Inactive Windows update from start menu and browser redirect to Google(eng

[Inactive]Windows update from start menu and browser redirect to Google(eng

Hello,

I recently reformatted my hard drive with Windows Xp Pro. After reformatting I ran windows update from the start menu one time successfully, I rebooted my machine, and I proceeded to run windows update from the start menu a second time to get more updates. However, this time I was sent to google. I cannot type it in my browser either, all attempts redirect to the google english sight. I can however look at files on their download site, but any attempt to download is immediately sent back to google. I have downloaded combofix and malwarebytes, trojanremover, dr web cureit!, and antispyware something or other. I have ran all of them and several times they have removed registry keys with a DNS Changer always related to a driver or a .dll file. I have even tried renaming the virus tools, downloading them on an uninfected machine put them on a cd and run them from there. Basically everything is reported clean, even though I know the DNS changer is still there as I am redirected continously. I am now seeking your help and with this. It has been suggested that I reformat again and re-download the virus tools on an uninfected machine, rename them, and burn and run them (I have read somewhere this virus replicates itself inside any program you run). I'd prefer not to reformat unless there is no other way, I am on a fresh install of windows XP, I have reformatted 2 days ago. Thanks in advance.

- Dan

--- DDS REPORTS ---
DDS.txt

DDS (Ver_09-03-16.01) - NTFSx86
Run by Dan at 16:31:26.81 on Fri 04/24/2009
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.989 [GMT -4:00]

AV: ESET NOD32 Antivirus 3.0 *On-access scanning disabled* (Updated)

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox 3.1 Beta 3\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Dan\Desktop\dds.scr

============== Pseudo HJT Report ===============

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [Hotfix-KB5504305] c:\windows\system32\rundll57.exe
uRunServices: [Hotfix-KB5504305] c:\windows\system32\rundll57.exe
mRun: [NVMixerTray] "c:\program files\nvidia corporation\nvmixer\NVMixerTray.exe "
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [Logitech Utility] Logi_MwX.Exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe "
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe "
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
dRunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.0/srl_bin/sysreqlab3.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1240351654875
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\dan\applic~1\mozilla\firefox\profiles\6qtnzbcv.default\

---- FIREFOX POLICIES ----
c:\program files\mozilla firefox 3.1 beta 3\greprefs\all.js - pref( "media.enforce_same_site_origin ", false);
c:\program files\mozilla firefox 3.1 beta 3\greprefs\all.js - pref( "media.ogg.enabled ", true);
c:\program files\mozilla firefox 3.1 beta 3\greprefs\all.js - pref( "media.wave.enabled ", true);
c:\program files\mozilla firefox 3.1 beta 3\greprefs\all.js - pref( "media.autoplay.enabled ", true);
c:\program files\mozilla firefox 3.1 beta 3\greprefs\all.js - pref( "browser.urlbar.autocomplete.enabled ", true);
c:\program files\mozilla firefox 3.1 beta 3\greprefs\all.js - pref( "capability.policy.mailnews.*.wholeText ", "noAccess ");
c:\program files\mozilla firefox 3.1 beta 3\greprefs\all.js - pref( "network.http.prompt-temp-redirect ", true);
c:\program files\mozilla firefox 3.1 beta 3\greprefs\all.js - pref( "network.tcp.sendbuffer ", 131072);
c:\program files\mozilla firefox 3.1 beta 3\defaults\pref\firefox.js - pref( "extensions.blocklist.level ", 2);
c:\program files\mozilla firefox 3.1 beta 3\defaults\pref\firefox.js - pref( "browser.urlbar.restrict.typed ", "~ ");
c:\program files\mozilla firefox 3.1 beta 3\defaults\pref\firefox.js - pref( "browser.urlbar.default.behavior ", 0);
c:\program files\mozilla firefox 3.1 beta 3\defaults\pref\firefox.js - pref( "browser.ssl_override_behavior ", 2);
c:\program files\mozilla firefox 3.1 beta 3\defaults\pref\firefox.js - pref( "security.alternate_certificate_error_page ", "certerror ");
c:\program files\mozilla firefox 3.1 beta 3\defaults\pref\firefox.js - pref( "browser.privatebrowsing.autostart ", false);
c:\program files\mozilla firefox 3.1 beta 3\defaults\pref\firefox.js - pref( "browser.privatebrowsing.dont_prompt_on_enter ", false);

============= SERVICES / DRIVERS ===============

R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [2007-8-29 116264]
R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2008-2-20 33800]
R2 ekrn;Eset Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2008-2-20 472320]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0;c:\program files\common files\nero\nero backitup 4\NBService.exe [2008-9-29 935208]
S0 xoiImyg;xoiImyg;c:\windows\system32\drivers\gcvml.sys --> c:\windows\system32\drivers\gcvml.sys [?]
S2 NOD32FiXTemDono;Eset Nod32 Boot;c:\windows\system32\regedt32.exe [2001-8-22 3584]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\nos\bin\getplus_helpersvc.exe --> c:\program files\nos\bin\getPlus_HelperSvc.exe [?]

=============== Created Last 30 ================

2009-04-24 10:53 5,702 a---h--- c:\windows\nod32restoretemdono.reg
2009-04-24 10:53 568 a---h--- c:\windows\nod32fixtemdono.reg
2009-04-24 10:52 36,864 ---shr-- c:\windows\system32\rundll57.exe
2009-04-24 10:51 <DIR> --d----- c:\program files\ESET
2009-04-24 10:45 161,792 a------- c:\windows\SWREG.exe
2009-04-24 10:45 98,816 a------- c:\windows\sed.exe
2009-04-23 19:55 <DIR> --dsh--- C:\found.000
2009-04-23 18:36 294,912 -c------ c:\windows\system32\dllcache\dlimport.exe
2009-04-23 18:35 <DIR> --d----- c:\windows\network diagnostic
2009-04-23 18:35 144,384 -------- c:\windows\system32\drivers\hdaudbus.sys
2009-04-23 18:35 10,240 -------- c:\windows\system32\drivers\sffp_mmc.sys
2009-04-23 18:34 19,569 a------- c:\windows\003093_.tmp
2009-04-23 18:10 931,672 a------- c:\windows\system32\XAudioD2_4.dll
2009-04-23 18:10 428,888 a------- c:\windows\system32\XactEngineA3_4.dll
2009-04-23 18:10 343,368 a------- c:\windows\system32\XactEngineD3_4.dll
2009-04-23 18:10 125,768 a------- c:\windows\system32\XAPOFXD1_3.dll
2009-04-23 18:10 45,384 a------- c:\windows\system32\X3DAudioD1_6.dll
2009-04-23 18:10 4,280,136 a------- c:\windows\system32\D3dx9d_41.dll
2009-04-23 18:10 3,795,784 a------- c:\windows\system32\d3dx9d_33.dll
2009-04-23 18:10 358,728 a------- c:\windows\system32\dinput8d.dll
2009-04-23 18:10 3,083,592 a------- c:\windows\system32\d3d9d.dll
2009-04-23 18:10 497,480 a------- c:\windows\system32\D3DX10d_41.dll
2009-04-23 18:10 348,504 a------- c:\windows\system32\d3dref9.dll
2009-04-23 18:05 <DIR> --d----- c:\program files\Microsoft DirectX SDK (March 2009)
2009-04-23 18:04 118,104 a------- c:\windows\dxsdkuninst.exe
2009-04-23 15:53 <DIR> --d----- c:\windows\ServicePackFiles
2009-04-23 15:52 19,528 a------- c:\windows\000001_.tmp
2009-04-23 15:52 26,488 a------- c:\windows\system32\spupdsvc.exe
2009-04-22 19:54 28,288 ac------ c:\windows\system32\dllcache\xjis.nls
2009-04-22 19:54 156,672 ac------ c:\windows\system32\dllcache\winzm.ime
2009-04-22 19:54 156,672 ac------ c:\windows\system32\dllcache\winsp.ime
2009-04-22 19:54 156,672 ac------ c:\windows\system32\dllcache\winpy.ime
2009-04-22 19:54 65,536 ac------ c:\windows\system32\dllcache\winime.ime
2009-04-22 19:54 79,360 ac------ c:\windows\system32\dllcache\winar30.ime
2009-04-22 19:54 72,704 ac------ c:\windows\system32\dllcache\wingb.ime
2009-04-22 19:52 262,200 ac------ c:\windows\system32\dllcache\imjputy.exe
2009-04-22 19:51 19,968 ac------ c:\windows\system32\dllcache\inetsloc.dll
2009-04-22 19:51 7,680 ac------ c:\windows\system32\dllcache\inetmgr.exe
2009-04-22 19:51 169,984 ac------ c:\windows\system32\dllcache\iisui.dll
2009-04-22 19:51 14,336 ac------ c:\windows\system32\dllcache\iisreset.exe
2009-04-22 19:51 5,632 ac------ c:\windows\system32\dllcache\iisrstap.dll
2009-04-22 19:51 6,144 ac------ c:\windows\system32\dllcache\ftpsapi2.dll
2009-04-22 19:51 94,720 ac------ c:\windows\system32\dllcache\certmap.ocx
2009-04-22 19:51 221,184 a------- c:\windows\system32\wmpns.dll
2009-04-22 19:50 488 a---hr-- c:\windows\system32\logonui.exe.manifest
2009-04-22 19:50 749 a---hr-- c:\windows\WindowsShell.Manifest
2009-04-22 19:50 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest
2009-04-22 19:50 749 a---hr-- c:\windows\system32\sapi.cpl.manifest
2009-04-22 19:50 749 a---hr-- c:\windows\system32\nwc.cpl.manifest
2009-04-22 19:50 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest
2009-04-22 19:38 212,711 a------- c:\windows\system32\nvapps.nvb
2009-04-22 17:42 <DIR> --d-h--- c:\windows\PIF
2009-04-22 15:21 <DIR> --d----- c:\documents and settings\dan\DoctorWeb
2009-04-22 12:02 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-04-22 02:36 <DIR> --d----- c:\docume~1\dan\applic~1\The Creative Assembly
2009-04-22 02:34 <DIR> --d----- c:\program files\common files\Blizzard Entertainment
2009-04-22 02:19 <DIR> --d----- c:\windows\system32\appmgmt
2009-04-22 02:10 <DIR> --d----- c:\program files\TVersity Codec Pack
2009-04-22 02:08 <DIR> --d----- c:\program files\TVersity
2009-04-22 01:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2009-04-22 01:50 <DIR> --d----- c:\program files\SUPERAntiSpyware
2009-04-22 01:50 <DIR> --d----- c:\docume~1\dan\applic~1\SUPERAntiSpyware.com
2009-04-22 01:23 410,984 a------- c:\windows\system32\deploytk.dll
2009-04-22 01:23 73,728 a------- c:\windows\system32\javacpl.cpl
2009-04-22 01:14 <DIR> --d----- c:\docume~1\dan\applic~1\Malwarebytes
2009-04-22 01:06 <DIR> a-dshr-- C:\cmdcons
2009-04-22 00:37 <DIR> --d----- c:\program files\Nero
2009-04-22 00:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Nero
2009-04-21 23:28 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-04-21 22:55 <DIR> --d----- c:\program files\Steam
2009-04-21 20:44 22,328 a------- c:\windows\system32\drivers\PnkBstrK.sys
2009-04-21 20:44 103,736 a------- c:\windows\system32\PnkBstrB.exe
2009-04-21 20:44 66,872 a------- c:\windows\system32\PnkBstrA.exe
2009-04-21 20:44 <DIR> --d----- c:\windows\system32\LogFiles
2009-04-21 19:41 168,448 a------- c:\windows\system32\unrar.dll
2009-04-21 19:41 <DIR> --d----- c:\program files\K-Lite Codec Pack
2009-04-21 19:40 1,060,864 a------- c:\windows\system32\MFC71.dll
2009-04-21 19:40 499,712 a------- c:\windows\system32\MSVCP71.dll
2009-04-21 19:40 348,160 a------- c:\windows\system32\MSVCR71.dll
2009-04-21 19:39 36,864 a------- c:\windows\system32\rundll43.exe.vir
2009-04-21 19:36 <DIR> --d----- c:\windows\Logs
2009-04-21 19:18 <DIR> --d----- C:\Downloads
2009-04-21 19:12 <DIR> --d----- c:\program files\uTorrent
2009-04-21 19:12 <DIR> --d----- c:\docume~1\dan\applic~1\uTorrent
2009-04-21 18:30 <DIR> --d----- c:\program files\common files\Logitech
2009-04-21 18:30 152,064 a------- c:\windows\system32\lmoufrc.dll
2009-04-21 18:30 104,960 a------- c:\windows\system32\COMNCTR.DLL
2009-04-21 18:30 97,792 a------- c:\windows\system32\LGUICOM.DLL
2009-04-21 18:30 70,894 a------- c:\windows\system32\drivers\LMouFlt2.Sys
2009-04-21 18:30 51,582 a------- c:\windows\system32\drivers\L8042PR2.SYS
2009-04-21 18:30 37,916 a------- c:\windows\system32\drivers\LHidUsb.sys
2009-04-21 18:30 25,630 a------- c:\windows\system32\drivers\LHidFlt2.Sys
2009-04-21 18:30 23,372 a------- c:\windows\system32\LCOINST.DLL
2009-04-21 18:30 20,992 a------- c:\windows\LOGI_MWX.EXE
2009-04-21 18:30 16,896 a------- c:\windows\system32\LMOUSE32.DLL
2009-04-21 18:30 14,092 a------- c:\windows\system32\drivers\LCCFLTR.SYS
2009-04-21 18:30 3,568 a------- c:\windows\system32\LMOUSE16.DLL
2009-04-21 18:27 <DIR> --d----- c:\windows\system32\Marvell
2009-04-21 18:11 <DIR> --d----- c:\program files\Uniblue
2009-04-21 18:11 <DIR> --d----- c:\docume~1\dan\applic~1\Uniblue
2009-04-21 18:11 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DriverScanner
2009-04-21 18:07 31,768 a------- c:\windows\system32\wucltui.dll.mui
2009-04-21 18:07 23,576 a------- c:\windows\system32\wuaucpl.cpl.mui
2009-04-21 18:07 23,576 a------- c:\windows\system32\wuapi.dll.mui
2009-04-21 18:07 18,456 a------- c:\windows\system32\wuaueng.dll.mui
2009-04-21 18:07 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2009-04-21 18:07 <DIR> --ds---- c:\documents and settings\dan\UserData
2009-04-21 18:06 <DIR> -cd-h--- c:\docume~1\alluse~1\applic~1\{148D8B8A-8F96-4822-81EC-D510B626B7D5}
2009-04-21 17:54 207,017 a------- c:\windows\system32\nvapps.xml
2009-04-21 17:54 19,021 a------- c:\windows\system32\nvdisp.nvu
2009-04-21 16:24 664 a------- c:\windows\system32\d3d9caps.dat
2009-04-21 16:24 552 a------- c:\windows\system32\d3d8caps.dat
2009-04-21 16:24 <DIR> --d----- c:\program files\SystemRequirementsLab
2009-04-21 16:22 <DIR> --d----- c:\program files\Mozilla Firefox 3.1 Beta 3
2009-04-21 04:13 453,152 a------- c:\windows\system32\nvudisp.exe
2009-04-21 04:13 <DIR> --d----- c:\windows\nview
2009-04-21 03:37 <DIR> --d----- c:\program files\NVIDIA Corporation
2009-04-21 03:37 <DIR> --d----- c:\program files\common files\NVIDIA Shared
2009-04-21 03:37 172,032 a------- c:\windows\system32\nvuaudio.exe
2009-04-21 03:37 3,787 a------- c:\windows\system32\nvaudio.nvu
2009-04-21 03:36 172,032 a------- c:\windows\system32\nvuide.exe
2009-04-21 03:36 464 a------- c:\windows\system32\nvide.nvu
2009-04-21 03:34 159,744 a------- c:\windows\system32\nvuenet.exe
2009-04-21 03:34 1,556 a------- c:\windows\system32\nvenet.nvu
2009-04-21 03:34 172,032 a------- c:\windows\system32\nvusmb.exe
2009-04-21 03:34 789 a------- c:\windows\system32\nvsmb.nvu
2009-04-21 03:34 453,152 a------- c:\windows\system32\NVUNINST.EXE
2009-04-21 03:34 172,032 a------- c:\windows\system32\nvumctl.exe
2009-04-21 03:34 1,217 a------- c:\windows\system32\nvmctl.nvu
2009-04-21 03:34 172,032 a------- c:\windows\system32\nvugart.exe
2009-04-21 03:34 2,124 a------- c:\windows\system32\nvgart.nvu
2009-04-21 03:34 <DIR> --d----- c:\windows\system32\ReinstallBackups
2009-04-21 03:30 <DIR> --d----- C:\NVIDIA
2009-04-21 03:24 306,688 a------- c:\windows\IsUninst.exe
2009-04-21 03:24 <DIR> --d----- c:\documents and settings\dan\WINDOWS
2009-04-21 02:57 <DIR> --d----- c:\windows\pss
2009-04-21 02:52 <DIR> --d----- c:\documents and settings\Dan
2009-04-21 02:51 <DIR> --ds---- c:\windows\system32\Microsoft
2009-04-21 02:51 8,192 a------- c:\windows\REGLOCS.OLD
2009-04-21 02:48 <DIR> --d----- c:\windows\system32\xircom
2009-04-21 02:47 2,577 a------- c:\windows\system32\CONFIG.NT
2009-04-21 02:47 0 a------- c:\windows\control.ini
2009-04-21 02:47 23,392 a------- c:\windows\system32\nscompat.tlb
2009-04-21 02:47 16,832 a------- c:\windows\system32\amcompat.tlb
2009-04-21 02:47 316,640 a------- c:\windows\WMSysPr9.prx
2009-04-21 02:46 <DIR> --dsh--- c:\documents and settings\all users\DRM
2009-04-21 02:46 488 a---hr-- c:\windows\system32\WindowsLogon.manifest
2009-04-21 02:46 <DIR> --ds---- c:\windows\Downloaded Program Files
2009-04-21 02:46 <DIR> --d--r-- c:\windows\Offline Web Pages
2009-04-21 02:46 749 a---hr-- c:\windows\system32\cdplayer.exe.manifest
2009-04-21 02:46 <DIR> --d-h--- c:\program files\WindowsUpdate
2009-04-21 02:46 4,399,505 ac------ c:\windows\system32\dllcache\nls302en.lex
2009-04-21 02:46 <DIR> --d----- c:\windows\system32\DirectX
2009-04-21 02:45 <DIR> --d----- c:\program files\common files\MSSoap
2009-04-21 02:44 <DIR> --d----- c:\program files\Online Services
2009-04-21 02:43 <DIR> --d----- c:\program files\Messenger
2009-04-21 02:43 <DIR> --d----- c:\program files\MSN Gaming Zone
2009-04-21 02:43 <DIR> --d----- c:\program files\Windows NT
2009-04-20 22:30 <DIR> --d----- c:\program files\common files\ODBC
2009-04-20 22:30 <DIR> --d----- c:\program files\common files\SpeechEngines
2009-04-20 22:30 <DIR> --d--r-- c:\documents and settings\all users\Documents

==================== Find3M ====================

2009-04-23 18:40 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2009-04-22 19:49 22,720 a------- c:\windows\system32\emptyregdb.dat
2009-03-16 14:18 517,448 a------- c:\windows\system32\XAudio2_4.dll
2009-03-16 14:18 235,352 a------- c:\windows\system32\xactengine3_4.dll
2009-03-16 14:18 69,448 a------- c:\windows\system32\XAPOFX1_3.dll
2009-03-16 14:18 22,360 a------- c:\windows\system32\X3DAudio1_6.dll
2009-03-09 15:27 4,178,264 a------- c:\windows\system32\D3DX9_41.dll
2009-03-09 15:27 1,846,632 a------- c:\windows\system32\D3DCompiler_41.dll
2009-03-09 15:27 453,456 a------- c:\windows\system32\d3dx10_41.dll

============= FINISH: 16:31:39.26 ===============

Attach.txt
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-03-16.01)

Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 4/22/2009 7:54:12 PM
System Uptime: 4/24/2009 10:52:49 AM (6 hours ago)

Motherboard: ASUSTeK Computer INC. | | A7N8X-E
Processor: AMD Sempron(tm) 2800+ | Socket A | 1996/166mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 37 GiB total, 19.93 GiB free.
D: is FIXED (NTFS) - 75 GiB total, 24.493 GiB free.
E: is CDROM (CDFS)

==== Disabled Device Manager Items =============

Class GUID: {4D36E969-E325-11CE-BFC1-08002BE10318}
Description: Standard floppy disk controller
Device ID: ACPI\PNP0700\3&13C0B0C5&0
Manufacturer: (Standard floppy disk controllers)
Name: Standard floppy disk controller
PNP Device ID: ACPI\PNP0700\3&13C0B0C5&0
Service: fdc

==== System Restore Points ===================

RP1: 4/22/2009 8:09:04 PM - System Checkpoint
RP2: 4/23/2009 3:52:53 PM - Installed Windows XP Service Pack 2.
RP3: 4/23/2009 6:08:14 PM - Installed DirectX
RP4: 4/23/2009 6:34:40 PM - Installed Windows XP Service Pack 3.
RP5: 4/24/2009 10:45:14 AM - ComboFix created restore point
RP6: 4/24/2009 10:51:17 AM - Installed ESET NOD32 Antivirus

==== Installed Programs ======================

µTorrent
Acrobat.com
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Reader 9.1
Advertising Center
Counter-Strike
DolbyFiles
ESET NOD32 Antivirus
getPlus(R) for Adobe
ImagXpress
Java(TM) 6 Update 13
K-Lite Codec Pack 4.7.5 (Standard)
Logitech MouseWare 9.80
Menu Templates - Starter Kit
Microsoft .NET Framework 2.0
Microsoft DirectX SDK (March 2009)
Microsoft Visual C++ 2005 Redistributable
Movie Templates - Starter Kit
Mozilla Firefox (3.1b3)
Nero 9
Nero BurningROM
Nero BurnRights
Nero ControlCenter
Nero CoverDesigner
Nero CoverDesigner Help
Nero Disc Copy Gadget
Nero Disc Copy Gadget Help
Nero DiscSpeed
Nero DriveSpeed
Nero Express
Nero Installer
Nero Recode
Nero Recode Help
Nero Rescue Agent
Nero RescueAgent Help
Nero StartSmart
Nero StartSmart Help
Nero WaveEditor
Nero WaveEditor Help
NeroBurningROM
NeroExpress
neroxml
NVIDIA Drivers
NvMixer
Steam
TVersity Codec Pack 1.2
TVersity Media Server 1.5 Beta
Uniblue DriverScanner 2009
WebFldrs XP
Windows XP Service Pack 3
WinRAR archiver

==== Event Viewer Messages From Past Week ========

4/24/2009 10:54:37 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Eset Nod32 Boot service to connect.
4/24/2009 10:54:37 AM, error: Service Control Manager [7000] - The Eset Nod32 Boot service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/23/2009 7:34:47 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:.
4/23/2009 6:35:11 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the service.
4/23/2009 6:34:41 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the avast! Antivirus service.
4/23/2009 2:51:31 PM, error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).
4/22/2009 7:54:25 PM, error: Setup [60055] - Windows Setup encountered non-fatal errors during installation. Please check the setuperr.log found in your Windows directory for more information.
4/22/2009 7:51:14 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service SENS with arguments " " in order to run the server: {D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E}
4/22/2009 5:29:49 PM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service wuauserv with arguments " " in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
4/22/2009 3:26:09 AM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: Aavmker4 AFD AmdK7 aswSP aswTdi Fips IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
4/22/2009 3:26:09 AM, error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error: A device attached to the system is not functioning.
4/22/2009 3:26:09 AM, error: Service Control Manager [7001] - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/22/2009 3:26:09 AM, error: Service Control Manager [7001] - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error: A device attached to the system is not functioning.
4/22/2009 3:26:09 AM, error: Service Control Manager [7001] - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error: A device attached to the system is not functioning.
4/22/2009 3:24:42 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments " " in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
4/22/2009 3:24:30 AM, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service netman with arguments " " in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
4/22/2009 3:22:51 AM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file wdmaud.drv. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.2180.
4/22/2009 12:10:39 PM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file wdmaud.sys. This file was restored to the original version to maintain system stability. The file version of the system file is 5.1.2600.2180.
4/22/2009 1:49:19 AM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 00112F18D01F has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
4/21/2009 7:39:27 PM, error: ipnathlp [32003] - The Network Address Translator (NAT) was unable to request an operation of the kernel-mode translation module. This may indicate misconfiguration, insufficient resources, or an internal error. The data is the error code.
4/21/2009 7:39:27 PM, error: Dhcp [1002] - The IP address lease 192.168.1.102 for the Network Card with network address 00112F18D01F has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
4/21/2009 6:11:33 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC80.CRT. Reference error message: The referenced assembly is not installed on your system. .
4/21/2009 6:11:33 PM, error: SideBySide [59] - Generate Activation Context failed for C:\DOCUME~1\Dan\LOCALS~1\Temp\mia1\InstallerExtensions.dll. Reference error message: The operation completed successfully. .
4/21/2009 6:11:33 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
4/21/2009 3:37:08 AM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file ks.sys. This file was restored to the original version to maintain system stability. The file version of the system file is 5.3.2600.2180.
4/21/2009 3:37:06 AM, information: Windows File Protection [64002] - File replacement was attempted on the protected system file stream.sys. This file was restored to the original version to maintain system stability. The file version of the system file is 5.3.2600.2180.

==== End Of File ===========================

Please note I have uninstalled Avast! via add/remove - and yes I realize the danges of P2P programs and networks

 

I'm going to repost when I get home from work.