yahoo messenger virus?

Hi, i accidentally clicked a link on yahoo messenger yesterday that send me to this website thecoolpics.net/ and bitsourceinteractive.com/portal/media/index.php and since then:
1) other people on my messenger list has been receiving y.m. messages from me with those links, i.e. "the page cannot be displayed thec%6folpics.net/error.jpg Something was wrong !!! Check it again and tell me later. THanks"
2) my y.m. status has changed to:
the page cannot be displayed thec%6folpics.net/error.jpg Something was wrong !!! Check it again and tell me later. THanks
screenshot of new windows
etc. etc.
3) my homepage changed by itself to
thecoolpics.net/
which links to bitsourceinteractive.com/portal/media/index.php
or the other way around (it's a porn page)
and upon openning internet tools, i can't change to a different homepage as the option to change homepage is not available.

This is still happening although i've downloaded and run AVG and Search & Destroy and Ad-Aware

Additionally, after running Pandaware anti-virus, it cleaned a bunch of viruses but said that it cannot clean hijacker.agent.a, and that my registry is unaccessible by the administrator. I actually don't know if the hijacker.agent.a is responsible for the y.m. mess.

HELP!!!!

Thanks

 

Application.JS.ForcePopup.D virus removal?

Hi, I ran Bullguard and it removed all viruses except this one:

Application.JS.ForcePopup.D virus

How do I remove it and could it be responsible for changing my YM Status and changing my internet homepage to a porn site (and I can't change back)?

Thanks!

-Jeo

 

Hi, am attempting to finish everthing on " READ & RUN ME FIRST Before Asking for Support" but have run into a problem.

Can't seem to run msconfig to check if it is controlling startups, since (this may probably sound really stupid) I seem to have lost "Run" on my computer.

I know where it's supposed to be, but I can't find it now!
I clicked Run, and there is no "run" below Help and support and Search.
Am I just blind or something? what else can I do?

-Jeo

 

Hi Halo,

Thanks so much for all your help.

While waiting for your reply, my husband decided to skip msconfig.

We had a resident trial version of Bullguard running and it kept blocking the creation of an Object1.exe and Object2.exe which originated from iexplore.exe (supposedly from the worm) when their "bad" website launched as the default home page. Bullguard blocked and documented this repeatedly, So he had the idea that the default bad home page had to be stopped first.

Since IE6 options page had the set home page option grayed out (option disabled), we decided to use the button under Internet Options>Programs>Reset Web settings built into IE. That reset the default to www.msn.com. It reset the homepage but the set home page option was still disabled.

Then we booted in Safe Mode with Networking as you suggested. We ran CCleaner, then Spybot S&D. Spybot fixed the bad registries that mutated Windows explorer, Internet Explorer and Windows.

Then we ran Bullguard again and it cleaned out the xxxx.exe programs the worm creates using our files (with xxxx as the basename). Then we disabled System Restore and rebooted.

We ran bullguard again, and it found another set of xxxx.exe files again plus a bad system restore file which was infected with the worm.

After bullguard and spybot cleaned those out, we rebooted and things seem to have returned to normal. I got my "Run" back, and can log on to yahoo messenger again, and bullguard wasn't blocking multitudeds of .exe files. We are also now able to reset out homepage (not disabled anymore).

So far so good, a second scan with bullguard after a reboot found nothing.

We're running bullguard and spybot again overnight, just to check again. We're asking friends to report if they received spam from us with exe attachments and ask them not to open any exe attachments from us.

I didn't find any logs from spybot, and the logs that are still recorded in Bullguard only recorded the logs from the last 4 scans we ran which were all clean. I'll attach the logs from bullguard and spybot and cclean as soon as I find it.

Again, thanks so much for all the help!

-jeo

P.S. Bullguard and Spybot wasn't able to restore the Set Home Page option. My husband downloaded a VBscript from Doug Knox www.dougknox.com that restores this back to the original state.