AMANDA SPYROPOULOS asked on January 13, 2013. Status: Answered & Closed.
How To Remove Atapi.sys Infection
» The Atapi.sys driver on my PC has become infected I think. I have run multiple scans on my PC detecting this. Is there a way to heal this infection? AVG also come sup with a svchost.exe trojan every ten minutes or so too. Any help?
After your pc is infected by virus (Worm:Win32/Ainslot.AI) or intruded by Trojan , the first thing comes into your mind is to remove it by an anti-virus software. But at this moment, you haven't been aware of the side-effects of doing so. The effect of removing a virus can be as dramatic as the aftermath of a disaster. After eradicating a virus or other form of virus infection, Windows is left in a somewhat broken state.
The safest approach, by far, is to reinstall Windows. But given how painful that is, the alternatives that follow it are often more practical. This time, I would like to recommend DLL Suite to you.
Download DLL Suite, install and run > Click Dashboard menu and > Click Scan DLL Errors button > Click Fix DLL Errors button after the scan. Then all the associated errors will be fixed!
LENG TEO replied on January 20, 2013
- J GARRICK replied on January 13, 2013: » I think my information can help you:
The reason svchost.exe is detected as infect is, because, most of the people who make a virus (e.g. a Trojan) will directly name their *.exe file as svchost.exe why? Because, Windows has a standard file called svchost.exe and there are many process running with that name just check using Task Manager (taskmgr.exe).
That makes it easier to run a Trojan on a PC and it makes it harder for you to find and kill that process.
Note: If you kill svchost.exe while running in Windows the entire operating system (OS) will crash and you'll end-up with a blue screen.
I recommend you to restart your PC and re-format and install a clean installation of Windows.
- AMANDA SPYROPOULOS replied on January 14, 2013: » When I run an AVG scan the trojan doesn't show, however I get the threat detected messages every ten minutes. The trojan is listed as 'Trojan Horse PSW.Generic7.AYUC Detected on open'
None of the Svchost processes have my name, they are all system, Local Service or Network Service.
- J GARRICK replied on January 17, 2013: » bad, bad, I cannot find so much information about the virus. Anyway, download Malwarebytes and do a full-system-scan: http://www.malwarebytes.org/mbam.php
Check this as well: http://forums.techguy.org/malware-removal-hijackthis-logs/880938-psw-generic7-ayub-avg-resident.html
- RONALD BRATTON replied on January 17, 2013: » Came across a similar prob, the other day in a forum I'm in. Alureon.f does this too. It infects atapi.sys. We got the guy to remove the hdd and put it in another system. Then scan it, that fixed it. I would use something better than AVG. Is AVG and MSE installed? I wouldnt have both on the system. Uninstall AVG
- AMANDA SPYROPOULOS replied on January 18, 2013: » Funny enough Windows booted up into repair mode after a BSOD and now all the viruses are gone!
DLL Q & A you might like:
- Blue Screen In Dxgmms1.sys »
- Moving Pagefile.sys To Another Partition Affects System Performance »
- Vista Hangs At Crcdisk.sys »
- Win32k.sys Blue Screen Error And System Reboots »
- Windows Vista Blue Screen 0x0000116 Nvlddmkm.sys »
- Justcheck_exe_When_Start_Computer »