i just wanted to inform anyone whom it may concern that if you have the user account management popup bugging you repeatedly wether to allow changes to a program called "fsystem.exe" or not, it is likely a trojan that will not be recognized by most programs, but according to virustotal it is at least detected and destroyed by a handful, even free programs (in my case it was AVG Free Antivirus 2011).
There are two files related to that trojan: nskusvc.exe located in user\username\appdata\roaming\microsoft\windows\templates...followed by numbers (5 digit underscore 5 digit) which is a service running under the same name ("nskusvc" service in taskmanager) and is normally not deletable, thus the folder containing AppData is also locked (access denied even to administrator). And there is the second file, "fsystem.exe" (also a process in taskmanager)which is deletable in its folder (c:\windows\Syswow64) but returning after some seconds - same goes with the process. Both are korean origin, "language korean" and seem to be part of a trojan (some sort of win32 agent). Most Antivirus-Scanners dont find them. But there is one free program according to virustotal.com who can find and destroy both:
All you gotta do is download AVG Free Antivirus 2011 and install it - it will find and delete that trojan without a scan, just immediately on first startup. Then you can keep it as virusprotection or not, whatever you like, but i read it is same protective like Norton and other high quality products (according to google).
PS i still have to run several tests with other programs such as Malwarebyte's Anti-Malware scanner but for now it seems to be a sufficient first step.
Edited by Original20, 13 June 2011 - 08:38 AM.