July 9th, 2010 
Zander 
Posted in My Dad called me up a few weeks ago, complaining about his computer. He claimed that when he Googled something, and clicked on a resulting link, it would redirect him to another site. I asked him to download Malbyteware’s Anti-Malware package, but since the browser kept redirecting him elsewhere, it was a lost cause.
Eventually, I just had him bring the computer to me, so I could work on it. My first run of Malwarebytes’ Anti-Malware came up with 50 infections! So I let it do it’s thing, and I figured I’d be in the clear.
I rebooted the computer, and everything appeared to be fine. But just as I was about to close out of IE, it redirected me to a random site. WTF?
Some Googling led me to the discovery of the atapi.sys rootkit, a NASTY malware hack that is even harder to clean up. Thankfully, this thread led me to TDSKiller, a nifty utility from Kaspersky that replaces your infected atapi.sys with a clean version when rebooting.
Problem solved!!
