Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

avg detected rootkit.pakes.atapi.sys?


  • Please log in to reply
4 replies to this topic

#1 njensen

njensen

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:12 PM

Posted 01 December 2009 - 03:34 AM

i have a laptop running windows xp. my free avg detected a trojan.rootkit.pakes virus in a file named atapi.sys. the detection keeps popping up but the software will not remove it because its a system file. the laptop performance has been slow since the infection and now the laptop will not boot in safe mode, normal , or any mode... i am somewhat competent and have fixed problems on my own in the past but the fixes i found through google searches have been technical to the point i don't understand... can someone please help! fyi, i cannot find my original windows discs... any help is much appreciated. this is my college computer and holds very valuable school notes/ projects. i would like to retrieve them, but not needed. thanks in advance!

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

BC AdBot (Login to Remove)

 


#2 rhino1366

rhino1366

  • Banned
  • 524 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:12 AM

Posted 01 December 2009 - 03:59 AM

Hi njensen, and welcome to BC forums.

If your AVG Free can't remove it, you should use something, that can remove by rebooting. That should be a Malwarebytes' Anti-Malware, or an a-squared (can get some false positives).

Hope this helps,
rhino

P.S. If you're using AVG Free, it's pretty confusing how it can detect a rootkit, becuase such ability was disabled from a version 8 or so.
P.P.S. For not catching such sh*t, you should get a good anti-virus (with anti-spyware) with a real time protection from rootkits, etc.. These could be (Google it) Avira Free, avast! Home, etc.. If you have a genuine OS, you can get Microsoft SE (Microsoft Security Essentials). That should do.
P.P.P.S. As a protection from hackers, you could use (Google it as well) Outpost firewall, from Agnitum (Free version). If you install it, place an auto-learn mode (1-day, 1-hour or 1-week).
P.P.P.P.S. You really should find your OS disc(s). Having them is very handy...

#3 njensen

njensen
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:12 PM

Posted 01 December 2009 - 05:50 PM

so i should download and try those programs and run them on the infected computer how? the infected computer is constantly rebooting and will not start in any mode.

#4 hamluis

hamluis

    Moderator


  • Moderator
  • 55,753 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:12 PM

Posted 01 December 2009 - 06:30 PM

If you don't care about data files...for the sake of expediency, do a nuke/reinstall routine for XP.

If you do care about data files, remove the hard drive...attach it to an enclosure/cable that plugs into a USB port...and attempt to move the files to the newly-connected system.

Your situation is compounded by the fact that you cannot boot the system, but...here is a similar situation that was resolved while the OP still could boot: http://www.bleepingcomputer.com/forums/t/248867/avg-detecting-trojan-horse-rootkit-pakesl/

Louis

#5 njensen

njensen
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:12 PM

Posted 02 December 2009 - 12:09 AM

how would i go about nuking and restarting the system?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users