Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Virus/malware messing up my Win Firewall, DVD drive and printers [Solv


  • This topic is locked This topic is locked

#16
JHGR

JHGR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Hi Myrti:

I uninstalled the IOBit Toolbar, as well as an IOBit Malware Fighter.

About the printer: Yes it was working fine. I used it for a long time until problems came up. So as you indicated, I uninstalled the printer, and then tried to install it again form the original CD that came with it. Unfortunately, again the DVD drive in my computer stopped working. Restarted the computer a couple of times and it started ok, so at the moment no issue with the Firewall thing. Finally I ended up downloading the driver form the Lexmark site and installed the printer again as per instructions provided. Printer installs ok, computer recognizes it, but when I tried to print a test page, the process failed. It takes a long time, about two minutes before the message comes up, and the "on line" green button remains flashing all the time.

Check balloon mesagge:

Posted Image

Thanks,

JG
  • 0

Advertisements


#17
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

have you checked that the data is getting to your printer? What does it mean that the "online light" flashes? (and is it flashing on the PC or the printer?)

regards myrti
  • 0

#18
JHGR

JHGR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Hello, Myrti:

Well the green light is on the printer. When it is ready, it stays on; and when it is printing it flashes. So, I asume that when the light starts blinking, the printer is receiving data. The thing is that it stays flashing like that, no prints come out and then the error message displays.

Thanks,


JG
  • 0

#19
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Is there any error message in the printer?

The connection between printer and PC is obviously working, just wonder what the problem is. Can you disable the firewall and see if you can get out in that case?

regards myrti
  • 0

#20
JHGR

JHGR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Hi Myrti,

The printer displays no messages. Only what comes up on the computer screen. I tried printing with the firewall turned off, with no success. The same "Document failed to print" balloon came up and no prints....


On the other hand, today when I turned on my computer, the "No Firewall is turned on" balloon showed up. As you mentioned in post #15, I ran the FSS scan again, and here is the result log.

Thanks again,


JG






Farbar Service Scanner
Ran by IBM (administrator) on 15-01-2012 at 17:05:41
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Yahoo IP is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
===========

File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Avgtdix(10) Gpc(4) IPSec(6) irda(3) NetBT(7) PSched(8) Tcpip(5) WSIMD(9)
0x0B000000060000000100000002000000030000000400000005000000560000000A000000070000000800000009000000


**** End of log ****
  • 0

#21
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi

could you follow these steps to run the HP testing utility: http://h10025.www1.h...product=1146331

Please also run a scan to see what Eset finds on your PC:
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Check Posted Image
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image

  • 0

#22
JHGR

JHGR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Hi Myrti:

I ran de ESET scan before the printer verification. It found some files/applicatons infected, and the log says it cleaned everything. Please find the log file at the end of this post.

Then, I ran the HP testing utility, and the result said the printer was OK, the only "problem" it noted was that it wasn't the default printer. Printing a test page came out OK. But when scanning, the process halted in the middle and said that there was a comunications problem with the device. I ran the HP utility again and the same, it said that everything was ok.

Thaks,


JG





C:\Documents and Settings\IBM\My Documents\Downloads\asc-setup (1).exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
C:\Documents and Settings\IBM\My Documents\Downloads\asc-setup (2).exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
C:\Documents and Settings\IBM\My Documents\Downloads\asc-setup.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
C:\Documents and Settings\IBM\My Documents\Downloads\cnet2_cardmgr_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
C:\Documents and Settings\IBM\My Documents\Downloads\imf-setup (1).exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
C:\Documents and Settings\IBM\My Documents\Downloads\imf-setup.exe a variant of Win32/Toolbar.Widgi application deleted - quarantined
C:\System Volume Information\_restore{A315D342-2389-45D2-A386-BF22E8D74E75}\RP206\A0100916.rbf a variant of Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined
C:\System Volume Information\_restore{A315D342-2389-45D2-A386-BF22E8D74E75}\RP206\A0100929.rbf probably a variant of Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined
C:\System Volume Information\_restore{A315D342-2389-45D2-A386-BF22E8D74E75}\RP218\A0106642.rbf a variant of Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined
C:\System Volume Information\_restore{A315D342-2389-45D2-A386-BF22E8D74E75}\RP218\A0106655.rbf probably a variant of Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined
C:\System Volume Information\_restore{A315D342-2389-45D2-A386-BF22E8D74E75}\RP236\A0128215.rbf a variant of Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined
C:\System Volume Information\_restore{A315D342-2389-45D2-A386-BF22E8D74E75}\RP236\A0128228.rbf probably a variant of Win32/Adware.Toolbar.Dealio application cleaned by deleting - quarantined
  • 0

#23
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

those detections are nothing to worry about. Basically it's detecting a toolbar that the installer offers along with the program, which you seem to have opted not to install.

So does printing in general work now? Or just the test-page?

Could you check if the scan diagnostic utility is of further help: http://h10025.www1.h...product=1146331

regards myrti
  • 0

#24
JHGR

JHGR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Hi Myrti,

Printing with the multifunction HP is ok. Scanning was the trouble. I used the diagnostic utility, and it said that there was a problem with the driver, so I proceeded as stated: uninstall and reinstall drivers. I uninstalled all the software related to the HP, and just installed the drivers downloaded from the HP web site, as I can't install from the original CD because the drive still works intermitently. Anyway, the drivers installed ok and the scanning test with third party software came out ok.

I had already done this some time, uninstalling and reinstalling everything and it worked for some time until it went kaputt. Hope this time it works just fine.

On the other hand, still no printing with the Lexmark laser printer, and the "no firewall turned on" balloon still comes up at least 1 out of 3 times when I power up my computer, and as said before, the DVD drive doesn't work full time.

Thanks again,


JG
  • 0

#25
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
hi,

please run a scan with gmer:
Please download GMER from one of the following locations and save it to your desktop:
  • Main Mirror
    This version will download a randomly named file (Recommended)
  • Zipped Mirror
    This version will download a zip file you will need to extract first. If you use this mirror, please extract the zip file to your desktop.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security programs will not conflict with gmer's driver.
  • Double-click on the randomly named GMER file (i.e. n7gmo46c.exe) and allow the gmer.sys driver to load if asked.
  • Note: If you downloaded the zipped version, extract the file to its own folder such as C:\gmer and then double-click on gmer.exe.

    Posted Image
  • GMER will open to the Rootkit/Malware tab and perform an automatic quick scan when first run. (do not use the computer while the scan is in progress)
  • If you receive a WARNING!!! about rootkit activity and are asked to fully scan your system...click NO.
  • Now click the Scan button. If you see a rootkit warning window, click OK.
  • When the scan is finished, click the Save... button to save the scan results to your Desktop. Save the file as gmer.log.
  • Click the Copy button and paste the results into your next reply.
  • Exit GMER and re-enable all active protection when done.
-- If you encounter any problems, try running GMER in Safe Mode.

regards myrti
  • 0

Advertisements


#26
JHGR

JHGR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Hi Myrti:

I hope this second run of the GMER tool fixes something... Here is the log result.

Regards,


JAIME





GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2012-01-23 10:14:13
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 ST910021AS rev.4.06
Running: xsw2dm6m.exe; Driver: C:\DOCUME~1\IBM\LOCALS~1\Temp\pxldipog.sys


---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwOpenProcess [0xAD4CFF3C]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateProcess [0xAD4CFFE4]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwTerminateThread [0xAD4D0080]
SSDT \SystemRoot\system32\DRIVERS\AVGIDSShim.Sys (IDS Application Activity Monitor Loader Driver./AVG Technologies CZ, s.r.o. ) ZwWriteVirtualMemory [0xAD4D011C]

---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\ati2mtag.sys section is writeable [0xB8EE2000, 0x1C5D38, 0xE8000020]

---- User code sections - GMER 1.0.15 ----

.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 00, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtMapViewOfSection + 6 7C90D524 1 Byte [28]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 03, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 00, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 01, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EC1A
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 02, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 01, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 02, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EC8B
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 00, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EDB9
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 01, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 02, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 1 Byte [68]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 03, 16, 00]
.text C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2860] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002D0010
IAT C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3232] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002D0010
IAT C:\Documents and Settings\IBM\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[5372] @ C:\WINDOWS\system32\RPCRT4.dll [KERNEL32.dll!CreateNamedPipeW] 002D0010

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )
AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Kbdclass \Device\KeyboardClass0 SynTP.sys (Synaptics Touchpad Driver/Synaptics, Inc.)
AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \FileSystem\Fastfat \Fat fltMgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
AttachedDevice \FileSystem\Fastfat \Fat AVGIDSFilter.Sys (IDS Application Activity Monitor Filter Driver./AVG Technologies CZ, s.r.o. )

---- EOF - GMER 1.0.15 ----
  • 0

#27
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Hi,

I'm not seeing a sign of malware. gmer itself is a diagnostic tool, it will not change anything by default.

Could you try to uninstall and reinstall AVG? It might be blocking some processes that are actually benign.

reagrds myrti
  • 0

#28
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0

#29
myrti

myrti

    Expert

  • Expert
  • 2,580 posts
Topic reopened, please post your reply.

regards myrti
  • 0

#30
JHGR

JHGR

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Thanks Myrti:

Here is an update.

The "no firewall turned on" has not come up since about a week or so. That's excellent news!

As indicated by you some posts ago, I had already run the diagnostics printing/scanning utilities, and they prompted to uninstall and reinstall drivers/software which I did. Then, printing/scanning started working fine, however, in a metter of some days they stopped workin without apparent reason (???). The DVD drive also, works intermitently...

As you said, I just uninstalled the AVG Free antivirus and reinstalled it again. Voilá, everything is in working order for the moment. I really hope this time everything keeps working ok.

I would like to have a couple of days before I inform you that my problem has definitely been solved. It's because so many times in the past things work ok for a shot time and then stop working...

I promise to post reply with an update again in two days.

Thank you,

JAIME
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP