Zresetowałem przywracane systemu, zrobiłem CCleaner. Udało się wreszcie zrobić “sfc /scannow”, ale nic nie pomogło.
Tych 10 plików *tmp usunąłem, ale zastanawiam się - bo w tym katalogu jest jeszcze 460 OLD…tmp.(=81 Mb). Są do czegoś potrzebne?
Może je wyrzucić wszystkie?
Mam pytanie o Int. Expl. Klikam PKM na ikonie i otwiera się menu pozbawione “Otwórz stronę główną” i “Uruchomienie bez dodatków”.
Jest tylko: Usuń - Utwórz skrót - Właściwości -Zmień nazwę.
Jak chcę otworzyć IE to się po prostu tylko robi skrót na pulpicie.
Sieć WiFi działa, pingi ok, a nie może FF otworzyć żadnej strony, a IE robi skróty. Może to ma coś wspólnego z GData TotalCare2009, który wczoraj zainstalowałem i jest coś za mocno podkręcony. Później go odinstaluję.
Zresetowałem ustawienia IE - bez zmian. Zainstaluję najnowsze wersje IE i FF.
Komputer skanował się dziś w nocy przez 9 godz. i nie zawiesił się.
" GDATA TotalCare2009 " znalazł 6 trojanów “win32.oliga” w C:\System Volume Information\Restore…
Trybu Awaryjnego dalej nie ma.
_______________________________________________
Mam też pytanie o te wpisy w logu z ComboFix : http://wklej.org/id/48099/dl
Już nie mam tych programów, mogę po prostu usunąć te wpisy w HKLM?
A te, też normalnie usunąć?
___________________________________________________________________________________________________
Log HjT : http://wklej.org/id/48189/dl
A m.in. ten wpis powraca za każdym razem, mimo że go fixuję w HjT:
A analizery podpowiadają:
Proszę ustosunkować się też do tego co poniżej. Co z tym zrobić?
Sprawdzałem na innym komputerze, występują te wpisy tylko raz - zawsze w prawidłowym C:\WINDOWS\System32…
A u mnie są w kilku miejscach; wystarczy je usunąć np. w Total Commanderze, czy trzeba je jakoś specjalnie potraktować (OTMoveIt3 lub coś podobnego…) ?
I co z tymi wirusami przypisanymi do tych plików?
Tymczasem widzę go u mnie również w drugim miejscu:
c:\WINDOWS\system32\dllcache\wuauclt.exe
U mnie są tutaj:
c:\WINDOWS\system32\smss.exe
c:\WINDOWS\ServicePackFiles\i386\smss.exe
c:\WINDOWS\system32\dllcache\smss.exe
c:\WINDOWS\i386\system32\smss.exe
U mnie są tutaj:
c:\WINDOWS\system32\winlogon.exe
c:\WINDOWS\ServicePackFiles\i386\winlogon.exe
c:\WINDOWS\system32\dllcache\winlogon.exe
U mnie są tutaj:
c:\WINDOWS\system32\services.exe
c:\WINDOWS\ServicePackFiles\i386\services.exe
c:\WINDOWS\system32\dllcache\services.exe
lsass.exe - It generates the process responsible for authenticating users for the Winlogon service. This process is performed by using authentication packages such as the default Msgina.dll. If authentication is successful, Lsass generates the user’s access token, which is used to launch the initial shell. Other processes that the user initiates inherit this token. You will not be able to end this through task manager! The lsass.exe which is from Microsoft is located at c:windowsSystem32lsass.exe . there’s a few viruses that have been found to run as lsass.exe to hide from you.
U mnie są tutaj:
c:\WINDOWS\system32\lsass.exe
c:\WINDOWS\ServicePackFiles\i386\lsass.exe
c:\WINDOWS\system32\dllcache\lsass.exe
I tak dalej…
Pozostałe procesy opisane wewnątrz loga:
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:08:03, on 2009-02-03 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Anti-Malware\a2service.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SYSTEM32\GEARSEC.EXE C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\Tweak-XP Pro 4\popup.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Mozilla Firefox\firefox.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O4 - HKLM…\Run: [egui] “C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe” /hide /waitservice O4 - HKCU…\Run: [Pop-Up-Blocker] “C:\Program Files\Tweak-XP Pro 4\popup.exe” O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18…\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User ‘Default user’) O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe End of file - 3034 bytes ------------------------------------- Bad - Remove almost always OK Most of the time - don’t need to touch Probably not needed - Safe to remove Generally harmless - third party applications Bad if you don’t know what it is Unknown Item - Investigate further You can reference this log by going to: http://hjt.networktechs.com/parse.php?log=590671Logfile of Trend Micro HijackThis v2.0.2 Old Version of HijackThis We suggest you upgrade to the latest version of HijackThis (version 1.99.1") at http://www.merijn.org Scan saved at 18:08:03, on 2009-02-03 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16762) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe Smss.exe What is it? Session Manager SubSystem - smss.exe What does it do? smss.exe - This is the session manager subsystem, which is responsible for starting the user session. This process is initiated by the system thread and is responsible for various activities, including launching the Winlogon and Win32 (Csrss.exe) processes and setting system variables. After it has launched these processes, it waits for either Winlogon or Csrss to end. If this happens “normally,” the system shuts down; if it happens unexpectedly, Smss.exe causes the system to stop responding (hang). Additional Reading: Smss.exe does not resolve forward references in environment You will not be able to end this through task manager! More info Virus Precaution: The smss.exe which is from Microsoft is located at c:windowsSystem32smss.exe . We’ve been able to find several viruses that run as smss to trick you. Adware.Advision - Symantec Corporation Adware.DreamAd - Symantec Corporation Backdoor.IRC.Aladinz.O - Symantec Corporation Backdoor.IRC.Flood.F - Symantec Corporation W32.Dalbug.Worm - Symantec Corporation W32.Resdoc - Symantec Corporation C:\WINDOWS\system32\winlogon.exe Winlogon.exe What is it? Windows Logon Process - Winlogon.exe What does it do? Direct Quote from here: This is the process responsible for managing user logon and logoff. Moreover, Winlogon is active only when the user presses CTRL+ALT+DEL, at which point it shows the security dialog box. Search MS for more info: Link Virus Precaution: The original Winlogon.exe from Microsoft gets placed in the C:WINDOWSSystem32 directory. if you find it anywhere else then you should be suspicious for sure. You’ll want to keep an eye on this google search for any known viruses. We’ve been able to find only 1 report of a virus so far. Troj/Madr-B @ Sophos Netsky.D @ Trend Micro C:\WINDOWS\system32\services.exe services.exe services.exe is a part of Windows that manages the processes. Anytime a service starts or stops it is through services.exe. During system startup and shutdown is when this process sees most of its action. You should never end this process unless it is running outside of your windows system folder. C:\WINDOWS\system32\lsass.exe lsass.exe What is it? Local Security Authentication Server - lsass.exe What does it do? lsass.exe - It generates the process responsible for authenticating users for the Winlogon service. This process is performed by using authentication packages such as the default Msgina.dll. If authentication is successful, Lsass generates the user’s access token, which is used to launch the initial shell. Other processes that the user initiates inherit this token. You will not be able to end this through task manager! From MS The lsass.exe which is from Microsoft is located at c:windowsSystem32lsass.exe . there’s a few viruses that have been found to run as lsass.exe to hide from you. C:\WINDOWS\system32\svchost.exe Svchost.exe What is it? Service Host Process - svchost.exe What does it do? Here’s a direct quote from MS about this: (source) Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging. Svchost.exe groups are identified in the following registry key: HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService If you’re running Windows XP Home edition then you’ll have to download this file HERE and put it in your windows/system32 directory. If you’re running XP Pro then you won’t need that file since you already have it. 1.) Start --> Run --> cmd 2.) Tasklist /svc >C:ianaginfo.txt Here’s an example of what I got when I issued this command if you’d like to take a look at an example. A Description of Svchost.exe in Windows XP: http://support.microsoft.com/?kbid=314056 More Info Virus Precaution: The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure. You’ll want to keep an eye on this google search for any known viruses. C:\WINDOWS\System32\svchost.exe Svchost.exe What is it? Service Host Process - svchost.exe What does it do? Here’s a direct quote from MS about this: (source) Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging. Svchost.exe groups are identified in the following registry key: HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService If you’re running Windows XP Home edition then you’ll have to download this file HERE and put it in your windows/system32 directory. If you’re running XP Pro then you won’t need that file since you already have it. 1.) Start --> Run --> cmd 2.) Tasklist /svc >C:ianaginfo.txt Here’s an example of what I got when I issued this command if you’d like to take a look at an example. A Description of Svchost.exe in Windows XP: http://support.microsoft.com/?kbid=314056 More Info Virus Precaution: The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure. You’ll want to keep an eye on this google search for any known viruses. C:\WINDOWS\system32\spoolsv.exe Spoolsv.exe What is it? SPOOLer SerVice - spoolsv.exe What does it do? spoolsv.exe - The spooler service is responsible for managing spooled print/fax jobs You will be able to end this through task manager! More info Virus Precaution: The spoolsv.exe which is from Microsoft is located at c:windowsSystem32spoolsv.exe . We’ve been able to find several viruses that run as spoolsv to trick you. Backdoor.Ciadoor.B - Symantec Corporation Hacktool.Privshell - Symantec Corporation VBS.Masscal.Worm (vbs) - Symantec Corporation Graybird-A @ Sophos C:\Program Files\a-squared Anti-Malware\a2service.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. C:\Program Files\a-squared Free\a2service.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. C:\WINDOWS\Explorer.EXE explorer.exe What is it? Windows Explorer - explorer.exe What does it do? explorer.exe - Below is a direct quote from Microsoft found on THIS page: This is the user shell, which we see as the familiar taskbar, desktop, and so on. This process isn’t as vital to the running of Windows as you might expect, and can be stopped (and restarted) from Task Manager, usually with no negative side effects on the system. I have found that stopping this process is needed sometimes to stop some other processes. More Info Virus Precaution: The original file from Microsoft gets placed at C:WINDOWSSystem32explorer.exe . if you find it anywhere else then you should be suspicious for sure. You’ll want to keep an eye on this google search for any known viruses. There’s only one unique virus found through this search. All of the results are the various names of this single virus. Deloder-A @ Sophos MyDoom.B @ Symantec C:\WINDOWS\SYSTEM32\GEARSEC.EXE gearsec.exe What is it? Gear Software’s Recording Engine - Gearsec.exe What does it do? gearsec.exe - DVD x COPY , itunes and Power Quest’s Drive Image are the most popular programs that utilize this software. You can find more information about Gear Software here. I do not believe that there is any form of spyware, adware or call home functions in this file. It should be harmless. Basically it gives a number of third part applications the ability to burn CDs and DVDs. Virus Precautions: You’ll want to keep an eye on this google search for any known viruses. The normal location of gearsec.exe is your dystem% directory which is normally C:WINDOWSSystem32gearsec.exe. At this time my search shows nothing. C:\Program Files\Java\jre6\bin\jqs.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. C:\WINDOWS\system32\svchost.exe Svchost.exe What is it? Service Host Process - svchost.exe What does it do? Here’s a direct quote from MS about this: (source) Svchost.exe is a generic host process name for services that are run from dynamic-link libraries (DLLs). The Svchost.exe file is located in the %SystemRoot%System32 folder. At startup, Svchost.exe checks the services portion of the registry to construct a list of services that it needs to load. There can be multiple instances of Svchost.exe running at the same time. Each Svchost.exe session can contain a grouping of services, so that separate services can be run depending on how and where Svchost.exe is started. This allows for better control and debugging. Svchost.exe groups are identified in the following registry key: HKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost Each value under this key represents a separate Svchost group and is displayed as a separate instance when you are viewing active processes. Each value is a REG_MULTI_SZ value and contains the services that run under that Svchost group. Each Svchost group can contain one or more service_names extracted from the following registry key, whose Parameters key contains a ServiceDLL value: HKEY_LOCAL_MACHINESystemCurrentControlSetServicesService If you’re running Windows XP Home edition then you’ll have to download this file HERE and put it in your windows/system32 directory. If you’re running XP Pro then you won’t need that file since you already have it. 1.) Start --> Run --> cmd 2.) Tasklist /svc >C:ianaginfo.txt Here’s an example of what I got when I issued this command if you’d like to take a look at an example. A Description of Svchost.exe in Windows XP: http://support.microsoft.com/?kbid=314056 More Info Virus Precaution: The original file from Microsoft gets placed in the Located in C:WINDOWSSystem32 directory. If you find it anywhere else then you should be suspicious for sure. You’ll want to keep an eye on this google search for any known viruses. C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe nmsrvc.exe We Don’t know! Please post a comment with information about this file C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. C:\Program Files\Tweak-XP Pro 4\popup.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. C:\WINDOWS\system32\ctfmon.exe ctfmon.exe What is it? Language bar AKA Alternative User Input Services - ctfmon.exe What does it do? ctfmon.exe - it’s an ever annoying helper tool that comes rather unexpectedly at times and liked by nearly nobody. Ctfmon.exe monitors the active windows and provides text input service support for speech recognition, handwriting recognition, keyboard, translation, and other alternative user input technologies. Loads of information can be found on microsoft’s site here. Unless you’re using anything in that list above you’ll want to stop this file from loading! How do I get rid of it? There’s been a number of threads in our forum as well as others about this. A typical thread can be found here. control panel --> regional and language options --> languages tab --> details button --> language bar button Virus Precaution: Just like so many of the other files I’ve written about so far, ctfmon.exe is located in the c:windowsSystem32ctfmon.exe. At the time of this writing there isn’t any spyware, viruses or anything like that masking itself as this file. If you find any info on one then please let me know! C:\WINDOWS\system32\wbem\wmiapsrv.exe wmiapsrv.exe wmiapsrv.exe is WMI performance server. If you are using the built in windows performance monitoring software this process will be running. C:\WINDOWS\system32\wuauclt.exe wuauclt.exe What is it? Windows Update Automatic Client - wuauclt.exe What does it do? wuauclt.exe - This is used by the automatic update tool in Windows ME to check the Windows Update site every so often to see if any updates need to be installed. More Info Virus Precaution: The original wuauclt.exe from Microsoft gets placed in the Located at C:WINDOWSSystem32wuauclt.exe . If you find it anywhere else then you should be suspicious for sure. You’ll want to keep an eye on this google search for any known viruses. Backdoor.Clt @ Symantec Corporation Troj/Cult-B @ Sophos C:\Program Files\Trend Micro\HijackThis\HijackThis.exe HijackThis.exe This is our favorite application for fighting against malware and other trashy application that bog systems down. Our guide to using this software can be found here. We have also taken the time to write a system to process the log files created from this application here. C:\Program Files\Mozilla Firefox\firefox.exe firefox.exe What is it? Mozilla Firefox - firefox.exe What does it do? firefox.exe - This is Mozilla Firefox my personal favorite browser. It is the slimmed down browser only project based upon Mozilla code. Virus Precautions: You’ll want to keep an eye on this google search for any known viruses. The normal location of this file is C:Program FilesMozilla Firefoxfirefox.exe ------------- R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 Internet Start Page This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 Internet Start Page This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 Internet Start Page This is where you go when you first open IE. Should be something like google.com or iamnotageek.com if theres a site you don’t know here clean this line! O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll Unnamed BHO ssv.dll - Related to Sun_Java_software http://java.com/en/download/index.jsp O4 - HKLM…\Run: [egui] “C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe” /hide /waitservice Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O4 - HKCU…\Run: [Pop-Up-Blocker] “C:\Program Files\Tweak-XP Pro 4\popup.exe” Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe Ctfmon.exe “CoolWebSearch Ctfmon32 parasite variant” O4 - HKUS\S-1-5-18…\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User ‘SYSTEM’) Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O4 - HKUS.DEFAULT…\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User ‘Default user’) Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files\a-squared Anti-Malware\a2service.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\SYSTEM32\GEARSEC.EXE GEARSecurity Related to GEAR software. O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it. O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe Unknown Item Sorry. We are not sure what this item is. If you would like, you can click on it to request additional information about it.
Tu jest wklejka z tą diagnozą: http://wklej.org/id/48234/dl