YeOldeStonecat
[H]F Junkie
- Joined
- Jul 19, 2004
- Messages
- 11,330
Over the past month or so we've come across some rigs that have boot errors, stop 7 or 8 blue screens often.
Since November, there seems to be a nasty new rootkit that modifies your atapi.sys file. It hijacks your web searches.
Cleaning an infected machine requires completely replacing this file outside of Windows.
http://www.bleepingcomputer.com/forums/topic279883.html
http://remove-malware.com/malware/malware-warnings/nasty-new-rootkit-patches-atapi-sys/
http://remove-malware.com/malware/malware-news/atapi-sys-rootkit-is-everywhere/
Seems to rid your system, you have to manually replace this file, or...they mention recent versions of combofix will replace this file as part of its regimen.
Since November, there seems to be a nasty new rootkit that modifies your atapi.sys file. It hijacks your web searches.
Cleaning an infected machine requires completely replacing this file outside of Windows.
http://www.bleepingcomputer.com/forums/topic279883.html
http://remove-malware.com/malware/malware-warnings/nasty-new-rootkit-patches-atapi-sys/
http://remove-malware.com/malware/malware-news/atapi-sys-rootkit-is-everywhere/
Seems to rid your system, you have to manually replace this file, or...they mention recent versions of combofix will replace this file as part of its regimen.