slippin

Many thanks for the help and excuse me for bothering.

That is the file atapi.sys which I attached in principle a legitimate? p.s.Once again sorry for my bad English, unfortunately translators translate is not perfect

The situation is changed from the file atapi.sys changed md5 number, now the file is not detected by a-squared, but detected by eSafe (Win32.Rootkit) and McAfee Gw-edition (Heuristic.BehavesLike.Win32.Rootkit.H) I'd like to hear your opinion on this subject

I'm sorry ,if I could attach the following logs with messages in this topic for help?: A-Squared Win32kDiag ISeeYouXP HiJackFree

Hello, I have a problem a-squared detects the file atapi.sys(96kbytes) as Rootkit.Win32.TDSS.y! A2. I tried to replace it with a clean file from the distribution (os ms xp sp3) which weighs 48kbytes, but again he was replaced by a tether in the infected 98kbytes (tried to remove, but it appears again). Attaching a file to the message I very much hope your some help. p.s.Excuse me for my bad English