fssm32.exe eli toi f-securen käytönaikainen tarkistus vie usein tehoja, liikaa, liian usein. Muusta sitten tiedä mut täs ois HJT-Loki sekä Kasperin nettiskannaus tulos: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 3:05:19, on 16.5.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE C:\Program Files\VIA\RAID\raid_tool.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\F-Secure Internet Security\Common\FCH32.EXE C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe C:\Program Files\F-Secure Internet Security\FSGUI\ispnews.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe C:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Program Files\F-Secure Internet Security\FSPC\fspc.exe C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\F-Secure Internet Security\FSAUA\program\fsus.exe C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe C:\WINDOWS\system32\taskmgr.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [News Service] "C:\Program Files\F-Secure Internet Security\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O9 - Extra button: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra 'Tools' menuitem: Lapsilukko... - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\F-Secure Internet Security\FSPC\fspcmsie.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe -- End of file - 7519 bytes Kasper: ------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER REPORT Friday, May 16, 2008 2:54:11 AM Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky Online Scanner version: 5.0.98.0 Kaspersky Anti-Virus database last update: 15/05/2008 Kaspersky Anti-Virus database records: 775984 ------------------------------------------------------------------------------- Scan Settings: Scan using the following antivirus database: extended Scan Archives: true Scan Mail Bases: true Scan Target - My Computer: A:\ C:\ D:\ E:\ F:\ G:\ H:\ I:\ J:\ K:\ L:\ M:\ N:\ O:\ Scan Statistics: Total number of scanned objects: 114579 Number of viruses found: 1 Number of infected objects: 5 Number of suspicious objects: 0 Duration of the scan process: 02:48:04 Infected Object Name / Virus Name / Last Action C:\Documents and Settings\All Users\Application Data\F-Secure\logs\FSMA\fsma.log Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped C:\Documents and Settings\pandaperhe\Application Data\ispnews\ispn.ini Object is locked skipped C:\Documents and Settings\pandaperhe\Application Data\ispnews\ispnc.items Object is locked skipped C:\Documents and Settings\pandaperhe\Application Data\ispnews\ispnr.items Object is locked skipped C:\Documents and Settings\pandaperhe\Application Data\Mozilla\Firefox\Profiles\v0gboolo.default\cert8.db Object is locked skipped C:\Documents and Settings\pandaperhe\Application Data\Mozilla\Firefox\Profiles\v0gboolo.default\formhistory.dat Object is locked skipped C:\Documents and Settings\pandaperhe\Application Data\Mozilla\Firefox\Profiles\v0gboolo.default\history.dat Object is locked skipped C:\Documents and Settings\pandaperhe\Application Data\Mozilla\Firefox\Profiles\v0gboolo.default\key3.db Object is locked skipped C:\Documents and Settings\pandaperhe\Application Data\Mozilla\Firefox\Profiles\v0gboolo.default\parent.lock Object is locked skipped C:\Documents and Settings\pandaperhe\Application Data\Mozilla\Firefox\Profiles\v0gboolo.default\search.sqlite Object is locked skipped C:\Documents and Settings\pandaperhe\Application Data\Mozilla\Firefox\Profiles\v0gboolo.default\urlclassifier2.sqlite Object is locked skipped C:\Documents and Settings\pandaperhe\Cookies\index.dat Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Application Data\Ahead\Nero Home\bl.db Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Application Data\Ahead\Nero Home\bl.db-journal Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Application Data\Ahead\Nero Home\is2.db Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Application Data\Ahead\Nero Home\is2.db-journal Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Application Data\Mozilla\Firefox\Profiles\v0gboolo.default\Cache\_CACHE_001_ Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Application Data\Mozilla\Firefox\Profiles\v0gboolo.default\Cache\_CACHE_002_ Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Application Data\Mozilla\Firefox\Profiles\v0gboolo.default\Cache\_CACHE_003_ Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Application Data\Mozilla\Firefox\Profiles\v0gboolo.default\Cache\_CACHE_MAP_ Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Temp\Perflib_Perfdata_5e8.dat Object is locked skipped C:\Documents and Settings\pandaperhe\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped C:\Documents and Settings\pandaperhe\NTUSER.DAT Object is locked skipped C:\Documents and Settings\pandaperhe\NTUSER.DAT.LOG Object is locked skipped C:\Program Files\F-Secure Internet Security\Anti-Virus\dbupdate.log Object is locked skipped C:\Program Files\F-Secure Internet Security\Anti-Virus\deleteme_msg.log Object is locked skipped C:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe.Qrt.log Object is locked skipped C:\Program Files\F-Secure Internet Security\Anti-Virus\perf.dat Object is locked skipped C:\Program Files\F-Secure Internet Security\Anti-Virus\power.dat Object is locked skipped C:\Program Files\F-Secure Internet Security\Common\policy.bpf Object is locked skipped C:\Program Files\F-Secure Internet Security\Common\policy.ipf Object is locked skipped C:\Program Files\F-Secure Internet Security\FSAUA\fsbwupst.log Object is locked skipped C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.dbg Object is locked skipped C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.log Object is locked skipped C:\Program Files\F-Secure Internet Security\FSPC\csdk\Stlst\StatListDb.dat Object is locked skipped C:\Program Files\F-Secure Internet Security\FSPC\csdk\Stlst\StatListDb.idx Object is locked skipped C:\Program Files\F-Secure Internet Security\FSPC\csdk\urlcache\domainNames.dat Object is locked skipped C:\Program Files\F-Secure Internet Security\FSPC\csdk\urlcache\domainNames.idx Object is locked skipped C:\Program Files\F-Secure Internet Security\FSPC\csdk\urlcache\urlCacheDb.dat Object is locked skipped C:\Program Files\F-Secure Internet Security\FSPC\csdk\urlcache\urlCacheDb.idx Object is locked skipped C:\Program Files\F-Secure Internet Security\FSPC\logs\fspcwld.dat Object is locked skipped C:\Program Files\F-Secure Internet Security\FSPC\logs\fspcwli.dat Object is locked skipped C:\Program Files\F-Secure Internet Security\Spam Control\log\fs_sa_log.txt Object is locked skipped C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped C:\System Volume Information\_restore{CE79D272-675B-4ADB-BFE4-DBC5B78D23E3}\RP276\change.log Object is locked skipped C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped C:\WINDOWS\SchedLgU.Txt Object is locked skipped C:\WINDOWS\SoftwareDistribution\EventCache\{936AABC3-78CD-495B-AAFB-C25958E6001E}.bin Object is locked skipped C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped C:\WINDOWS\Sti_Trace.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\default Object is locked skipped C:\WINDOWS\system32\config\default.LOG Object is locked skipped C:\WINDOWS\system32\config\SAM Object is locked skipped C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\SECURITY Object is locked skipped C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped C:\WINDOWS\system32\config\software Object is locked skipped C:\WINDOWS\system32\config\software.LOG Object is locked skipped C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped C:\WINDOWS\system32\config\system Object is locked skipped C:\WINDOWS\system32\config\system.LOG Object is locked skipped C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped C:\WINDOWS\Temp\Perflib_Perfdata_958.dat Object is locked skipped C:\WINDOWS\wiadebug.log Object is locked skipped C:\WINDOWS\wiaservc.log Object is locked skipped C:\WINDOWS\WindowsUpdate.log Object is locked skipped F:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped F:\System Volume Information\_restore{CE79D272-675B-4ADB-BFE4-DBC5B78D23E3}\RP276\change.log Object is locked skipped G:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped I:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped J:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped K:\Mirc\mIRC - English.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.63 skipped K:\Mirc\mIRC 6.3 + keygen.rar/mIRC - English.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.63 skipped K:\Mirc\mIRC 6.3 + keygen.rar RAR: infected - 1 skipped K:\mIRC 6.3 + keygen.rar/mIRC - English.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.63 skipped K:\mIRC 6.3 + keygen.rar RAR: infected - 1 skipped K:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped L:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped M:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped M:\System Volume Information\_restore{CE79D272-675B-4ADB-BFE4-DBC5B78D23E3}\RP276\change.log Object is locked skipped Scan process completed. Tuo Kasperin tulos hieman hämää viruksensa kanssa joten gurut tell me what to do?
Totta virus scannerit hämää tämän kohdalla mIRC 6.3 (ei ole virus) Muilta osin logit on viruksista puhtaat. F-Secure on raskain scanneri markkinoilla. Olet asentanut lapsilukkoa myöten sen koneelle. Voit F-Securen hallintapaneelista muuttaa actiivi scannauksesta sen ajastetuksi haluttuun ajankohtaan. esmes. kerran viikossa yöllä tai silloin kun et tapaa olla koneella. Javan päivitys sun kannattaa tehdä on jo vanha. Mene Ohjauspaneliin ==>> Java ==> Update vlilehti ja alhaalta Update Now nappista päivitys. Jatkuvasti käynnissä olevia ohjelmia sulla on muutama joiden sammuttaminen notkistaa vanhempaa konetta. Toimiiko muuten OK ???
Yep, toimii. Asensin f-securen uusiksi ja ilman lapsilukkoa, en enää edes muista mitä kaikkea poistelin ja asentelin ja touhuilin mutta ongelmat tuntuvat olevan toistaiseksi taas ohi
