-
I used a different website and this is the results:
Virus Total
Virustotal is a service that analyzes suspicious files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware detected by antivirus engines. More information...
File atapi.sys received on 2010.01.04 18:44:06 (UTC)
Current status: finished
Result: 1/41 (2.44%)
Compact Compact
Print results Print results
Antivirus Version Last Update Result
a-squared 4.5.0.46 2010.01.04 -
AhnLab-V3 5.0.0.2 2010.01.04 -
AntiVir 7.9.1.122 2009.12.31 -
Antiy-AVL 2.0.3.7 2010.01.04 -
Authentium 5.2.0.5 2010.01.04 -
Avast 4.8.1351.0 2010.01.04 -
AVG 8.5.0.430 2010.01.04 -
BitDefender 7.2 2010.01.04 -
CAT-QuickHeal 10.00 2010.01.04 -
ClamAV 0.94.1 2010.01.04 -
Comodo 3467 2010.01.04 -
DrWeb 5.0.1.12222 2010.01.04 -
eSafe 7.0.17.0 2010.01.04 -
eTrust-Vet 35.1.7214 2010.01.04 -
F-Prot 4.5.1.85 2010.01.04 -
F-Secure 9.0.15370.0 2010.01.04 -
Fortinet 4.0.14.0 2010.01.04 -
GData 19 2010.01.04 -
Ikarus T3.1.1.79.0 2009.12.31 -
Jiangmin 13.0.900 2010.01.04 -
K7AntiVirus 7.10.937 2010.01.04 -
Kaspersky 7.0.0.125 2010.01.04 -
McAfee 5851 2010.01.04 -
McAfee+Artemis 5851 2010.01.04 -
McAfee-GW-Edition 6.8.5 2010.01.04 Heuristic.BehavesLike.Win32.Rootkit.H
Microsoft 1.5302 2010.01.04 -
NOD32 4743 2010.01.04 -
Norman 6.04.03 2010.01.04 -
nProtect 2009.1.8.0 2010.01.04 -
Panda 10.0.2.2 2010.01.04 -
PCTools 7.0.3.5 2010.01.04 -
Prevx 3.0 2010.01.04 -
Rising 22.29.00.04 2010.01.04 -
Sophos 4.49.0 2010.01.04 -
Sunbelt 3.2.1858.2 2010.01.03 -
Symantec 20091.2.0.41 2010.01.04 -
TheHacker 6.5.0.3.131 2010.01.04 -
TrendMicro 9.120.0.1004 2010.01.04 -
VBA32 3.12.12.1 2010.01.04 -
ViRobot 2010.1.4.2120 2010.01.04 -
VirusBuster 5.0.21.0 2010.01.04 -
Additional information
File size: 19944 bytes
MD5 : 1f05b78ab91c9075565a9d8a4b880bc4
SHA1 : 218442cd7afecbc8d102c4e31d9ef3528642191b
SHA256: 737be9f9376dab0ccdfed93ea6d67f0c432367ea63cd772a453485be769af3bd
PEInfo: PE Structure information
( base data )
entrypointaddress.: 0x5005
timedatestamp.....: 0x49E01EED (Sat Apr 11 06:39:09 2009)
machinetype.......: 0x14C (Intel I386)
( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x19B0 0x1A00 6.30 4ac8c9f82cf23d85316bd85d3d8e4efb
.rdata 0x3000 0xAE 0x200 1.49 3d541e69f96e97a837841ad289adeac7
.data 0x4000 0xC 0x200 0.18 7c80b151582aa6280e754b477343e54e
INIT 0x5000 0x364 0x400 4.51 f238fffd3a9917d72f4888f4276b3b06
.rsrc 0x6000 0x3F8 0x400 3.38 5c8a106a7c9416fb469c83dfab844abd
.reloc 0x7000 0x8A 0x200 1.37 064d7db7c16955d4dc6d3f7afb703e06
( 2 imports )
> ataport.sys: AtaPortNotification, AtaPortWritePortUchar, AtaPortWritePortUlong, AtaPortGetPhysicalAddress, AtaPortConvertPhysicalAddressToUlong, AtaPortGetScatterGatherList, AtaPortReadPortUchar, AtaPortStallExecution, AtaPortGetParentBusType, AtaPortRequestCallback, AtaPortWritePortBufferUshort, AtaPortGetUnCachedExtension, AtaPortCompleteRequest, AtaPortMoveMemory, AtaPortCompleteAllActiveRequests, AtaPortReleaseRequestSenseIrb, AtaPortBuildRequestSenseIrb, AtaPortReadPortUshort, AtaPortReadPortBufferUshort, AtaPortInitialize, AtaPortGetDeviceBase, AtaPortDeviceStateChange
> ntoskrnl.exe: KeTickCount
( 0 exports )
TrID : File type identification
Generic Win/DOS Executable (49.9%)
DOS Executable Generic (49.8%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.1%)
ssdeep: 384:zzY0Vgd1RrKzBpWk4UwWFSn8G6FuT+quHpBjbOjBMwzt8:zz/Vgd1gzQUSuBxkMwzt8
PEiD : -
RDS : NSRL Reference Data Set
-
ATENTION ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.
-
Please do a search for atapi.sys and let me know if any hits.
-
I'm not sure I know what you mean. Do a search on a search engine or my laptop?
I did find this information on atapi.sys file:
http://www.malwarebytes.org/forums/i...8&#entry156278
http://www.file.net/process/atapi.sys.html
atapi.sys file information
The process IDE/ATAPI Port Driver belongs to the software Standard IDE/ESDI Hard Disk Controller or Controller disco rigido IDE/ESDI standard by Microsoft Corporation (www.microsoft.com).
Description: atapi.sys is located in the folder C:\Windows\System32\drivers. Known file sizes on Windows XP are 95,360 bytes (95% of all occurrence), 96,512 bytes.
The driver can be started or stopped from Services in the Control Panel or by other programs. It is a Windows system file. The program is not visible. The service has no detailed description. File atapi.sys is a trustworthy file from Microsoft. Therefore the technical security rating is 18% dangerous, however also read the users reviews.
Recommended: Identify atapi.sys related errors
Important: Some malware camouflage themselves as atapi.sys, particularly if they are located in c:\windows or c:\windows\system32 folder. Thus check the atapi.sys process on your pc whether it is pest. We recommend Security Task Manager for verifying your computer's security. It is one of the Top Download Picks of 2005 of The Washington Post and PC World.
-
I did a search of the files on my laptop for atapi. I attached a screenshot of the search results. I also scanned the files with ZA, Malwarebytes, and AdAware. Nothing malicious was found.
-
OK, those can't be used.
Do you have windows CD handy?
-
I have the disc that came with my laptop. It's the Vista Anytime Upgrade disc. I do have an XP Pro upgrade disc. That is the only windows cd I have.
-
I did want to mention that I went through the allowed programs list in my ZA Security Suite and I found some that were suspect. I chose the option to "kill" some of them. I killed the ones that were dated from when I started to have problems Nov & Dec. I'll list what they are:
amsgu.exe - killed
fkJUjWFwogmriTlryxoX (extension unknown)
nbhfy.exe - killed
nmjhv.exe - killed
is-HPUNN.tmp
inst.exe - killed
-
Upgrade discs won't unfortunately help here.
You will need a full version media. Are you able to borrow one?
-
I am trying to borrow one.
I was going through the manual for my laptop and did find out that it has a recovery partition that would return it to it's original condition.
-
Yes that is the case with almost all laptops, unfortunately.
Let me know how it wnet.