Results 1 to 8 of 8

Thread: Google / Search Engine Hijacker - Atapi.sys rootkit

  1. #1
    Join Date
    Mar 2010
    Posts
    222

    Google / Search Engine Hijacker - Atapi.sys rootkit

    After many infections, my pc is the victim of a strange thing that prevents it from using any other browser IE and totally prohibits access to Windows Update. After some research it seems to me that I am the victim of a rootkit that modifies atapi.sys. I had run Combofix and the log files does not tells me to do anything. I believe that all things are not really cleaned. How to fix that.

  2. #2
    Join Date
    Nov 2009
    Posts
    857

    Re: Google / Search Engine Hijacker - Atapi.sys rootkit

    Run a system scan under safe mode. Use Malwarebytes Antimalware. For the further issue download and install GMER. It is a fixing tool to restore your damage file. for this first disable your security software like antivirus, antispyware, etc and closes all open programs. Then run the GMER setup. If your anti-virus alert appears for the file or gmer.sys gmer.exe, let it run. Click on the rootkit tab and scan your system.

  3. #3
    Join Date
    Jun 2009
    Posts
    1,113

    Re: Google / Search Engine Hijacker - Atapi.sys rootkit

    First you must remove your older antivirus program so that you can run the scan with other antivirus program. For that click on Start and then click on Run. Then type Combofix / uninstall and OK. After that clean your computer with CCleaner and disable and then re-enable System Restore. Because that can restore the virus. Remove all the recently installed programs from Control Panel > Add remove program.

  4. #4
    Join Date
    Jun 2009
    Posts
    887

    Re: Google / Search Engine Hijacker - Atapi.sys rootkit

    It is a rootkit virus and it add as patch to atapi.sys file. This variant has also aimed to generate redirects in Google searches. At the time of this writing, this variant uses various modes of propagation for exploiting your system. This variant is characterized by this temporary file. Open the temp folder and then search for this files. The name can be 4.tmp or 1.tmp. Use CCleaner to clean your computer.

  5. #5
    Join Date
    Jun 2009
    Posts
    910

    Re: Google / Search Engine Hijacker - Atapi.sys rootkit

    In my system AVG has detected Rootkit Trojan infection. The virus name is Rootkit-Pakes.U and the location for the same is C: \ bak \ Windows.0.bak \ system32 \ drivers \ atapi.sys. I searched among the drive C: \ WINDOWS \ system32 \ drivers atapi.sys file and found there also but AVG has not detected any threat. I am using Windows XP home service pack 3 and right now for web browsing I am using Internet Explorer 8. Where the virus is.

  6. #6
    Join Date
    May 2009
    Posts
    1,088

    Re: Google / Search Engine Hijacker - Atapi.sys rootkit

    There are some fixes for that. I know a simple tool name called ZHPDiag.exe. It is also called as ZHPFix. Do not change the settings just install the software and run it at the end. Click on the shortcut icon of this file and then click on options. A list appears in the main box, from their verify that all lines are well marked except 045 and 06. Then click on the button of magnifying glass to start the scan.

  7. #7
    Join Date
    Jan 2006
    Posts
    3,798

    Re: Google / Search Engine Hijacker - Atapi.sys rootkit

    A rootkit virus is hard to find and remove. I got a infection recently. I had use Gmer mbr.exe to find the exact location of this software. But before running this disable your internet connection and stop all applications running. run this application and after sometime of scan you can see a report mbr.log. It will show a message MBR rootkit code Detected. To cure that click on start > run and type userprofile\desktop\mbr -f.

  8. #8
    Join Date
    Jul 2010
    Posts
    1

    smile Re: Google / Search Engine Hijacker - Atapi.sys rootkit

    I was able to remove this rootkit virus using HitmanPro...you can find it at download dot com (or just Google search for it). I installed it from a flash drive after booting in SAFE mode. I believe it is a 30 day trial but it did the trick.

Similar Threads

  1. in. search-results as search engine instead of Google
    By Eseld in forum Networking & Security
    Replies: 5
    Last Post: 15-07-2011, 07:23 PM
  2. Replies: 5
    Last Post: 04-03-2010, 06:48 PM
  3. Google alternative search engine
    By Alejandro80 in forum Technology & Internet
    Replies: 5
    Last Post: 08-01-2010, 12:19 AM
  4. Which is the best search engine apart from Google
    By Dolf in forum Technology & Internet
    Replies: 2
    Last Post: 04-02-2009, 10:36 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •