Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Will atapi.sys ingection be transferred to new PC?

  • Please log in to reply
No replies to this topic

#1 Luge_Slider


  • Members
  • 1 posts
  • Local time:05:12 PM

Posted 02 March 2010 - 05:20 PM

My 5 year old EMachines PC running XP Home got infected with the Paladin fake AV last week. I think I got rid of it thanks to the info I found here and elsewhere (Malwarebytes found 40 infected files) with one exception: Avira AntiVir Premium has twice reported "Virus or unwanted program 'TR/Patched.Gen [trojan]' detected in file 'C:\WINDOWS\system32\drivers\atapi.sys." I selected the "deny access" option when that's happened. I've read up on atapi.sys infections and how to fix them and all seem to start with "get your XP install disc..." which EMachines never gave me or I've misplaced. I have a new Windows 7 PC being built right now and it should be here in a week or two. I'm planning on transferring all my data from the old PC to the new one and then the EMachine is going to the recycler. I have two questions:

1. If Avira is denying access to the trojan, is there any risk to just leaving it alone since the infected computer is on the verge of retirement?
2. If I don't get rid of the trojan is there any risk that it could get to the new Win 7 PC when I use Windows Easy Transfer to move my music, photos, etc. from the XP machine to the new PC?

I do have access to another XP machine. If it's recommended that I get rid of the infected atapi.sys can I copy the file of the same name from the other PC and replace the infected file with the copy?

Thanks for your help.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users