infection Alureon-EU (system32\drivers\atapi.sys)

[zedisk]

hi every one
im posting for the first time because im desesperate.
each time i turn on my computer, after a while, avast detect an infection of system32\drivers\atapi.sys

I have tried several things i read on other topics but i can't get rid of it.
i have attached a GMER log file. can someone help me please?

[avast5]

Salut

tu peux écrire en français (enfin pour moi lol)

[Pondus]

Follow this guide from essexboy and post the logs
http://forum.avast.com/index.php?topic=53253.0

[essexboy]

Just before you post the log

Download TDSSKiller and save it to your Desktop.

• Extract the file and run it.
• Once completed it will create a log in your C:\ drive
  
• Please post the contents of that log

[zedisk]

ok now i have an even bigger problem.
now, windows doesn't start successfuly
i tried safe mode but i still get a blue screen:
STOP: 0x0000007B (0xF78A6524,0XC0000034,0x00000000,0x00000000)

[essexboy]

Was this before or after TDSS killer ?

[zedisk]

before.
i just reboot after installing Malwarebytes' Anti-Malware

[essexboy]

Can you get to safe mode ?

Do you get the same problem after rebooting ?

[zedisk]

ive tried to reboot 3 times and i always get this blue screen before windows start.
even when i select safe mode

[essexboy]

Have you tried Last Known Good in the safe mode menu ?

If that should fail - do you have access to a cd burner ?  If so I can try to attack this from a PE environment

[zedisk]

Last Known Good fails as well.
but i can have access to a cd burner if it can save my pc.
please help me.

[essexboy]

OK here we go

OK this file is big about276.7Mb, print these instruction out so that you know what you are doing. 

File details :
Bytes - 290,234,368
MB - 276.7
MD5 - C1F65EAFC453367E12E242BFCDFB68A2

Two programmes to download

First

ISOBurner this will allow you to burn OTLPE.iso to a CD and make it bootable.  Just install the programme, from there on in it is fairly automatic.  Instructions

Second

• Download OTLPE.iso and burn to a CD using ISO Burner. NOTE: This file is 292Mb in size so it may take some time to download.
  
• When downloaded double click and this will then open ISOBurner to burn the file to CD
• Reboot your system using the boot CD you just created.

Note : If you do not know how to set your computer to boot from CD follow the steps here

• As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads   
• Your system should now display a Reatogo desktop.

Note : as you are running from CD it is not exactly speedy

• Double-click on the OTLPE icon.
  
• Select the Windows folder of the infected drive if it asks for a location
• When asked "Do you wish to load the remote registry", select Yes
  
• When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  
• Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  
• OTL should now start.
• Under the Custom Scan box copy/paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
iaStor.sys
nvstor.sys
atapi.sys
/md5stop

• Press Run Scan to start the scan.
  
• When finished, the file will be saved  in drive C:\OTL.txt
  
• Copy this file to your USB drive if you do not have internet connection on this system.
• Right click the file and select send to : select the USB drive. 
• Confirm that it has copied to the USB drive by selecting it
• You can backup any files that you wish from this OS
• Please post the contents of the C:\OTL.txt file in your reply.