I have no viruses on my system and have all the latest updates
Looking at a problem for somebody else, I used www.virustotal.com to scan my atapi.sys file (so I could make some instructions) and it reports:
eSafe 220.127.116.11 2010.08.08 Win32.Rootkit
I used virusscan.jotti.org and it reports the file is clean.
I run MBAM and SAS regularly and they don't see it.
I expanded a fresh atapi.sys from my XP Pro SP3 slipstreamed installation CD to a temp folder and used both WWW sites to scan the "new" file and got the same results.
I don't have a particular issue on my system (trying to help someone else) but was wondering if there is an explanation for this or some other way to check my atapi.sys for this alleged Win32.Rootkit. I know it could be a "false positive" (like with my broken arm).
I recall when KB977165 came out on 02/09/2010 and that BSOD issue came up and it turned out to be related to atapi.sys and I did not have the BSOD problem, but remember back then I scanned mine anyway and got the same result from virustotal (but paid it no mind).
I am not worried about it yet, but now am curious about it.
Thanks for ideas!