Go Back   TechArena Community > Technology > Networking & Security
Become a Member!
Forgot your username/password?
Register Tags Active Topics RSS Search Mark Forums Read

Sponsored Links



Google / Search Engine Hijacker - Atapi.sys rootkit

Networking & Security


Reply
 
Thread Tools Search this Thread
  #1  
Old 17-07-2010
Member
 
Join Date: Mar 2010
Posts: 222
Google / Search Engine Hijacker - Atapi.sys rootkit
  

After many infections, my pc is the victim of a strange thing that prevents it from using any other browser IE and totally prohibits access to Windows Update. After some research it seems to me that I am the victim of a rootkit that modifies atapi.sys. I had run Combofix and the log files does not tells me to do anything. I believe that all things are not really cleaned. How to fix that.

Reply With Quote
  #2  
Old 17-07-2010
Member
 
Join Date: Nov 2009
Posts: 853
Re: Google / Search Engine Hijacker - Atapi.sys rootkit

Run a system scan under safe mode. Use Malwarebytes Antimalware. For the further issue download and install GMER. It is a fixing tool to restore your damage file. for this first disable your security software like antivirus, antispyware, etc and closes all open programs. Then run the GMER setup. If your anti-virus alert appears for the file or gmer.sys gmer.exe, let it run. Click on the rootkit tab and scan your system.
Reply With Quote
  #3  
Old 17-07-2010
Member
 
Join Date: Jun 2009
Posts: 1,106
Re: Google / Search Engine Hijacker - Atapi.sys rootkit

First you must remove your older antivirus program so that you can run the scan with other antivirus program. For that click on Start and then click on Run. Then type Combofix / uninstall and OK. After that clean your computer with CCleaner and disable and then re-enable System Restore. Because that can restore the virus. Remove all the recently installed programs from Control Panel > Add remove program.
Reply With Quote
  #4  
Old 17-07-2010
Member
 
Join Date: Jun 2009
Posts: 887
Re: Google / Search Engine Hijacker - Atapi.sys rootkit

It is a rootkit virus and it add as patch to atapi.sys file. This variant has also aimed to generate redirects in Google searches. At the time of this writing, this variant uses various modes of propagation for exploiting your system. This variant is characterized by this temporary file. Open the temp folder and then search for this files. The name can be 4.tmp or 1.tmp. Use CCleaner to clean your computer.
Reply With Quote
  #5  
Old 17-07-2010
Member
 
Join Date: Jun 2009
Posts: 910
Re: Google / Search Engine Hijacker - Atapi.sys rootkit

In my system AVG has detected Rootkit Trojan infection. The virus name is Rootkit-Pakes.U and the location for the same is C: \ bak \ Windows.0.bak \ system32 \ drivers \ atapi.sys. I searched among the drive C: \ WINDOWS \ system32 \ drivers atapi.sys file and found there also but AVG has not detected any threat. I am using Windows XP home service pack 3 and right now for web browsing I am using Internet Explorer 8. Where the virus is.
Reply With Quote
  #6  
Old 17-07-2010
Member
 
Join Date: May 2009
Posts: 1,081
Re: Google / Search Engine Hijacker - Atapi.sys rootkit

There are some fixes for that. I know a simple tool name called ZHPDiag.exe. It is also called as ZHPFix. Do not change the settings just install the software and run it at the end. Click on the shortcut icon of this file and then click on options. A list appears in the main box, from their verify that all lines are well marked except 045 and 06. Then click on the button of magnifying glass to start the scan.
Reply With Quote
  #7  
Old 18-07-2010
Member
 
Join Date: Jan 2006
Posts: 3,779
Re: Google / Search Engine Hijacker - Atapi.sys rootkit

A rootkit virus is hard to find and remove. I got a infection recently. I had use Gmer mbr.exe to find the exact location of this software. But before running this disable your internet connection and stop all applications running. run this application and after sometime of scan you can see a report mbr.log. It will show a message MBR rootkit code Detected. To cure that click on start > run and type userprofile\desktop\mbr -f.
Reply With Quote
  #8  
Old 18-07-2010
Member
 
Join Date: Jul 2010
Posts: 1
smile Re: Google / Search Engine Hijacker - Atapi.sys rootkit

I was able to remove this rootkit virus using HitmanPro...you can find it at download dot com (or just Google search for it). I installed it from a flash drive after booting in SAFE mode. I believe it is a 30 day trial but it did the trick.
Reply With Quote
Reply

  TechArena Community > Technology > Networking & Security
Tags: , , , , , ,



Thread Tools Search this Thread
Search this Thread:

Advanced Search


Similar Threads for: "Google / Search Engine Hijacker - Atapi.sys rootkit"
Thread Thread Starter Forum Replies Last Post
in. search-results as search engine instead of Google Eseld Networking & Security 5 15-07-2011 07:23 PM
What are Google cached and similar options displayed while searching a title on Google search engine? reetus Technology & Internet 5 04-03-2010 06:48 PM
Google alternative search engine Alejandro80 Technology & Internet 5 08-01-2010 12:19 AM
Which is the best search engine apart from Google Dolf Technology & Internet 2 04-02-2009 10:36 AM


All times are GMT +5.5. The time now is 04:20 PM.