Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Invincible ataqkjql.sys rootkit

  • Please log in to reply
2 replies to this topic

#1 atyndale


  • Members
  • 1 posts
  • Local time:04:18 PM

Posted 26 August 2017 - 01:53 PM

Been dealing with this for a couple days to no avail...I first noticed a problem when I tried to run or install any AV, I got a "requested resource is in use" error across the board.


I cannot open ANY version, including beta, of Malwarebytes, it shows that error. I followed this page to get anywhere, helped a little. I've tried every anti-malware and AV that I could open, so I've attached reports from Zemana, GMER, RKill, and aswMBR (tried to just burn the forest down). I cannot get Windows Defender Offline to work, I put in on a flash drive and booted it but it can't update. I DLd their update executable, ran it, still didn't work.


I think I've found the main source of all this nastiness, a .sys file in my drivers folder that was created 7 days ago, has no search results on Google, and that I can't even touch. Can't modify it in any way, including permissions or killing it. ataqkjql.sys. The only progress I've made with it was that I "unloaded" it with PC Hunter, not sure what that means though and I still can't touch it after unloading it.


I can't do some system things; Can't boot into diagnostic startup (when I select the radio button and hit Apply it selects the normal button), couple other things but I can't remember right now...


I would REALLY like to fix it, I can't reinstall the OS because MS killed updates for my processor (bastards), and I refuse to get Win 10, and I never created any restore point unfortunately. Worst case I'll have to go with Linux. So any help at all would be really appreciated, thanks.

Attached Files

Edited by hamluis, 26 August 2017 - 02:10 PM.
Moved from Win 7 to Am I Infected - Hamluis.

BC AdBot (Login to Remove)


#2 SnipMaster


  • Members
  • 15 posts
  • Local time:06:18 PM

Posted 28 August 2017 - 02:35 AM



      I have the same issue. "resource is in use" Those rootkits are nasty!!!  Ive even tried kaspersky's rescue disk, and one other, Seems like the offline windows defender will work.  However it doesn't see it or remove it.  I was able to install spybot and get rid of some things after manually installing the updates to the program.  Yet im still having the issue.  I cant even open Task Manager to kill the process's.  Im slowly making progress. This is the trojan spybot found


Win32.Downloader.gen: [SBI $82F4FAFD]  Data (File, nothing done)
  Properties.filedatetext=2017-08-25 13:39:27

PU.ProPCCleaner: [SBI $49B65831]  Text file (File, nothing done)
  Properties.filedatetext=2016-07-12 20:20:57

#3 boopme


    To Insanity and Beyond

  • Global Moderator
  • 73,530 posts
  • Gender:Male
  • Location:NJ USA
  • Local time:05:18 PM

Posted 28 August 2017 - 11:01 AM

You should each make a new topic so we can get a deeper look. A specialist will review your logs and clean this.. Start at step 6.
Please follow this Preparation Guide and post in a new topic.
Let me know if all went well..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users