Hello Mermaid123.
This is a bad infection that takes special tools to cure it. But, we know how to handle it.
Please do this in order.
Disable Spybot's TeaTimerWhile TeaTimer is an excellent tool for the prevention of spyware, it can also interfere with our fixes. Please disable TeaTimer for now until you are clean.
1. Right click Spybot in the System Tray (looks like a calendar with a padlock symbol). Choose
Exit Spybot S&D Resident2. Run
Spybot S&D 3. Go to the
Mode menu, and make sure
Advanced Mode is selected.
4. On the left hand side, choose
Tools >
Resident
uncheck
Resident TeaTimer and
OK any prompt and
Restart your computer.
Note: If TeaTimer gives you a warning afterwards that some changes were made, allow this instead of blocking it.
If TeaTimer will not turn off then uninstall Spybot until we are done cleaning.
----------
Open HijackThis and select
Do a system scan onlyPlace a check mark next to the following entries: (if there)
- O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
Important: Close all open windows except for HijackThis and then click
Fix checked.
Once completed, exit HijackThis.
----------
Please download
SystemLook from
one of the below links and save it to your
desktop.
Link #1Link #2Temporarily
disable your
antivirus and any
antispyware real time protection
before performing a scan. Click
this link to see a list of security programs that should be disabled and how to disable them.
* Double-click
SystemLook.exe to run it.
* Copy the
contents of the following codebox into the main textfield.
:filefind
atapi.sys
* Click the
Look button to start the scan.
*
Note: The scan may take some time so please just let it do its work and be patient (or do something else unrelated to the computer).
* When finished, a notepad window will open with the results of the scan. Please post the log.
The log can also be found on your desktop entitled
SystemLook.txt