Tech Samm told me to log for help here with removing the trojan virus VBBOT - B.
I will copy the Hijack this file on here for your reference. Please my old man is p**sing me off atm so I really need this sorted out asap.
Cheers
Cobain
Logfile of HijackThis v1.99.1
Scan saved at 6:11:41 PM, on 5/06/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\tcpcheck.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG6\avgcc32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\udpcheck.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\User\Desktop\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.qfind.net/search.php?qq=%s
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.qfind.net/search.php?qq=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.qfind.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://www.qfind.net/search.php?qq=%s
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.qfind.net/search.php?qq=%s
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://www.qfind.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by OptusNet
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [AVG_CC] C:\Program Files\Grisoft\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [tcp checker] tcpcheck.exe
O4 - HKLM\..\RunServices: [tcp checker] tcpcheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [tcp checker] tcpcheck.exe
O4 - HKCU\..\RunServices: [tcp checker] tcpcheck.exe
O8 - Extra context menu item: &Search - http://bar.mywebsear...?p=ZNxdm88544AU
O8 - Extra context menu item: Add banner url(s) to AdsCleaner - C:\Program Files\AdsCleaner Trial\System\Scripts\off_banner.htm
O8 - Extra context menu item: Add selected links to Link Container - C:\Program Files\AdsCleaner Trial\System\Scripts\off_collector_sel.htm
O8 - Extra context menu item: Bookmark all links in AdsCleaner - C:\Program Files\AdsCleaner Trial\System\Scripts\off_all.htm
O8 - Extra context menu item: Bookmark selected link(s) in AdsCleaner - C:\Program Files\AdsCleaner Trial\System\Scripts\off_sel.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Open all links in new windows - C:\Program Files\AdsCleaner Trial\System\Scripts\off_open_all.htm
O8 - Extra context menu item: Open selected link(s) in new windows - C:\Program Files\AdsCleaner Trial\System\Scripts\off_open_sel.htm
O8 - Extra context menu item: Say to AdsCleaner Team about banner - C:\Program Files\AdsCleaner Trial\System\Scripts\off_report_ad.htm
O8 - Extra context menu item: Show domain links - C:\Program Files\AdsCleaner Trial\System\Scripts\off_domain_links.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.optusnet.com.au
O16 - DPF: ConferenceRoom Java Client - http://chat.bigpond.com/java/cr.cab
O16 - DPF: Yahoo! Pool 2 - http://download.game...ts/y/pote_x.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windup...e/bridge-c8.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zon...er.cab28177.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downlo...thv32_EN_XP.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.co...ad/MsnPUpld.cab
O16 - DPF: {6AA93DF6-6757-4338-9087-F7601DE18402} - http://akamai.downlo...ICE_1040_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zon...nt.cab28177.cab
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - http://akamai.downlo...ice_4_EN_XP.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) - http://sc.groups.msn...UC/MsnPUpld.cab
O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downlo...tpe32_EN_XP.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zon...wn.cab28578.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4139BB73-A965-45AD-BC85-B66955975F96}: NameServer = 203.2.75.132 198.142.0.51
O23 - Service: AVG6 Service (AvgServ) - GRISOFT s.r.o - C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Srv32 - Unknown owner - C:\WINDOWS\system32\srv32.exe (file missing)
O23 - Service: TCPIP Managing Service (TCPIPManagingService) - Brought to you by the Bandwidth Bandits - C:\WINDOWS\SYSTEM32\tcpcheck.exe