Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

7B BSOD after killing atapi.sys that was rootkit infected


  • Please log in to reply

#1
OneRing2RuleThemAll

OneRing2RuleThemAll

    New Member

  • Member
  • Pip
  • 4 posts
Hi, all.

First time to post, been a lurker for many moons.

Here's the problem.

I have a Dell Inspiron 531 that has the 7B BSOD. First I rec'd the computer with the complaint that it wouldn't connect to a network through the NIC card. It just sat there with "Acquiring Network Address". I ran CCleaner to clean it up a bit. MBAM found several problems, but fixed them. I installed Avast 5 with the latest vpsupd file (definitions). Configured it to run a boot-time scan. It found several items and deleted them. I turned it off and inserted a NIC card to rule out the onboard NIC card. Booted up and Avast started complaining about atapi.sys while XP was trying to install the new card. I couldn't break out of the cycle. I looked up the problem online and ran GMER. GMER found atapi.sys had been infected with win.Fluereon(something) [sorry, this is from memory]. I killed the file with GMER.

and then I rebooted and hit the 7B BSOD.

I copied a virgin copy of atapi.sys to the drivers and dllcache subdirectories of system32 using MiniXP from Hiren's Boot CD 10.1. I ran chkdsk /f using Hiren's Boot CD 10.1 and fixed several errors. Finally I ran bootfix and rewrote the MBR.

Reboot still gives me a 7B BSOD.

The disk is usable and can be seen both in Linux and Hiren Boot CD's Mini XP. No Safe Mode, either.

HELP???????

OneRing2Rule

Edited by OneRing2RuleThemAll, 11 June 2010 - 04:47 PM.

  • 0

Advertisements


#2
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
I suggest you go to the Malware Removal and Spyware Removal Forum and run all the steps located in the
START HERE. These self-help tools will help you clean up 70% of problems on your own.
If you are still having problems after doing the steps, then please post the reguested logs in THAT forum.
If you are unable to run any of the tools then start a new topic in the malware forum and put this in the subject line...I am unable to run any malware tools

If you are still having problems after being given a clean bill of health from the malware expert, then please return to THIS thread and we will pursue other options to help you solve your current problem(s).

Add a link to this topic so that malware tech can see what steps have been taken here
  • 0

#3
OneRing2RuleThemAll

OneRing2RuleThemAll

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
I am at the BSOD. Can't run any tools, b/c I can't get the computer running. Help?
  • 0

#4
OneRing2RuleThemAll

OneRing2RuleThemAll

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Sorry, all. Customer just said screw it. We nuked the drive and reinstalled everything. Thanks for your help.

OneRing2Rule: Lurking again :)
  • 0

#5
rshaffer61

rshaffer61

    Moderator

  • Moderator
  • 34,114 posts
I'm sorry it came to nuking the drive but hopefully it resolved all the issues.
If it returns we may need to look at the hardware to see if there is something failing. Thank you for allowing us to assist even as little as it was. . :) :)
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP