Problem z F–Secure IS 2006
Witajcie,
mam problem z f–secure is 2006. Polega on na tym, źe jak chcę wykonać pełne skanowanie systemu to wszystko jest dobrze do momentu skanowania C:\System Volume. Tu sie jakby zacina – menadzer zadań pokazuje źe f–sec sie nie zawiesił ale zuźycie procesora wynosi 100%. Od tego momentu nie da się praktycznie nic zrobić bo komputer jest zamulony. Po restarcie ok. Załączam log z HijackThis.
Logfile of HijackThis v1.99.1
Scan saved at 11:59:53, on 2006–02–03
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\F–SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsgk32st.exe
C:\Program Files\F–Secure Internet Security\backweb\4476822\program\fsbwsys.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\FSGK32.EXE
C:\Program Files\F–Secure Internet Security\Common\FSMA32.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fssm32.exe
C:\Program Files\F–Secure Internet Security\Common\FSMB32.EXE
C:\Program Files\F–Secure Internet Security\backweb\4476822\Program\fspex.exe
C:\Program Files\F–Secure Internet Security\Common\FCH32.EXE
C:\Program Files\F–Secure Internet Security\Common\FAMEH32.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsqh.exe
C:\Program Files\F–Secure Internet Security\FWES\Program\fsdfwd.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsrw.exe
C:\Program Files\F–Secure Internet Security\FSPC\fspc.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsav32.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\F–Secure Internet Security\Common\FSM32.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\PROGRA~1\F–SECU~1\ANTI–S~1\fsaw.exe
C:\Program Files\F–Secure Internet Security\FSGUI\fsguidll.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\OpenOffice.ux.pl 2.0.1\program\soffice.exe
C:\Program Files\OpenOffice.ux.pl 2.0.1\program\soffice.BIN
C:\Program Files\Linksys\Wireless–G Notebook Adapter\OdHost.exe
C:\Program Files\Linksys\Wireless–G Notebook Adapter\WPC54Cfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Apteka\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com.tw
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com.tw
R1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\system32\msdxm.ocx
O4 – HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 – HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 – HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 – HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 – HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 – HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd.exe"
O4 – HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 – HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpotdd01.exe
O4 – HKLM\..\Run: [F–Secure Manager] "C:\Program Files\F–Secure Internet Security\Common\FSM32.EXE" /splash
O4 – HKLM\..\Run: [F–Secure TNB] "C:\Program Files\F–Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 – HKLM\..\Run: [F–Secure Startup Wizard] "C:\Program Files\F–Secure Internet Security\FSGUI\FSSW.EXE" /reboot
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 – Startup: OpenOffice.ux.pl 2.0.1.lnk = C:\Program Files\OpenOffice.ux.pl 2.0.1\program\quickstart.exe
O4 – Global Startup: Wireless–G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless–G Notebook Adapter\Startup.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: F–Secure 2006.lnk = C:\Program Files\F–Secure Internet Security\backweb\4476822\Program\fspex.exe
O8 – Extra context menu item: &Zablokuj to okienko – C:\Program Files\F–Secure Internet Security\Anti–Spyware\blockpopups.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: Filtr sieci Web – {200DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra button: (no name) – {200DB664–75B5–47c0–8B45–A44ACCF73F01} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra 'Tools' menuitem: Filtr sieci Web – {200DB664–75B5–47c0–8B45–A44ACCF73F01} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra button: Osłona programu IE – {300DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\Anti–Spyware\ieshield.dll
O9 – Extra 'Tools' menuitem: Osłona programu IE... – {300DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\Anti–Spyware\ieshield.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O10 – Broken Internet access because of LSP provider 'winsflt.dll' missing
O14 – IERESET.INF: START_PAGE_URL=http://www.asus.com.tw
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {644E432F–49D3–41A1–8DD5–E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 – Service: Ati HotKey Poller – Unknown owner – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: F–Secure 2006 (BackWeb Plug–in – 4476822) – F–Secure Internet Security 2005 – C:\PROGRA~1\F–SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 – Service: FSGKHS (F–Secure Gatekeeper Handler Starter) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\Anti–Virus\fsgk32st.exe
O23 – Service: fsbwsys – F–Secure Corp. – C:\Program Files\F–Secure Internet Security\backweb\4476822\program\fsbwsys.exe
O23 – Service: F–Secure Anti–Virus Firewall Daemon (FSDFWD) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\FWES\Program\fsdfwd.exe
O23 – Service: F–Secure HTTP Server (fshttps) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\FSPC\fshttps\fshttps.exe
O23 – Service: F–Secure Management Agent (FSMA) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\Common\FSMA32.EXE
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 – Service: NICSer_WPC54G – Unknown owner – C:\Program Files\Linksys\Wireless–G Notebook Adapter\NICServ.exe
mam problem z f–secure is 2006. Polega on na tym, źe jak chcę wykonać pełne skanowanie systemu to wszystko jest dobrze do momentu skanowania C:\System Volume. Tu sie jakby zacina – menadzer zadań pokazuje źe f–sec sie nie zawiesił ale zuźycie procesora wynosi 100%. Od tego momentu nie da się praktycznie nic zrobić bo komputer jest zamulony. Po restarcie ok. Załączam log z HijackThis.
Logfile of HijackThis v1.99.1
Scan saved at 11:59:53, on 2006–02–03
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\F–SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsgk32st.exe
C:\Program Files\F–Secure Internet Security\backweb\4476822\program\fsbwsys.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\FSGK32.EXE
C:\Program Files\F–Secure Internet Security\Common\FSMA32.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fssm32.exe
C:\Program Files\F–Secure Internet Security\Common\FSMB32.EXE
C:\Program Files\F–Secure Internet Security\backweb\4476822\Program\fspex.exe
C:\Program Files\F–Secure Internet Security\Common\FCH32.EXE
C:\Program Files\F–Secure Internet Security\Common\FAMEH32.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsqh.exe
C:\Program Files\F–Secure Internet Security\FWES\Program\fsdfwd.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsrw.exe
C:\Program Files\F–Secure Internet Security\FSPC\fspc.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsav32.exe
C:\WINDOWS\ATK0100\Hcontrol.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe
C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\F–Secure Internet Security\Common\FSM32.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\PROGRA~1\F–SECU~1\ANTI–S~1\fsaw.exe
C:\Program Files\F–Secure Internet Security\FSGUI\fsguidll.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\OpenOffice.ux.pl 2.0.1\program\soffice.exe
C:\Program Files\OpenOffice.ux.pl 2.0.1\program\soffice.BIN
C:\Program Files\Linksys\Wireless–G Notebook Adapter\OdHost.exe
C:\Program Files\Linksys\Wireless–G Notebook Adapter\WPC54Cfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Apteka\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.asus.com.tw
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com.tw
R1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\system32\msdxm.ocx
O4 – HKLM\..\Run: [Hcontrol] C:\WINDOWS\ATK0100\Hcontrol.exe
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 – HKLM\..\Run: [Power_Gear] C:\Progra~1\ASUS\Power4 Gear\BatteryLife.exe 1
O4 – HKLM\..\Run: [ATIPTA] C:\Progra~1\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 – HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 – HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 – HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd.exe"
O4 – HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 – HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpotdd01.exe
O4 – HKLM\..\Run: [F–Secure Manager] "C:\Program Files\F–Secure Internet Security\Common\FSM32.EXE" /splash
O4 – HKLM\..\Run: [F–Secure TNB] "C:\Program Files\F–Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 – HKLM\..\Run: [F–Secure Startup Wizard] "C:\Program Files\F–Secure Internet Security\FSGUI\FSSW.EXE" /reboot
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 – Startup: OpenOffice.ux.pl 2.0.1.lnk = C:\Program Files\OpenOffice.ux.pl 2.0.1\program\quickstart.exe
O4 – Global Startup: Wireless–G Notebook Adapter Utility.lnk = C:\Program Files\Linksys\Wireless–G Notebook Adapter\Startup.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: F–Secure 2006.lnk = C:\Program Files\F–Secure Internet Security\backweb\4476822\Program\fspex.exe
O8 – Extra context menu item: &Zablokuj to okienko – C:\Program Files\F–Secure Internet Security\Anti–Spyware\blockpopups.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: Filtr sieci Web – {200DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra button: (no name) – {200DB664–75B5–47c0–8B45–A44ACCF73F01} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra 'Tools' menuitem: Filtr sieci Web – {200DB664–75B5–47c0–8B45–A44ACCF73F01} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra button: Osłona programu IE – {300DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\Anti–Spyware\ieshield.dll
O9 – Extra 'Tools' menuitem: Osłona programu IE... – {300DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\Anti–Spyware\ieshield.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O10 – Broken Internet access because of LSP provider 'winsflt.dll' missing
O14 – IERESET.INF: START_PAGE_URL=http://www.asus.com.tw
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {644E432F–49D3–41A1–8DD5–E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O23 – Service: Ati HotKey Poller – Unknown owner – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: F–Secure 2006 (BackWeb Plug–in – 4476822) – F–Secure Internet Security 2005 – C:\PROGRA~1\F–SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 – Service: FSGKHS (F–Secure Gatekeeper Handler Starter) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\Anti–Virus\fsgk32st.exe
O23 – Service: fsbwsys – F–Secure Corp. – C:\Program Files\F–Secure Internet Security\backweb\4476822\program\fsbwsys.exe
O23 – Service: F–Secure Anti–Virus Firewall Daemon (FSDFWD) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\FWES\Program\fsdfwd.exe
O23 – Service: F–Secure HTTP Server (fshttps) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\FSPC\fshttps\fshttps.exe
O23 – Service: F–Secure Management Agent (FSMA) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\Common\FSMA32.EXE
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 – Service: NICSer_WPC54G – Unknown owner – C:\Program Files\Linksys\Wireless–G Notebook Adapter\NICServ.exe
Odpowiedzi: 2
Dziekuję Bobi. Wyłączenie przywracania systemu zadziałało. F–Sec nie zaciął się, obciąźenie procesora 13–20%. Wykrył Trojan.win32.Agent.on w 2 lokacjach, a mianowicie c:\WINDOWS\system32\dllcache\logonui.exe i C:\WINDOWS\system32\logonui.exe. Po ponownym włączeniu przywracania wszystko działa poprawnie. Zastanawiam się czy za te problemy moźe odpowiadać ww złośnik??? Nadmienię, źe wcześniej nie miałem problemów z F–Sec. Żadnych. Aha. Jeszcze jedno, naiwne, pytanie. Skąd się pojawił Trojan.win32.Agent.on? Za odpowiedź(i) z góry dziękuję i pozdrawiam.
Nie masz moźliwosci wyłączyć w F–Secure spod skanowania katalogu SVI (przywracanie systemu)?
W normalnym trybie z reguły ten katalog jest uźywany przez system, spróbuj wiec np. w awaryjnym.
Inne wyjscie to wyłączenie na moment przywracania – opróźniona zostanie jego zawartosć – przejęcie praw do katalogu (FAQ w dziale XP Przejmowanie uprawnień), przeprowadzenie skanowania, nastepnie po skanowaniu ponowne włączenie przywracania.
W normalnym trybie z reguły ten katalog jest uźywany przez system, spróbuj wiec np. w awaryjnym.
Inne wyjscie to wyłączenie na moment przywracania – opróźniona zostanie jego zawartosć – przejęcie praw do katalogu (FAQ w dziale XP Przejmowanie uprawnień), przeprowadzenie skanowania, nastepnie po skanowaniu ponowne włączenie przywracania.
Strona 1 / 1