Posted 02 March 2010 - 05:20 PM
My 5 year old EMachines PC running XP Home got infected with the Paladin fake AV last week. I think I got rid of it thanks to the info I found here and elsewhere (Malwarebytes found 40 infected files) with one exception: Avira AntiVir Premium has twice reported "Virus or unwanted program 'TR/Patched.Gen [trojan]' detected in file 'C:\WINDOWS\system32\drivers\atapi.sys." I selected the "deny access" option when that's happened. I've read up on atapi.sys infections and how to fix them and all seem to start with "get your XP install disc..." which EMachines never gave me or I've misplaced. I have a new Windows 7 PC being built right now and it should be here in a week or two. I'm planning on transferring all my data from the old PC to the new one and then the EMachine is going to the recycler. I have two questions:
1. If Avira is denying access to the trojan, is there any risk to just leaving it alone since the infected computer is on the verge of retirement?
2. If I don't get rid of the trojan is there any risk that it could get to the new Win 7 PC when I use Windows Easy Transfer to move my music, photos, etc. from the XP machine to the new PC?
I do have access to another XP machine. If it's recommended that I get rid of the infected atapi.sys can I copy the file of the same name from the other PC and replace the infected file with the copy?
Thanks for your help.