Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
infection Alureon-EU (system32\drivers\atapi.sys)
« previous
next »
Print
Pages: [
1
]
Go Down
Author
Topic: infection Alureon-EU (system32\drivers\atapi.sys) (Read 7221 times)
0 Members and 1 Guest are viewing this topic.
zedisk
Guest
infection Alureon-EU (system32\drivers\atapi.sys)
«
on:
February 01, 2010, 10:04:13 PM »
hi every one
im posting for the first time because im desesperate.
each time i turn on my computer, after a while, avast detect an infection of system32\drivers\atapi.sys
I have tried several things i read on other topics but i can't get rid of it.
i have attached a GMER log file. can someone help me please?
Logged
avast5
Guest
Re: infection Alureon-EU (system32\drivers\atapi.sys)
«
Reply #1 on:
February 01, 2010, 10:06:12 PM »
Salut
tu peux écrire en français (enfin pour moi lol)
Logged
Pondus
Probably Bot
Posts: 37545
Not a avast user
Re: infection Alureon-EU (system32\drivers\atapi.sys)
«
Reply #2 on:
February 01, 2010, 10:15:26 PM »
Follow this guide from essexboy and post the logs
http://forum.avast.com/index.php?topic=53253.0
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: infection Alureon-EU (system32\drivers\atapi.sys)
«
Reply #3 on:
February 01, 2010, 10:27:15 PM »
Just before you post the log
Download
TDSSKiller
and save it to your Desktop.
Extract the file and run it.
Once completed it will create a log in your
C:\
drive
Please post the contents of that log
Logged
zedisk
Guest
Re: infection Alureon-EU (system32\drivers\atapi.sys)
«
Reply #4 on:
February 01, 2010, 10:39:31 PM »
ok now i have an even bigger problem.
now, windows doesn't start successfuly
i tried safe mode but i still get a blue screen:
STOP: 0x0000007B (0xF78A6524,0XC0000034,0x00000000,0x00000000)
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: infection Alureon-EU (system32\drivers\atapi.sys)
«
Reply #5 on:
February 01, 2010, 10:41:24 PM »
Was this before or after TDSS killer ?
Logged
zedisk
Guest
Re: infection Alureon-EU (system32\drivers\atapi.sys)
«
Reply #6 on:
February 01, 2010, 10:44:16 PM »
before.
i just reboot after installing Malwarebytes' Anti-Malware
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: infection Alureon-EU (system32\drivers\atapi.sys)
«
Reply #7 on:
February 01, 2010, 10:47:21 PM »
Can you get to safe mode ?
Do you get the same problem after rebooting ?
Logged
zedisk
Guest
Re: infection Alureon-EU (system32\drivers\atapi.sys)
«
Reply #8 on:
February 01, 2010, 10:49:34 PM »
ive tried to reboot 3 times and i always get this blue screen before windows start.
even when i select safe mode
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: infection Alureon-EU (system32\drivers\atapi.sys)
«
Reply #9 on:
February 01, 2010, 10:52:50 PM »
Have you tried Last Known Good in the safe mode menu ?
If that should fail - do you have access to a cd burner ? If so I can try to attack this from a PE environment
Logged
zedisk
Guest
Re: infection Alureon-EU (system32\drivers\atapi.sys)
«
Reply #10 on:
February 01, 2010, 10:57:32 PM »
Last Known Good fails as well.
but i can have access to a cd burner if it can save my pc.
please help me.
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: infection Alureon-EU (system32\drivers\atapi.sys)
«
Reply #11 on:
February 02, 2010, 12:00:19 AM »
OK here we go
OK this file is big about276.7Mb, print these instruction out so that you know what you are doing.
File details :
Bytes - 290,234,368
MB - 276.7
MD5 - C1F65EAFC453367E12E242BFCDFB68A2
Two programmes to download
First
ISOBurner
this will allow you to burn OTLPE.iso to a CD and make it bootable. Just install the programme, from there on in it is fairly automatic.
Instructions
Second
Download
OTLPE.iso
and burn to a CD using ISO Burner. NOTE: This file is 292Mb in size so it may take some time to download.
When downloaded double click and this will then open ISOBurner to burn the file to CD
Reboot your system using the boot CD you just created.
Note : If you do not know how to set your computer to boot from CD follow the steps
here
As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads
Your system should now display a Reatogo desktop.
Note : as you are running from CD it is not exactly speedy
Double-click on the
OTLPE
icon.
Select the Windows folder of the infected drive if it asks for a location
When asked "
Do you wish to load the remote registry
", select
Yes
When asked "
Do you wish to load remote user profile(s) for scanning
", select
Yes
Ensure the box "
Automatically Load All Remaining Users
" is checked and press
OK
OTL should now start.
Under the Custom Scan box copy/paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
iaStor.sys
nvstor.sys
atapi.sys
/md5stop
Press
Run Scan
to start the scan.
When finished, the file will be saved in drive
C:\OTL.txt
Copy this file to your USB drive if you do not have internet connection on this system.
Right click the file and select send to : select the USB drive.
Confirm that it has copied to the USB drive by selecting it
You can backup any files that you wish from this OS
Please post the contents of the
C:\OTL.txt
file in your reply.
Logged
Print
Pages: [
1
]
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
infection Alureon-EU (system32\drivers\atapi.sys)