good thing i came here as i see many have this issue

so i did download combofix and here is the report

should i follow the same steps at other threads or just wait?

ComboFix 08-05-28.8 - Sinbad 2008-05-29 18:34:18.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1524 [GMT 3:00]
Running from: C:\Documents and Settings\Sinbad\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BMf3dcbdb3.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\cbuhltmr.dll
C:\WINDOWS\system32\dkcptjgr.ini
C:\WINDOWS\system32\hbmevdrl.ini
C:\WINDOWS\system32\hufixtcp.dll
C:\WINDOWS\system32\jhqlgbft.ini
C:\WINDOWS\system32\kwjsvbic.ini
C:\WINDOWS\system32\leleaatu.dll
C:\WINDOWS\system32\ljJDUnLC.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\qhrghtyp.dll
C:\WINDOWS\system32\sbhmjoom.dll
C:\WINDOWS\system32\slmqxyvr.dll
C:\WINDOWS\system32\sswcyxie.dll
C:\WINDOWS\system32\tnqtihfv.dll
C:\WINDOWS\system32\uFehknpo.ini
C:\WINDOWS\system32\uFehknpo.ini2
C:\WINDOWS\system32\uplylimn.ini
C:\WINDOWS\system32\vfhitqnt.ini
C:\WINDOWS\system32\wcpcvubx.dll
C:\WINDOWS\system32\xaopcdwv.dll

.
((((((((((((((((((((((((( Files Created from 2008-04-28 to 2008-05-29 )))))))))))))))))))))))))))))))
.

2008-05-29 16:33 . 2008-05-29 16:33 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-05-29 16:33 . 2008-05-29 17:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-27 21:49 . 2008-05-27 21:49 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-26 22:54 . 2008-05-26 22:54 <DIR> d-------- C:\Program Files\Lavasoft
2008-05-26 22:54 . 2008-05-27 22:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-26 11:58 . 2008-05-26 11:58 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-05-23 13:11 . 2008-05-23 13:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-22 14:23 . 2008-05-22 14:23 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-05-19 17:57 . 2008-05-23 12:46 <DIR> d-------- C:\Program Files\vPlug Files Center
2008-05-19 17:53 . 2008-05-19 17:53 0 --a------ C:\WINDOWS\graphedit.INI
2008-05-19 17:33 . 2008-05-19 17:50 <DIR> d-------- C:\dvbdream
2008-05-16 20:21 . 2008-05-16 20:21 <DIR> d-------- C:\WINDOWS\nvidia icons
2008-05-12 17:09 . 2008-05-29 11:09 <DIR> d--h----- C:\$AVG8.VAULT$
2008-05-10 18:37 . 2008-05-10 18:37 <DIR> dr-h----- C:\Documents and Settings\Sinbad\Application Data\SecuROM
2008-05-10 18:37 . 2008-05-10 18:37 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-05-03 16:28 . 2008-05-03 16:28 <DIR> d-------- C:\Program Files\Stardock
2008-05-03 16:28 . 2008-05-03 16:28 <DIR> d-------- C:\Program Files\Common Files\Stardock
2008-05-03 16:00 . 2008-05-04 15:24 <DIR> d-------- C:\Program Files\Google
2008-05-02 21:08 . 2008-05-29 09:33 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-02 21:08 . 2008-05-02 21:08 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-02 21:08 . 2008-05-02 21:08 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-05-02 21:08 . 2008-05-02 21:08 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-05-02 21:07 . 2008-05-02 21:07 <DIR> d-------- C:\Program Files\AVG
2008-05-02 21:07 . 2008-05-02 21:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-02 10:58 . 2008-05-02 10:58 <DIR> d-------- C:\Program Files\CCleaner
2008-04-30 03:58 . 2008-04-30 03:58 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-29 11:58 --------- d-----w C:\Program Files\FlashGet
2008-05-27 19:31 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-05-26 17:43 --------- d-----w C:\Program Files\Advanced System Optimizer
2008-05-18 11:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-05-12 18:05 --------- d-----w C:\Documents and Settings\Sinbad\Application Data\Xfire
2008-05-12 17:28 --------- d-----w C:\Program Files\Xfire
2008-05-11 15:11 --------- d-----w C:\Documents and Settings\Sinbad\Application Data\LimeWire
2008-05-10 09:46 --------- d-----w C:\Program Files\Winamp
2008-05-02 19:46 6,554,496 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
2008-04-30 17:57 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-25 09:20 --------- d-----w C:\Program Files\BuddyCheck
2008-04-23 12:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ubisoft
2008-04-21 16:19 35,131 ----a-w C:\Program Files\PICT0460.jpg
2008-04-19 18:13 --------- d-----w C:\Program Files\WMV9_VCM
2008-04-10 09:47 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-04-08 15:00 --------- d-----w C:\Program Files\Java
2008-04-04 16:58 --------- d-----w C:\Program Files\PQDVD
2008-04-01 12:31 --------- d-----w C:\Documents and Settings\Sinbad\Application Data\Command & Conquer 3 Kane's Wrath
2008-04-01 12:19 --------- d-----w C:\Program Files\SCC-TDS
2008-03-30 16:43 --------- d-----w C:\Documents and Settings\Sinbad\Application Data\Nuotex
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{687436DD-201E-4305-B4F2-D528588D9E08}]
C:\WINDOWS\system32\opnkheFu.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-02 22:46 13529088]
"nwiz"="nwiz.exe" [2008-05-02 22:46 1630208 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 12:21 16270848 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 13:04 2879488 C:\WINDOWS\SkyTel.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-29 18:21 185896]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-02 21:07 1177368]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-02 22:46 86016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 02:56 15360]

C:\Documents and Settings\Sinbad\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2008-05-03 16:28:01 3444008]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Server4PC.lnk - C:\Program Files\TechniSat DVB\bin\Server4PC.exe [2008-01-06 18:46:41 328968]
Sonic CinePlayer Quick Launch.lnk - C:\Program Files\Common Files\Sonic Shared\cinetray.exe [2002-09-18 14:16:30 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"E:\\Games\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\DVBViewerTE\\ts_winlirc.exe"=
"C:\\Program Files\\SCC-TDS\\Command & Conquer 3 - Tiberium Wars\\RetailExe\\1.8\\cnc3game.dat"=
"E:\\Games\\Universe At War Earth Assault\\UAWEA.exe"=
"F:\\Games\\THQ\\Dawn of War - Soulstorm\\Soulstorm.exe"=
"D:\\Games\\Wizet\\Maplestory\\Patcher.exe"=
"D:\\Games\\Wizet\\Maplestory\\MapleStory.exe"=
"E:\\Games\\SACC-Sniper Wolf\\Tom Clancy's Rainbow Six Vegas 2\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"=
"E:\\Games\\SACC-Sniper Wolf\\Tom Clancy's Rainbow Six Vegas 2\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\RainbowSixVegas2_SADS.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-02 21:08]
R1 Cinemsup;Cinemsup;C:\WINDOWS\system32\drivers\cinemsup.sys [2002-07-19 08:10]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-05-02 21:07]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-02 21:07]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-02 21:08]
R3 SKYNET;TechniSat DVB-PC TV Star PCI;C:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2007-10-01 20:54]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de2b67da-ec2c-11dc-a9ee-00d0d7152d87}]
\Shell\AutoRun\command - H:\launcher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0bba3cf-22bc-11dd-aa8e-00d0d7152d87}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Sys.exe

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-29 18:37:45
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Completion time: 2008-05-29 18:40:22 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-29 15:40:19

Pre-Run: 3,335,565,312 bytes free
Post-Run: 3,254,067,200 bytes free

168 --- E O F --- 2008-05-17 07:18:37

good thing i came here as i see many have this issue

so i did download combofix and here is the report

should i follow the same steps at other threads or just wait?

ComboFix 08-05-28.8 - Sinbad 2008-05-29 18:34:18.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1524 [GMT 3:00]
Running from: C:\Documents and Settings\Sinbad\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BMf3dcbdb3.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\cbuhltmr.dll
C:\WINDOWS\system32\dkcptjgr.ini
C:\WINDOWS\system32\hbmevdrl.ini
C:\WINDOWS\system32\hufixtcp.dll
C:\WINDOWS\system32\jhqlgbft.ini
C:\WINDOWS\system32\kwjsvbic.ini
C:\WINDOWS\system32\leleaatu.dll
C:\WINDOWS\system32\ljJDUnLC.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\qhrghtyp.dll
C:\WINDOWS\system32\sbhmjoom.dll
C:\WINDOWS\system32\slmqxyvr.dll
C:\WINDOWS\system32\sswcyxie.dll
C:\WINDOWS\system32\tnqtihfv.dll
C:\WINDOWS\system32\uFehknpo.ini
C:\WINDOWS\system32\uFehknpo.ini2
C:\WINDOWS\system32\uplylimn.ini
C:\WINDOWS\system32\vfhitqnt.ini
C:\WINDOWS\system32\wcpcvubx.dll
C:\WINDOWS\system32\xaopcdwv.dll

.
((((((((((((((((((((((((( Files Created from 2008-04-28 to 2008-05-29 )))))))))))))))))))))))))))))))
.

2008-05-29 16:33 . 2008-05-29 16:33 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2008-05-29 16:33 . 2008-05-29 17:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-27 21:49 . 2008-05-27 21:49 <DIR> d-------- C:\Documents and Settings\Administrator
2008-05-26 22:54 . 2008-05-26 22:54 <DIR> d-------- C:\Program Files\Lavasoft
2008-05-26 22:54 . 2008-05-27 22:31 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-05-26 11:58 . 2008-05-26 11:58 230 --a------ C:\WINDOWS\system32\spupdsvc.inf
2008-05-23 13:11 . 2008-05-23 13:12 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-22 14:23 . 2008-05-22 14:23 <DIR> d-------- C:\Program Files\Common Files\Adobe
2008-05-19 17:57 . 2008-05-23 12:46 <DIR> d-------- C:\Program Files\vPlug Files Center
2008-05-19 17:53 . 2008-05-19 17:53 0 --a------ C:\WINDOWS\graphedit.INI
2008-05-19 17:33 . 2008-05-19 17:50 <DIR> d-------- C:\dvbdream
2008-05-16 20:21 . 2008-05-16 20:21 <DIR> d-------- C:\WINDOWS\nvidia icons
2008-05-12 17:09 . 2008-05-29 11:09 <DIR> d--h----- C:\$AVG8.VAULT$
2008-05-10 18:37 . 2008-05-10 18:37 <DIR> dr-h----- C:\Documents and Settings\Sinbad\Application Data\SecuROM
2008-05-10 18:37 . 2008-05-10 18:37 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-05-03 16:28 . 2008-05-03 16:28 <DIR> d-------- C:\Program Files\Stardock
2008-05-03 16:28 . 2008-05-03 16:28 <DIR> d-------- C:\Program Files\Common Files\Stardock
2008-05-03 16:00 . 2008-05-04 15:24 <DIR> d-------- C:\Program Files\Google
2008-05-02 21:08 . 2008-05-29 09:33 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-05-02 21:08 . 2008-05-02 21:08 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-05-02 21:08 . 2008-05-02 21:08 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-05-02 21:08 . 2008-05-02 21:08 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-05-02 21:07 . 2008-05-02 21:07 <DIR> d-------- C:\Program Files\AVG
2008-05-02 21:07 . 2008-05-02 21:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-05-02 10:58 . 2008-05-02 10:58 <DIR> d-------- C:\Program Files\CCleaner
2008-04-30 03:58 . 2008-04-30 03:58 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-29 11:58 --------- d-----w C:\Program Files\FlashGet
2008-05-27 19:31 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-05-26 17:43 --------- d-----w C:\Program Files\Advanced System Optimizer
2008-05-18 11:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-05-12 18:05 --------- d-----w C:\Documents and Settings\Sinbad\Application Data\Xfire
2008-05-12 17:28 --------- d-----w C:\Program Files\Xfire
2008-05-11 15:11 --------- d-----w C:\Documents and Settings\Sinbad\Application Data\LimeWire
2008-05-10 09:46 --------- d-----w C:\Program Files\Winamp
2008-05-02 19:46 6,554,496 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
2008-04-30 17:57 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-25 09:20 --------- d-----w C:\Program Files\BuddyCheck
2008-04-23 12:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ubisoft
2008-04-21 16:19 35,131 ----a-w C:\Program Files\PICT0460.jpg
2008-04-19 18:13 --------- d-----w C:\Program Files\WMV9_VCM
2008-04-10 09:47 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-04-08 15:00 --------- d-----w C:\Program Files\Java
2008-04-04 16:58 --------- d-----w C:\Program Files\PQDVD
2008-04-01 12:31 --------- d-----w C:\Documents and Settings\Sinbad\Application Data\Command & Conquer 3 Kane's Wrath
2008-04-01 12:19 --------- d-----w C:\Program Files\SCC-TDS
2008-03-30 16:43 --------- d-----w C:\Documents and Settings\Sinbad\Application Data\Nuotex
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{687436DD-201E-4305-B4F2-D528588D9E08}]
C:\WINDOWS\system32\opnkheFu.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 02:56 15360]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-02 22:46 13529088]
"nwiz"="nwiz.exe" [2008-05-02 22:46 1630208 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-11-14 12:21 16270848 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 13:04 2879488 C:\WINDOWS\SkyTel.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-29 18:21 185896]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-05-02 21:07 1177368]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-05-02 22:46 86016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 02:56 15360]

C:\Documents and Settings\Sinbad\Start Menu\Programs\Startup\
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2008-05-03 16:28:01 3444008]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Server4PC.lnk - C:\Program Files\TechniSat DVB\bin\Server4PC.exe [2008-01-06 18:46:41 328968]
Sonic CinePlayer Quick Launch.lnk - C:\Program Files\Common Files\Sonic Shared\cinetray.exe [2002-09-18 14:16:30 98304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
"VIDC.XFR1"= xfcodec.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"E:\\Games\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Program Files\\FlashGet\\flashget.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\DVBViewerTE\\ts_winlirc.exe"=
"C:\\Program Files\\SCC-TDS\\Command & Conquer 3 - Tiberium Wars\\RetailExe\\1.8\\cnc3game.dat"=
"E:\\Games\\Universe At War Earth Assault\\UAWEA.exe"=
"F:\\Games\\THQ\\Dawn of War - Soulstorm\\Soulstorm.exe"=
"D:\\Games\\Wizet\\Maplestory\\Patcher.exe"=
"D:\\Games\\Wizet\\Maplestory\\MapleStory.exe"=
"E:\\Games\\SACC-Sniper Wolf\\Tom Clancy's Rainbow Six Vegas 2\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"=
"E:\\Games\\SACC-Sniper Wolf\\Tom Clancy's Rainbow Six Vegas 2\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\RainbowSixVegas2_SADS.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-05-02 21:08]
R1 Cinemsup;Cinemsup;C:\WINDOWS\system32\drivers\cinemsup.sys [2002-07-19 08:10]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-05-02 21:07]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-05-02 21:07]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-05-02 21:08]
R3 SKYNET;TechniSat DVB-PC TV Star PCI;C:\WINDOWS\system32\DRIVERS\SkyNET.SYS [2007-10-01 20:54]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{de2b67da-ec2c-11dc-a9ee-00d0d7152d87}]
\Shell\AutoRun\command - H:\launcher.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e0bba3cf-22bc-11dd-aa8e-00d0d7152d87}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Sys.exe

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-29 18:37:45
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
.
**************************************************************************
.
Completion time: 2008-05-29 18:40:22 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-29 15:40:19

Pre-Run: 3,335,565,312 bytes free
Post-Run: 3,254,067,200 bytes free

168 --- E O F --- 2008-05-17 07:18:37





also here is the report from hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:09:10 PM, on 5/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\Common Files\Sonic Shared\cinetray.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG8\avgrsx.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://downloads.yahoo.com/internetexplorer/welcome.php
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {687436DD-201E-4305-B4F2-D528588D9E08} - C:\WINDOWS\system32\opnkheFu.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O4 - Global Startup: Sonic CinePlayer Quick Launch.lnk = C:\Program Files\Common Files\Sonic Shared\cinetray.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6342 bytes




Ive had an error during it but it was done anyway and i didn't fix anything or press analyze it

i think i messed up since i ran the combo fix before the hijack this :oops::oops:

I have to add now computer runs smoothly like the good old days :eek::eek:

i thought i have to do more stuff o.O

Anyway thanks a lot spybot team for all the help u r offering to us :bigthumb::bigthumb:

Hi


Please uninstall Spybot for now to make sure TeaTimer won't interfere fixing. You may reinstall it after system is clean.



Open notepad and copy/paste the text in the quotebox below into it:



Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{687436DD-201E-4305-B4F2-D528588D9E08}]



Save this as
CFScript


http://users.pandora.be/bluepatchy/miekiemoes/images/CFScript.gif

Refering to the picture above, drag CFScript into ComboFix.exe
Then post the resultant log.


Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.


Download ATF (Atribune Temp File) Cleaner© by Atribune (http://www.atribune.org/ccount/click.php?id=1) to your desktop.

Double-click ATF Cleaner.exe to open it

Under Main choose:
Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
*The other boxes are optional*
Then click the Empty Selected button.

If you use Firefox:
Click Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

If you use Opera:
Click Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click NO at the prompt.

Click Exit on the Main menu to close the program.


Please run an online scan with Kaspersky Online Scanner (http://www.kaspersky.com/virusscanner). You will be prompted to install an ActiveX component from Kaspersky, click Yes.
The program will launch and start to download the latest definition files.
Once the scanner is installed and the definitions downloaded, click Next.
Now click on Scan Settings and select the following:
Scan using the following Anti-Virus database:
Extended (If available, otherwise Standard)
Scan Options:
Scan Archives
Scan Mail Bases
Click OK.
Under
select a target to scan
, select My Computer.
The scan will take a while so be patient and let it run. As it scans your machine very deeply it could take hours to complete, Kaspersky suggests running it during a time of low activity.Once the scan is complete:
Click on the Save as Text button.
Save the file to your desktop.
Copy and paste that information into your next post if the AV content will fit into one post only. Post a fresh hjt log (without forgetting above meantioned ComboFix resultant log) too.
If the results of the anti virus scan itself will take more than one post to contain, you may upload it to http://rapidshare.com


Note for Internet Explorer 7 users: If at any time you have trouble with the Accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.

If having a problme doing the above

Make sure that your Internet security settings are set to default values.

To set default security settings for Internet Explorer:

* Open Internet Explorer.
* Go to the Tools menu, then choose Internet Options.
* Click on the Security tab.
* Make sure that all four item (Internet, Local intranet, Trusted sites, and Restricted sites) are set to their default settings.

Due to inactivity, this thread will now be closed.

Note:If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than five days since your last response and you need the thread re-opened, please send me or your helper a private message (pm). A valid, working link to the closed topic is required.