Browser Redirecting all the time

**soar3** · 2010-03-28, 07:05

It's hard for me to download the drivers now since my computer keeps wanting to reboot after only a few minutes of being online. I'm managing responding to you with continually getting the BSOD and then logging in a response before I get disconnected. Do you really think I need to download the drivers or just loss them off of the disk I have that came with the motherboard? I just need to know which ones to delete.

**shinybeast** · 2010-03-28, 08:03

OK

I want to pause here and seek a second opinion before you do anything else. I do not want the situation to become worse.
In the mean time, I have some questions.

What drivers did you install from the disc? What drivers are available to install from the disc?

Do you get BSODs if you run the computer without connecting the modem?

Do you have access to a PS/2 keyboard?

**soar3** · 2010-03-28, 08:44

The drivers I installed are the NVIDIA nforce drivers and it asks to " Install these drivers sequentially, from top to bottom. NVIDIA nforce drivers (ethernet, IDE, RAID, and more) " That is the only option it has to select from and that is the one I selected.

The computer stays running as long as I don't plug into my modem without a problem. When I first did the reinstall of the nsvsds file I did hv an issue with getting online, but I deleted the network adapter and reinstated that driver and everything was fine. No BSOD and no keyboard malfunctions until I ran the OTL fix. However, it seems like the networking aspect of my computer is at question, but my keyboard is non responsive when I boot my computer up and try to select safe mode or to try and boot from a disk. I have never had this problem before. Also, the keyboard will function and let me get in to modify my BIOS, though. WEIRD!

No, I do not have a Ps/2 keyboard, just a Usb on.

**shinybeast** · 2010-03-28, 16:54

If you can get the computer to work normally with modem disconnected, I strongly suggest you back up any important data on C: drive.

I'll post again once I get some more opinions.

**soar3** · 2010-03-28, 17:18

I ran a backup on my computer all night without any problems with the modem disconnected. I deleted and reinstalled my network adapters this morning and my computer stayed online and functioning until I decided to try and reboot and see what happens. After rebooting, the computer would only stay online for 10-15 mins and sometimes even shorter. I still do not have the option to get into Safe Mode which I'm starting to believe is not a keyboard issue since my keyboard is working fine. Maybe there was a file corrupted or deleted that has changed my boot.ini file of some sort.

**shinybeast** · 2010-03-28, 17:32

Hi soar3,

See if you can stay online long enough to download TDSSKiller. Then disconnect the modem and run it. Post back with the log.

TDSSKiller

Click here to download TDSSKiller to your desktop.
Extract TDSSKiller.zip to your desktop so that TDSSKiller.exe is on your desktop (not in a folder).
NOTE: Close all running programs as a reboot may be necessary.

Copy the text in code box below.

Code:

"%userprofile%\Desktop\TDSSKiller.exe" -l "%userprofile%\desktop\tdsskiller.txt"

Click Start, click Run... and paste the above command in the Open: box and click OK.
If TDSSKiller finds something, allow it to delete what it finds.
Once the tool is finished, press any key to continue and allow the computer to reboot if necessary.
Locate the log, tdskiller.txt, on your desktop and post the contents of that log in your next reply.

**soar3** · 2010-03-28, 23:31

17:29:21:046 3924 TDSS rootkit removing tool 2.2.8.1 Mar 22 2010 10:43:04
17:29:21:046 3924 ================================================================================
17:29:21:046 3924 SystemInfo:

17:29:21:046 3924 OS Version: 5.1.2600 ServicePack: 2.0
17:29:21:046 3924 Product type: Workstation
17:29:21:046 3924 ComputerName: AMD
17:29:21:046 3924 UserName: Emmett & Roz
17:29:21:046 3924 Windows directory: C:\WINDOWS
17:29:21:046 3924 Processor architecture: Intel x86
17:29:21:046 3924 Number of processors: 2
17:29:21:046 3924 Page size: 0x1000
17:29:21:046 3924 Boot type: Normal boot
17:29:21:046 3924 ================================================================================
17:29:21:046 3924 UnloadDriverW: NtUnloadDriver error 2
17:29:21:046 3924 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2
17:29:21:156 3924 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system
17:29:21:156 3924 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
17:29:21:156 3924 wfopen_ex: Trying to KLMD file open
17:29:21:156 3924 wfopen_ex: File opened ok (Flags 2)
17:29:21:156 3924 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software
17:29:21:156 3924 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
17:29:21:156 3924 wfopen_ex: Trying to KLMD file open
17:29:21:156 3924 wfopen_ex: File opened ok (Flags 2)
17:29:21:156 3924 Initialize success
17:29:21:156 3924
17:29:21:156 3924 Scanning Services ...
17:29:21:187 3924 Raw services enum returned 344 services
17:29:21:203 3924
17:29:21:203 3924 Scanning Kernel memory ...
17:29:21:203 3924 Devices to scan: 10
17:29:21:203 3924
17:29:21:203 3924 Driver Name: Disk
17:29:21:203 3924 IRP_MJ_CREATE : BA90EC30
17:29:21:203 3924 IRP_MJ_CREATE_NAMED_PIPE : 804F4456
17:29:21:203 3924 IRP_MJ_CLOSE : BA90EC30
17:29:21:203 3924 IRP_MJ_READ : BA908D9B
17:29:21:203 3924 IRP_MJ_WRITE : BA908D9B
17:29:21:203 3924 IRP_MJ_QUERY_INFORMATION : 804F4456
17:29:21:203 3924 IRP_MJ_SET_INFORMATION : 804F4456
17:29:21:203 3924 IRP_MJ_QUERY_EA : 804F4456
17:29:21:203 3924 IRP_MJ_SET_EA : 804F4456
17:29:21:203 3924 IRP_MJ_FLUSH_BUFFERS : BA909366
17:29:21:203 3924 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F4456
17:29:21:203 3924 IRP_MJ_SET_VOLUME_INFORMATION : 804F4456
17:29:21:203 3924 IRP_MJ_DIRECTORY_CONTROL : 804F4456
17:29:21:203 3924 IRP_MJ_FILE_SYSTEM_CONTROL : 804F4456
17:29:21:203 3924 IRP_MJ_DEVICE_CONTROL : BA90944D
17:29:21:203 3924 IRP_MJ_INTERNAL_DEVICE_CONTROL : BA90CFC3
17:29:21:203 3924 IRP_MJ_SHUTDOWN : BA909366
17:29:21:203 3924 IRP_MJ_LOCK_CONTROL : 804F4456
17:29:21:203 3924 IRP_MJ_CLEANUP : 804F4456
17:29:21:203 3924 IRP_MJ_CREATE_MAILSLOT : 804F4456
17:29:21:203 3924 IRP_MJ_QUERY_SECURITY : 804F4456
17:29:21:203 3924 IRP_MJ_SET_SECURITY : 804F4456
17:29:21:203 3924 IRP_MJ_POWER : BA90AEF3
17:29:21:203 3924 IRP_MJ_SYSTEM_CONTROL : BA90FA24
17:29:21:203 3924 IRP_MJ_DEVICE_CHANGE : 804F4456
17:29:21:203 3924 IRP_MJ_QUERY_QUOTA : 804F4456
17:29:21:203 3924 IRP_MJ_SET_QUOTA : 804F4456
17:29:21:203 3924 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: 1
17:29:21:218 3924
17:29:21:218 3924 Driver Name: Disk
17:29:21:218 3924 IRP_MJ_CREATE : BA90EC30
17:29:21:218 3924 IRP_MJ_CREATE_NAMED_PIPE : 804F4456
17:29:21:218 3924 IRP_MJ_CLOSE : BA90EC30
17:29:21:218 3924 IRP_MJ_READ : BA908D9B
17:29:21:218 3924 IRP_MJ_WRITE : BA908D9B
17:29:21:218 3924 IRP_MJ_QUERY_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_SET_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_QUERY_EA : 804F4456
17:29:21:218 3924 IRP_MJ_SET_EA : 804F4456
17:29:21:218 3924 IRP_MJ_FLUSH_BUFFERS : BA909366
17:29:21:218 3924 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_SET_VOLUME_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_DIRECTORY_CONTROL : 804F4456
17:29:21:218 3924 IRP_MJ_FILE_SYSTEM_CONTROL : 804F4456
17:29:21:218 3924 IRP_MJ_DEVICE_CONTROL : BA90944D
17:29:21:218 3924 IRP_MJ_INTERNAL_DEVICE_CONTROL : BA90CFC3
17:29:21:218 3924 IRP_MJ_SHUTDOWN : BA909366
17:29:21:218 3924 IRP_MJ_LOCK_CONTROL : 804F4456
17:29:21:218 3924 IRP_MJ_CLEANUP : 804F4456
17:29:21:218 3924 IRP_MJ_CREATE_MAILSLOT : 804F4456
17:29:21:218 3924 IRP_MJ_QUERY_SECURITY : 804F4456
17:29:21:218 3924 IRP_MJ_SET_SECURITY : 804F4456
17:29:21:218 3924 IRP_MJ_POWER : BA90AEF3
17:29:21:218 3924 IRP_MJ_SYSTEM_CONTROL : BA90FA24
17:29:21:218 3924 IRP_MJ_DEVICE_CHANGE : 804F4456
17:29:21:218 3924 IRP_MJ_QUERY_QUOTA : 804F4456
17:29:21:218 3924 IRP_MJ_SET_QUOTA : 804F4456
17:29:21:218 3924 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: 1
17:29:21:218 3924
17:29:21:218 3924 Driver Name: Disk
17:29:21:218 3924 IRP_MJ_CREATE : BA90EC30
17:29:21:218 3924 IRP_MJ_CREATE_NAMED_PIPE : 804F4456
17:29:21:218 3924 IRP_MJ_CLOSE : BA90EC30
17:29:21:218 3924 IRP_MJ_READ : BA908D9B
17:29:21:218 3924 IRP_MJ_WRITE : BA908D9B
17:29:21:218 3924 IRP_MJ_QUERY_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_SET_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_QUERY_EA : 804F4456
17:29:21:218 3924 IRP_MJ_SET_EA : 804F4456
17:29:21:218 3924 IRP_MJ_FLUSH_BUFFERS : BA909366
17:29:21:218 3924 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_SET_VOLUME_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_DIRECTORY_CONTROL : 804F4456
17:29:21:218 3924 IRP_MJ_FILE_SYSTEM_CONTROL : 804F4456
17:29:21:218 3924 IRP_MJ_DEVICE_CONTROL : BA90944D
17:29:21:218 3924 IRP_MJ_INTERNAL_DEVICE_CONTROL : BA90CFC3
17:29:21:218 3924 IRP_MJ_SHUTDOWN : BA909366
17:29:21:218 3924 IRP_MJ_LOCK_CONTROL : 804F4456
17:29:21:218 3924 IRP_MJ_CLEANUP : 804F4456
17:29:21:218 3924 IRP_MJ_CREATE_MAILSLOT : 804F4456
17:29:21:218 3924 IRP_MJ_QUERY_SECURITY : 804F4456
17:29:21:218 3924 IRP_MJ_SET_SECURITY : 804F4456
17:29:21:218 3924 IRP_MJ_POWER : BA90AEF3
17:29:21:218 3924 IRP_MJ_SYSTEM_CONTROL : BA90FA24
17:29:21:218 3924 IRP_MJ_DEVICE_CHANGE : 804F4456
17:29:21:218 3924 IRP_MJ_QUERY_QUOTA : 804F4456
17:29:21:218 3924 IRP_MJ_SET_QUOTA : 804F4456
17:29:21:218 3924 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: 1
17:29:21:218 3924
17:29:21:218 3924 Driver Name: USBSTOR
17:29:21:218 3924 IRP_MJ_CREATE : ADC63218
17:29:21:218 3924 IRP_MJ_CREATE_NAMED_PIPE : 804F4456
17:29:21:218 3924 IRP_MJ_CLOSE : ADC63218
17:29:21:218 3924 IRP_MJ_READ : ADC6323C
17:29:21:218 3924 IRP_MJ_WRITE : ADC6323C
17:29:21:218 3924 IRP_MJ_QUERY_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_SET_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_QUERY_EA : 804F4456
17:29:21:218 3924 IRP_MJ_SET_EA : 804F4456
17:29:21:218 3924 IRP_MJ_FLUSH_BUFFERS : 804F4456
17:29:21:218 3924 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_SET_VOLUME_INFORMATION : 804F4456
17:29:21:218 3924 IRP_MJ_DIRECTORY_CONTROL : 804F4456
17:29:21:218 3924 IRP_MJ_FILE_SYSTEM_CONTROL : 804F4456
17:29:21:218 3924 IRP_MJ_DEVICE_CONTROL : ADC63180
17:29:21:218 3924 IRP_MJ_INTERNAL_DEVICE_CONTROL : ADC5E9E6
17:29:21:218 3924 IRP_MJ_SHUTDOWN : 804F4456
17:29:21:218 3924 IRP_MJ_LOCK_CONTROL : 804F4456
17:29:21:218 3924 IRP_MJ_CLEANUP : 804F4456
17:29:21:218 3924 IRP_MJ_CREATE_MAILSLOT : 804F4456
17:29:21:218 3924 IRP_MJ_QUERY_SECURITY : 804F4456
17:29:21:218 3924 IRP_MJ_SET_SECURITY : 804F4456
17:29:21:218 3924 IRP_MJ_POWER : ADC625F0
17:29:21:218 3924 IRP_MJ_SYSTEM_CONTROL : ADC60A6E
17:29:21:218 3924 IRP_MJ_DEVICE_CHANGE : 804F4456
17:29:21:218 3924 IRP_MJ_QUERY_QUOTA : 804F4456
17:29:21:218 3924 IRP_MJ_SET_QUOTA : 804F4456
17:29:21:234 3924 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Verdict: 1
17:29:21:234 3924
17:29:21:234 3924 Driver Name: USBSTOR
17:29:21:234 3924 IRP_MJ_CREATE : ADC63218
17:29:21:234 3924 IRP_MJ_CREATE_NAMED_PIPE : 804F4456
17:29:21:234 3924 IRP_MJ_CLOSE : ADC63218
17:29:21:234 3924 IRP_MJ_READ : ADC6323C
17:29:21:234 3924 IRP_MJ_WRITE : ADC6323C
17:29:21:234 3924 IRP_MJ_QUERY_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_SET_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_EA : 804F4456
17:29:21:234 3924 IRP_MJ_SET_EA : 804F4456
17:29:21:234 3924 IRP_MJ_FLUSH_BUFFERS : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_SET_VOLUME_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_DIRECTORY_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_FILE_SYSTEM_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_DEVICE_CONTROL : ADC63180
17:29:21:234 3924 IRP_MJ_INTERNAL_DEVICE_CONTROL : ADC5E9E6
17:29:21:234 3924 IRP_MJ_SHUTDOWN : 804F4456
17:29:21:234 3924 IRP_MJ_LOCK_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_CLEANUP : 804F4456
17:29:21:234 3924 IRP_MJ_CREATE_MAILSLOT : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_SECURITY : 804F4456
17:29:21:234 3924 IRP_MJ_SET_SECURITY : 804F4456
17:29:21:234 3924 IRP_MJ_POWER : ADC625F0
17:29:21:234 3924 IRP_MJ_SYSTEM_CONTROL : ADC60A6E
17:29:21:234 3924 IRP_MJ_DEVICE_CHANGE : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_QUOTA : 804F4456
17:29:21:234 3924 IRP_MJ_SET_QUOTA : 804F4456
17:29:21:234 3924 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Verdict: 1
17:29:21:234 3924
17:29:21:234 3924 Driver Name: USBSTOR
17:29:21:234 3924 IRP_MJ_CREATE : ADC63218
17:29:21:234 3924 IRP_MJ_CREATE_NAMED_PIPE : 804F4456
17:29:21:234 3924 IRP_MJ_CLOSE : ADC63218
17:29:21:234 3924 IRP_MJ_READ : ADC6323C
17:29:21:234 3924 IRP_MJ_WRITE : ADC6323C
17:29:21:234 3924 IRP_MJ_QUERY_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_SET_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_EA : 804F4456
17:29:21:234 3924 IRP_MJ_SET_EA : 804F4456
17:29:21:234 3924 IRP_MJ_FLUSH_BUFFERS : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_SET_VOLUME_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_DIRECTORY_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_FILE_SYSTEM_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_DEVICE_CONTROL : ADC63180
17:29:21:234 3924 IRP_MJ_INTERNAL_DEVICE_CONTROL : ADC5E9E6
17:29:21:234 3924 IRP_MJ_SHUTDOWN : 804F4456
17:29:21:234 3924 IRP_MJ_LOCK_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_CLEANUP : 804F4456
17:29:21:234 3924 IRP_MJ_CREATE_MAILSLOT : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_SECURITY : 804F4456
17:29:21:234 3924 IRP_MJ_SET_SECURITY : 804F4456
17:29:21:234 3924 IRP_MJ_POWER : ADC625F0
17:29:21:234 3924 IRP_MJ_SYSTEM_CONTROL : ADC60A6E
17:29:21:234 3924 IRP_MJ_DEVICE_CHANGE : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_QUOTA : 804F4456
17:29:21:234 3924 IRP_MJ_SET_QUOTA : 804F4456
17:29:21:234 3924 C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS - Verdict: 1
17:29:21:234 3924
17:29:21:234 3924 Driver Name: Disk
17:29:21:234 3924 IRP_MJ_CREATE : BA90EC30
17:29:21:234 3924 IRP_MJ_CREATE_NAMED_PIPE : 804F4456
17:29:21:234 3924 IRP_MJ_CLOSE : BA90EC30
17:29:21:234 3924 IRP_MJ_READ : BA908D9B
17:29:21:234 3924 IRP_MJ_WRITE : BA908D9B
17:29:21:234 3924 IRP_MJ_QUERY_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_SET_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_EA : 804F4456
17:29:21:234 3924 IRP_MJ_SET_EA : 804F4456
17:29:21:234 3924 IRP_MJ_FLUSH_BUFFERS : BA909366
17:29:21:234 3924 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_SET_VOLUME_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_DIRECTORY_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_FILE_SYSTEM_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_DEVICE_CONTROL : BA90944D
17:29:21:234 3924 IRP_MJ_INTERNAL_DEVICE_CONTROL : BA90CFC3
17:29:21:234 3924 IRP_MJ_SHUTDOWN : BA909366
17:29:21:234 3924 IRP_MJ_LOCK_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_CLEANUP : 804F4456
17:29:21:234 3924 IRP_MJ_CREATE_MAILSLOT : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_SECURITY : 804F4456
17:29:21:234 3924 IRP_MJ_SET_SECURITY : 804F4456
17:29:21:234 3924 IRP_MJ_POWER : BA90AEF3
17:29:21:234 3924 IRP_MJ_SYSTEM_CONTROL : BA90FA24
17:29:21:234 3924 IRP_MJ_DEVICE_CHANGE : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_QUOTA : 804F4456
17:29:21:234 3924 IRP_MJ_SET_QUOTA : 804F4456
17:29:21:234 3924 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: 1
17:29:21:234 3924
17:29:21:234 3924 Driver Name: Disk
17:29:21:234 3924 IRP_MJ_CREATE : BA90EC30
17:29:21:234 3924 IRP_MJ_CREATE_NAMED_PIPE : 804F4456
17:29:21:234 3924 IRP_MJ_CLOSE : BA90EC30
17:29:21:234 3924 IRP_MJ_READ : BA908D9B
17:29:21:234 3924 IRP_MJ_WRITE : BA908D9B
17:29:21:234 3924 IRP_MJ_QUERY_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_SET_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_EA : 804F4456
17:29:21:234 3924 IRP_MJ_SET_EA : 804F4456
17:29:21:234 3924 IRP_MJ_FLUSH_BUFFERS : BA909366
17:29:21:234 3924 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_SET_VOLUME_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_DIRECTORY_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_FILE_SYSTEM_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_DEVICE_CONTROL : BA90944D
17:29:21:234 3924 IRP_MJ_INTERNAL_DEVICE_CONTROL : BA90CFC3
17:29:21:234 3924 IRP_MJ_SHUTDOWN : BA909366
17:29:21:234 3924 IRP_MJ_LOCK_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_CLEANUP : 804F4456
17:29:21:234 3924 IRP_MJ_CREATE_MAILSLOT : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_SECURITY : 804F4456
17:29:21:234 3924 IRP_MJ_SET_SECURITY : 804F4456
17:29:21:234 3924 IRP_MJ_POWER : BA90AEF3
17:29:21:234 3924 IRP_MJ_SYSTEM_CONTROL : BA90FA24
17:29:21:234 3924 IRP_MJ_DEVICE_CHANGE : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_QUOTA : 804F4456
17:29:21:234 3924 IRP_MJ_SET_QUOTA : 804F4456
17:29:21:234 3924 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: 1
17:29:21:234 3924
17:29:21:234 3924 Driver Name: Disk
17:29:21:234 3924 IRP_MJ_CREATE : BA90EC30
17:29:21:234 3924 IRP_MJ_CREATE_NAMED_PIPE : 804F4456
17:29:21:234 3924 IRP_MJ_CLOSE : BA90EC30
17:29:21:234 3924 IRP_MJ_READ : BA908D9B
17:29:21:234 3924 IRP_MJ_WRITE : BA908D9B
17:29:21:234 3924 IRP_MJ_QUERY_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_SET_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_EA : 804F4456
17:29:21:234 3924 IRP_MJ_SET_EA : 804F4456
17:29:21:234 3924 IRP_MJ_FLUSH_BUFFERS : BA909366
17:29:21:234 3924 IRP_MJ_QUERY_VOLUME_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_SET_VOLUME_INFORMATION : 804F4456
17:29:21:234 3924 IRP_MJ_DIRECTORY_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_FILE_SYSTEM_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_DEVICE_CONTROL : BA90944D
17:29:21:234 3924 IRP_MJ_INTERNAL_DEVICE_CONTROL : BA90CFC3
17:29:21:234 3924 IRP_MJ_SHUTDOWN : BA909366
17:29:21:234 3924 IRP_MJ_LOCK_CONTROL : 804F4456
17:29:21:234 3924 IRP_MJ_CLEANUP : 804F4456
17:29:21:234 3924 IRP_MJ_CREATE_MAILSLOT : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_SECURITY : 804F4456
17:29:21:234 3924 IRP_MJ_SET_SECURITY : 804F4456
17:29:21:234 3924 IRP_MJ_POWER : BA90AEF3
17:29:21:234 3924 IRP_MJ_SYSTEM_CONTROL : BA90FA24
17:29:21:234 3924 IRP_MJ_DEVICE_CHANGE : 804F4456
17:29:21:234 3924 IRP_MJ_QUERY_QUOTA : 804F4456
17:29:21:234 3924 IRP_MJ_SET_QUOTA : 804F4456
17:29:21:234 3924 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: 1
17:29:21:234 3924
17:29:21:234 3924 Driver Name: nvata
17:29:21:234 3924 IRP_MJ_CREATE : BA6F2894
17:29:21:234 3924 IRP_MJ_CREATE_NAMED_PIPE : BA6F2874
17:29:21:234 3924 IRP_MJ_CLOSE : BA6F2894
17:29:21:234 3924 IRP_MJ_READ : BA6F2874
17:29:21:234 3924 IRP_MJ_WRITE : BA6F2874
17:29:21:234 3924 IRP_MJ_QUERY_INFORMATION : BA6F2874
17:29:21:234 3924 IRP_MJ_SET_INFORMATION : BA6F2874
17:29:21:234 3924 IRP_MJ_QUERY_EA : BA6F2874
17:29:21:234 3924 IRP_MJ_SET_EA : BA6F2874
17:29:21:234 3924 IRP_MJ_FLUSH_BUFFERS : BA6F2874
17:29:21:234 3924 IRP_MJ_QUERY_VOLUME_INFORMATION : BA6F2874
17:29:21:234 3924 IRP_MJ_SET_VOLUME_INFORMATION : BA6F2874
17:29:21:234 3924 IRP_MJ_DIRECTORY_CONTROL : BA6F2874
17:29:21:234 3924 IRP_MJ_FILE_SYSTEM_CONTROL : BA6F2874
17:29:21:234 3924 IRP_MJ_DEVICE_CONTROL : BA6F28AE
17:29:21:234 3924 IRP_MJ_INTERNAL_DEVICE_CONTROL : BA6F2D4E
17:29:21:234 3924 IRP_MJ_SHUTDOWN : BA6F2874
17:29:21:234 3924 IRP_MJ_LOCK_CONTROL : BA6F2874
17:29:21:234 3924 IRP_MJ_CLEANUP : BA6F2874
17:29:21:234 3924 IRP_MJ_CREATE_MAILSLOT : BA6F2874
17:29:21:234 3924 IRP_MJ_QUERY_SECURITY : BA6F2874
17:29:21:234 3924 IRP_MJ_SET_SECURITY : BA6F2874
17:29:21:234 3924 IRP_MJ_POWER : BA6F2CEE
17:29:21:234 3924 IRP_MJ_SYSTEM_CONTROL : BA6F2A7C
17:29:21:234 3924 IRP_MJ_DEVICE_CHANGE : BA6F2874
17:29:21:234 3924 IRP_MJ_QUERY_QUOTA : BA6F2874
17:29:21:234 3924 IRP_MJ_SET_QUOTA : BA6F2874
17:29:21:250 3924 C:\WINDOWS\system32\DRIVERS\nvata.sys - Verdict: 1
17:29:21:250 3924
17:29:21:250 3924 Completed
17:29:21:250 3924
17:29:21:250 3924 Results:
17:29:21:250 3924 Memory objects infected / cured / cured on reboot: 0 / 0 / 0
17:29:21:250 3924 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
17:29:21:250 3924 File objects infected / cured / cured on reboot: 0 / 0 / 0
17:29:21:250 3924
17:29:21:250 3924 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system
17:29:21:250 3924 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software
17:29:21:250 3924 KLMD(ARK) unloaded successfully

**shinybeast** · 2010-03-29, 01:01

Boot.ini Check

We can check the current state of the Boot.ini file to check if it is corrupted or not as follows:

Open Notepad.
Copy and Paste everything from the Code Box below into Notepad: <----Start >> Run... type in notepad and select OK

Code:

@Echo off
xcopy C:\boot.ini "%userprofile%\desktop\" /h
attrib -s -h "%userprofile%\desktop\boot.ini"
ren "%userprofile%\desktop\boot.ini" bootini.txt
Del %0

Go to File >> Save As
Save File name as "Look.bat" <-- Make sure to include the apostrophes.
Change Save as Type to All Files and save the file to your Desktop.
It should look like this:

Now double click on the desktop Look.bat to run the batch file. It will self-delete when completed and produce a notepad text file named bootini on your desktop.

Please post bootini.txt and answer the following question.

Can you remember if the computer was rebooted at any time after the driver install but before the OTL fix? I asked this earlier but did not get an answer.

**soar3** · 2010-03-29, 01:20

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

Sorry for not answering, but yes the computer was rebooted after the drivers were installed.

**shinybeast** · 2010-03-29, 02:01

OK, that looks good.

I notice you have NVIDIA ForceWare Network Access Manager installed. It is known to be buggy and cause issues. It is also unnecessary. I recommend you uninstall it and see if that helps. If that does not help, then try reinstalling motherboard drivers but do not install Network Access Manager.

Otherwise, I think I may be out of ideas. I can recommend a forum to seek further assistance or you can reformat and reinstall Windows or take the computer to a shop.

Let me know the outcome and/or what you decide to do.

Thread: Browser Redirecting all the time

Thread Tools

Display

Posting Permissions