A friend of mine asked me to take a look at her PC´, because she thought she might have a virus.
I ran Malwarebytes and aswMBR none of them detected anything.
The I tried to run GMER and an entry shows up at “rootkit/malware”. It says the following:
Type:AttachedDevice Name: \FileSystem\Fastfat\Fat Value:fltmgr.sys
Comodo Cleaning Essentials also detects a MBR modification, although it doesn’t state what type ofmodification it is.
BTW I have no devecis attached to this computer, just PS/2 Mouse and keyboard and the flat screen. The computer does have a card reader.
Actually I am not sure.
She told me that she ran into some problems whilst trying to print a document to her job. It was sort of important and she was stressed up about it, so it could just be that she did something wrong and thought it was a virus - not very tech savvy.
The computer did crash (BSOD), not now, when she was trying to use it. But using the BlueScreenViewer from nirsoft the culprit appears to be the atapi driver (IDE controller).
What about the Gmer entry do you have any idea about what it is?
no, everything seems fine. Though there are frequent entries in the event viewer stating
Error - 24-07-2013 13:43:58 | Computer Name = FJ20RAW8HS | Source = atapi | ID = 262153
Description = O dispositivo, \Device\Ide\IdePort0, não respondeu dentro do tempo
limite
translates to something like “The device \Device\Ide\IdePort0, did not answer within the time limit”
Though this might not virus related, do you any ideas about what it might be?