Virus Problem Help!!

[computerkid]

It started w/ me not being able to do anything. I downloaded AVG anti virus and ran a scan and then also ran scans from spybot S&D and Ad-Aware SE personal and then it started to act normal after finding about 7 trojan viruses, now when i go to any login page (i.e msn.com(to get into e-mail)) there is a blank page. also nothing happens when i try to click help and support off the start button for microsoft XP (help/support center thing) or when i click the search (system search) nothing but the frame and the dog show up. but other than that eveything is working fine. here is my HJT log and if you find any problems please reply thanks.

 

[howard_hopkinso]

Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html

Go to add remove programmes in your control panel. uninstall anything to do with(if there).

AWS\WEATHE~1

Close control panel.

Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

Click on the processes tab and end process for(if there).

Weather.exe
taskdir.exe

Close task manager.

Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

R3 - Default URLSearchHook is missing

O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\system32\taskdir.exe

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)

Fix all 016-DPF entries.

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files(if there).

C:\PROGRA~1\AWS\WEATHE~1\Weather.exe
C:\WINDOWS\system32\taskdir.exe

Reboot into normal mode and turn system restore back on.

Regards Howard

 

[computerkid]

ok thanks I did everything you asked but When I open up the search window it is still blank with just the window and the dog...and when I go to sign in hotmail the page still shows up blank?? I dont know what is wrong here is another HJT log will someone please takea look and see if there is something else that I am missing here thanks..

 

[howard_hopkinso]

Have HJT fix these.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://yahoo.sbc.com/dsl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/cus.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.sbc.com/dsl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/cus...//www.yahoo.com

O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\PROGRA~1\AWS\WEATHE~1\Weather.exe (file missing) (HKCU)

You will then need to set a new home page in IE.

If you need to post another HJT log. Please make sure it is as an attachment, as per these instructions HERE.

Regards Howard