Thanks for the clarification.
I see you have run Combofix unsupervised.....this is ill advised!! Particularly on a window 7 machine in that it is incompatible with this OS!!!!! This is a complex and powerful tool that should not be used except under the supervision and direction of a malware expert. It can and will render your computer unbootable permanently!! Also realize that in most circumstances a single run of Combofix is ineffective. Specialized scripts will be written specifically directing this program to clean-up based on your logs!!
I would like to see your most recent CF logs. You will find them @ C:\ComboFix.txt
========== P2P Warning
Your log indicates that you have uTorrent
• Avoid gaming sites
, pirated software
, cracking tools
, and peer-to-peer
(P2P) file sharing
- They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections
, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
- Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads
and malicious Flash ads
that install viruses, Trojans and spyware
. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
- The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories
and Risks of File-Sharing Technology
: It is pretty much certain that if you continue to use P2P programs, then you will get infected again.
I would recommend that you uninstall uTorrent
, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel>> Add / Remove Programs
If you wish to keep it, please do not use it until your computer is cleaned.
Do you have your Windows 7 install disc? We are probably going to need it!
Show hidden files in Windows 7. Follow the instructions here
Read the following instructions carefully. If you encounter problems stop and tell me about it. Don't forget to right click and run as Admin for to make the downloads run.
Please download SystemLook
from one of the links below and save it to your Desktop
.Download Mirror #1
Download Mirror #2
- Double-click SystemLook.exe to run it.
- Copy the content of the following codebox into the main textfield:
- Click the Look button to start the scan.
- When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
The log can also be found on your Desktop entitled SystemLook.txt
1. Go to the c:\windows\system32\drivers
2. Locate the file - atapi.sys
3. Drag and move the file to Desktop
4. Wait 5 secs and press F5 to see if the operating system regenerated a fresh copy in c:\windows\system32\drivers folder
5a. If a fresh copy is regenerated, reboot the machine
5b. If a fresh copy ISN'T regenerated, move the copy from Desktop back to its original location. <--- If you fail to perform this step you will render your computer unbootable!!!
Still getting redirected??
If so then please do this...
1. Download the file TDSSKiller.zip
and extract it to your desktop.
2. Click start->run->copy-paste "%userprofile%desktop\TDSSKiller.exe" -l report.txt -v
into the textbox and press enter.
3. report.txt should be generated into same location with TDSSKiller.exe. Post contents of that report, please.
If the prior steps solve the redirection problem then repeat Step 1.
==========With your next post please provide:
* Prior Combofix logs
* Answer to question
* Drag & drop success?
* TDSSkiller success?