpi

CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM-x32\...\Chrome\Extension: [hjeglkhenpckoocpnajnnmcehdkcemnm] - C:\Program Files (x86)\fassurun\hjeglkhenpckoocpnajnnmcehdkcemnm.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

U3 aul8xovq; C:\Windows\System32\Drivers\aul8xovq.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

2014-01-08 21:42 - 2014-01-08 21:42 - 00112640 _____ (forum.viry.cz) C:\Users\Toumes\Desktop\FRSTLauncher.exe
2014-01-08 21:11 - 2014-01-08 21:11 - 01233962 _____ C:\Users\Toumes\Desktop\adwcleaner.exe
2014-01-08 21:09 - 2014-01-08 21:09 - 00006694 _____ C:\Users\Toumes\Desktop\JRT.txt
2014-01-08 21:04 - 2013-12-26 20:47 - 00000000 ____D C:\Program Files (x86)\fassurun
C:\Program Files (x86)\DiscountFrenzy
C:\Users\Toumes\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Toumes\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Toumes\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Toumes\AppData\Local\Temp\Quarantine.exe
C:\Users\Toumes\AppData\Local\Temp\uninstaller.exe
C:\Users\Toumes\AppData\Local\Temp\WSSetup.exe

Hosts:
CMD: shutdown /r /f /t 2

End
  • Ulozte vytvoreny TXT jako fixlist.txt
  • Presunte vytvoreny fixlist vedle FRST
:arrow: Spustte znovu FRST.exe
  • Kliknete na Fix
  • Probehne oprava a vytvori log Fixlog.txt
:arrow: Restart PC a dejte mi sem fixlog.txt
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
tommmmm
Návštěvník
Návštěvník
Příspěvky: 53
Registrován: 03 úno 2009 19:28

Re: Reklamy superfisch, nabouravani se do emailu

#10 Příspěvek od tommmmm »

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-01-2014 01
Ran by Toumes at 2014-01-08 22:28:55 Run:1
Running from C:\Users\Toumes\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5629312 2012-11-01] (SUPERAntiSpyware.com)
HKCU\...\Run: [] - [x]
HKCU\...\Run: [Google Update] - C:\Users\Toumes\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-11-12] (Google Inc.)
MountPoints2: {c0691049-65ed-11e0-8729-1c6f65a067d5} - M:\autorun.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Tomas\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Tomas.Tomas-PC\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Tomas.Tomas-PC.000\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\UpdatusUser\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter

URLSearchHook: HKLM-x32 - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
URLSearchHook: HKCU - Default Value = {FE69C007-C452-4d3e-86D2-1730DF8BC871}
SearchScopes: HKCU - {2A31C7B8-CF25-432f-BF9A-EA8CC139FE64} URL = http://www.google.com/cse?cx=partner-pu ... e=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
SearchScopes: HKCU - {2B6BCFF3-5572-4a44-9E16-55C3C4D7D733} URL = http://www.bing.com/search?q={searchTer ... R2&pc=SPLH
SearchScopes: HKCU - {CE772FF6-6A55-4237-9A7C-5225411C71F5} URL = http://search.yahoo.com/search?p={searc ... type=STDVM
BHO: DiscountFrenzy - {11111111-1111-1111-1111-110411531162} - C:\Program Files (x86)\DiscountFrenzy\DiscountFrenzy-bho64.dll No File
BHO-x32: fassurun - {e6efad0c-2d79-4b0d-8996-3e759a9c7914} - C:\Program Files (x86)\fassurun\fassurunBHO.dll (fassurun)

FF Extension: fassurun - C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\Extensions\firefox@fassurun.co.xpi

CHR Plugin: (Default Plug-in) - default_plugin No File
CHR HKLM-x32\...\Chrome\Extension: [hjeglkhenpckoocpnajnnmcehdkcemnm] - C:\Program Files (x86)\fassurun\hjeglkhenpckoocpnajnnmcehdkcemnm.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

U3 aul8xovq; C:\Windows\System32\Drivers\aul8xovq.sys [0 ] (Microsoft Corporation)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

2014-01-08 21:42 - 2014-01-08 21:42 - 00112640 _____ (forum.viry.cz) C:\Users\Toumes\Desktop\FRSTLauncher.exe
2014-01-08 21:11 - 2014-01-08 21:11 - 01233962 _____ C:\Users\Toumes\Desktop\adwcleaner.exe
2014-01-08 21:09 - 2014-01-08 21:09 - 00006694 _____ C:\Users\Toumes\Desktop\JRT.txt
2014-01-08 21:04 - 2013-12-26 20:47 - 00000000 ____D C:\Program Files (x86)\fassurun
C:\Users\Toumes\AppData\Local\Temp\GenericUninstall.exe
C:\Users\Toumes\AppData\Local\Temp\mgsqlite3.dll
C:\Users\Toumes\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Toumes\AppData\Local\Temp\Quarantine.exe
C:\Users\Toumes\AppData\Local\Temp\uninstaller.exe
C:\Users\Toumes\AppData\Local\Temp\WSSetup.exe

Hosts:
CMD: shutdown /r /f /t 2

End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM => Value deleted successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\SUPERAntiSpyware => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0691049-65ed-11e0-8729-1c6f65a067d5} => Key deleted successfully.
HKCR\CLSID\{c0691049-65ed-11e0-8729-1c6f65a067d5} => Key not found.
HKU\Default\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\Default User\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value not found.
HKU\Tomas\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\Tomas.Tomas-PC\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\Tomas.Tomas-PC.000\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKU\UpdatusUser\Software\Microsoft\Windows\CurrentVersion\Run\\WindowsWelcomeCenter => Value deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\ => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2A31C7B8-CF25-432f-BF9A-EA8CC139FE64} => Key deleted successfully.
HKCR\CLSID\{2A31C7B8-CF25-432f-BF9A-EA8CC139FE64} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2B6BCFF3-5572-4a44-9E16-55C3C4D7D733} => Key deleted successfully.
HKCR\CLSID\{2B6BCFF3-5572-4a44-9E16-55C3C4D7D733} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CE772FF6-6A55-4237-9A7C-5225411C71F5} => Key deleted successfully.
HKCR\CLSID\{CE772FF6-6A55-4237-9A7C-5225411C71F5} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162} => Key deleted successfully.
HKCR\CLSID\{11111111-1111-1111-1111-110411531162} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e6efad0c-2d79-4b0d-8996-3e759a9c7914} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{e6efad0c-2d79-4b0d-8996-3e759a9c7914} => Key deleted successfully.
C:\Users\Toumes\AppData\Roaming\Mozilla\Firefox\Profiles\9zzjui9y.default\Extensions\firefox@fassurun.co.xpi => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\hjeglkhenpckoocpnajnnmcehdkcemnm => Key deleted successfully.
C:\Program Files (x86)\fassurun\hjeglkhenpckoocpnajnnmcehdkcemnm.crx => Moved successfully.
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
aul8xovq => Service deleted successfully.
IpInIp => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
C:\Users\Toumes\Desktop\FRSTLauncher.exe => Moved successfully.
C:\Users\Toumes\Desktop\adwcleaner.exe => Moved successfully.
C:\Users\Toumes\Desktop\JRT.txt => Moved successfully.
C:\Program Files (x86)\fassurun => Moved successfully.
C:\Users\Toumes\AppData\Local\Temp\GenericUninstall.exe => Moved successfully.
C:\Users\Toumes\AppData\Local\Temp\mgsqlite3.dll => Moved successfully.
C:\Users\Toumes\AppData\Local\Temp\NOSEventMessages.dll => Moved successfully.
C:\Users\Toumes\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\Toumes\AppData\Local\Temp\uninstaller.exe => Moved successfully.
C:\Users\Toumes\AppData\Local\Temp\WSSetup.exe => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.

========= shutdown /r /f /t 2 =========


========= End of CMD: =========


==== End of Fixlog ====
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy superfisch, nabouravani se do emailu

#11 Příspěvek od vyosek »

Jak se chova PC, stale reklamy vyskakuji??
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
tommmmm
Návštěvník
Návštěvník
Příspěvky: 53
Registrován: 03 úno 2009 19:28

Re: Reklamy superfisch, nabouravani se do emailu

#12 Příspěvek od tommmmm »

Tak reklamy se jiz neukaziji, vypada ze je vse v poradku :thumbsup:
Nahoru
Uživatelský avatar
vyosek
VIP
VIP
Příspěvky: 56373
Registrován: 07 lis 2006 15:24
Bydliště: Šalingrad - Brno

Re: Reklamy superfisch, nabouravani se do emailu

#13 Příspěvek od vyosek »

Tak jeste uklidime :James008:

:arrow: T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe
  • Stahnete a spustte
  • Pro potvrzeni volby mackejte A, Enter
  • Po pouziti utilitu smazte
  • Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)
:arrow: OTC http://oldtimer.geekstogo.com/OTC.exe
  • Stahnete a spustte
  • Kliknete na CleanUp a potvrdte YES
  • Program uklidi a restartuje PC

:arrow: TFC http://oldtimer.geekstogo.com/TFC.exe
  • Stahnete a spustte
  • Kliknete na Start a potvrdte OK
  • Program uklidi a restartuje pc
  • Po pouziti utilitu smazte
:arrow: Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič
  • Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner
Panel registry
  • dejte Hledej problémy
  • nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
  • postup opakujte dokud nebude bez problemu - vetsinou cca 3x
Panel nástroje
  • Zde muzete odinstalovat nepotrebne programy
CCleaner doporucuji pouzivat cca jednou za tyden

:arrow: A pokud nejsou problemy ci dotazy, je to z me strany vse :|
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen Obrázek od 1. února 2011.
Nahoru
Odpovědět

Zpět na „Řešení problémů, logy“