Alright, this is the son that she was talking about and this is the log:
Logfile of HijackThis v1.97.7
Scan saved at 11:45:10 PM, on 4/7/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Mixer.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\svchost.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL =
http://freednshost.info/page/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://freednshost.info/page/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://freednshost.info/page/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://freednshost.info/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://freednshost.info/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://freednshost.info/page/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://213.159.118.226/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://213.159.118.226/sp.php
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL =
http://freednshost.info/page/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://freednshost.info/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://freednshost.info/page/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://freednshost.info/page/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://freednshost.info/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://freednshost.info/page/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://213.159.118.226/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://search.yahoo.com/search?p=%s
R3 - Default URLSearchHook is missing
O1 - Hosts: 213.159.118.226 1-se.com
O1 - Hosts: 213.159.118.226 58q.com
O1 - Hosts: 213.159.118.226 aifind.cc
O1 - Hosts: 213.159.118.226 aifind.info
O1 - Hosts: 213.159.118.226 allneedsearch.com
O1 - Hosts: 213.159.118.226 approvedlinks.com
O1 - Hosts: 213.159.118.226 auto.ie.searchforge.com
O1 - Hosts: 213.159.118.226 awebfind.biz
O1 - Hosts: 213.159.118.226 best.royalsearch.net
O1 - Hosts: 213.159.118.226 cracks.am
O1 - Hosts: 213.159.118.226 default-homepage-network.com
O1 - Hosts: 213.159.118.226 find.microgirls.com
O1 - Hosts: 213.159.118.226 find4u.net
O1 - Hosts: 213.159.118.226 freshvideogals.com
O1 - Hosts: 213.159.118.226 i-lookup.com
O1 - Hosts: 213.159.118.226 ie-search.com
O1 - Hosts: 213.159.118.226 in.webcounter.cc
O1 - Hosts: 213.159.118.226 itseasy.us
O1 - Hosts: 213.159.118.226 just.find-itnow.com
O1 - Hosts: 213.159.118.226 link.startmake.com
O1 - Hosts: 213.159.118.226 mysearchnow.com
O1 - Hosts: 213.159.118.226 nativehardcore.com
O1 - Hosts: 213.159.118.226 qwertysearch123.biz
O1 - Hosts: 213.159.118.226 search.ieplugin.com
O1 - Hosts: 213.159.118.226 search.psn.cn
O1 - Hosts: 213.159.118.226 searchbar.findthewebsiteyouneed.com
O1 - Hosts: 213.159.118.226 searchcentrix.com
O1 - Hosts: 213.159.118.226 searchmyrequest.com
O1 - Hosts: 213.159.118.226 super-spider.com
O1 - Hosts: 213.159.118.226 t.rack.cc
O1 - Hosts: 213.159.118.226 teen-biz.com
O1 - Hosts: 213.159.118.226 teenhqpics.com
O1 - Hosts: 213.159.118.226 tits.hardcore4ever.net
O1 - Hosts: 213.159.118.226 webcoolsearch.com
O1 - Hosts: 213.159.118.226 wmmse.com
O1 - Hosts: 213.159.118.226
www.008i.com
O1 - Hosts: 213.159.118.226
www.2fastsearch.net
O1 - Hosts: 213.159.118.226
www.8095.com
O1 - Hosts: 213.159.118.226
www.alfa-search.com
O1 - Hosts: 213.159.118.226
www.boredlife.com
O1 - Hosts: 213.159.118.226
www.couldnotfind.com
O1 - Hosts: 213.159.118.226
www.cracks.am
O1 - Hosts: 213.159.118.226
www.daum.net
O1 - Hosts: 213.159.118.226
www.dreamwiz.com
O1 - Hosts: 213.159.118.226
www.find-itnow.com
O1 - Hosts: 213.159.118.226
www.find-itnow.com
O1 - Hosts: 213.159.118.226
www.find4u.net
O1 - Hosts: 213.159.118.226
www.firstbookmark.com
O1 - Hosts: 213.159.118.226
www.gajai.com
O1 - Hosts: 213.159.118.226
www.hand-book.com
O1 - Hosts: 213.159.118.226
www.hao123.com
O1 - Hosts: 213.159.118.226
www.hotsearchbox.com
O1 - Hosts: 213.159.118.226
www.hotwebsearch.com
O1 - Hosts: 213.159.118.226
www.hugesearch.net
O1 - Hosts: 213.159.118.226
www.iquicksearch.com
O1 - Hosts: 213.159.118.226
www.lookfor.cc
O1 - Hosts: 213.159.118.226
www.maxxxhosters.com
O1 - Hosts: 213.159.118.226
www.naver.com
O1 - Hosts: 213.159.118.226
www.nkvd.us
O1 - Hosts: 213.159.118.226
www.nova****.com
O1 - Hosts: 213.159.118.226
www.ohcorea.com
O1 - Hosts: 213.159.118.226
www.omega-search.com
O1 - Hosts: 213.159.118.226
www.onet.pl
O1 - Hosts: 213.159.118.226
www.power-search.info
O1 - Hosts: 213.159.118.226
www.rightfinder.net
O1 - Hosts: 213.159.118.226
www.search-1.net
O1 - Hosts: 213.159.118.226
www.search-and-go.com
O1 - Hosts: 213.159.118.226
www.search-dot.com
O1 - Hosts: 213.159.118.226
www.search-space.com
O1 - Hosts: 213.159.118.226
www.searchforge.com
O1 - Hosts: 213.159.118.226
www.searching-the-net.com
O1 - Hosts: 213.159.118.226
www.searchv.com
O1 - Hosts: 213.159.118.226
www.searchxl.com
O1 - Hosts: 213.159.118.226
www.seznam.cz
O1 - Hosts: 213.159.118.226
www.slotch.com
O1 - Hosts: 213.159.118.226
www.spidersearch.com
O1 - Hosts: 213.159.118.226
www.startium.com
O1 - Hosts: 213.159.118.226
www.therealsearch.com
O1 - Hosts: 213.159.118.226
www.ttjj.com
O1 - Hosts: 213.159.118.226
www.viewpornkey.com
O1 - Hosts: 213.159.118.226
www.wazzupnet.com
O1 - Hosts: 213.159.118.226
www.websearch.com
O1 - Hosts: 213.159.118.226
www.windowws.cc
O1 - Hosts: 213.159.118.226
www.xgmm.com
O1 - Hosts: 213.159.118.226 xwebsearch.biz
O1 - Hosts: 213.159.118.226 yourbookmarks.ws
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_3_12_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe
O4 - HKLM\..\Run: [KBD MediaCenter] C:\Progra~1\Medias~1\Airboa~1\MediaCtr.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSVersion] C:\WINDOWS\System32\internetfeatures.exe
O4 - HKLM\..\Run: [Network Service] C:\WINDOWS\svchost.exe -sr -1
O4 - HKLM\..\Run: [Zone Labs Client] C:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKCU\..\Run: [ATI Remote Control] C:\Program Files\ATI Multimedia\RemCtrl\ATIX10.exe
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\LaunchPd.exe"
O4 - HKCU\..\Run: [Network Service] C:\WINDOWS\svchost.exe -sr -1
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Debt Solutions -
http://213.159.118.226/tools.php?qq=Debt+Solutions
O8 - Extra context menu item: Party Poker -
http://213.159.118.226/tools.php?qq=Party+Poker
O8 - Extra context menu item: Party Poker.com -
http://213.159.118.226/tools.php?qq=Party+Poker.com
O9 - Extra 'Tools' menuitem: Party Poker.com (HKLM)
O9 - Extra 'Tools' menuitem: Party Poker (HKLM)
O9 - Extra button: ATI TV (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: AIM (HKLM)
O9 - Extra 'Tools' menuitem: Debt Solutions (HKLM)
O13 - DefaultPrefix:
http://freednshost.info/page/
O13 - WWW Prefix:
http://freednshost.info/page/
O16 - DPF: Yahoo! Chat -
http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) -
http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
http://us.games2.yimg.com/download.games.yahoo.com/games/play/client/exentctl_0_0_0_1.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37862.6879282407
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF99BD32-C1FB-11D2-892F-0090271D4F88} (Yahoo! Companion) -
http://us.dl1.yimg.com/download.companion.yahoo.com/dl/toolbar/yiebio5_1_6_0.cab
O19 - User stylesheet: C:\WINDOWS\system32\d1.pwv
btw, i only got the hijack this program yesterday, so most of the stuff on that I never heard of. Please help, this thing is getting on my nerves.
EDIT:That thing that keeps popping up on my computer is there now, it says
DANGER! You're in trouble!
Warning: You have visited an illeagl Pedo site!
Have you visited an illegal Pedo site by chance or deliberately? What is your supposed answer in the court? Maybe, at this very moment FBI, INTERPOL OR POLICE spy software installed in your computer is registering the addresses of the sites you visited or sending via Internet the photos depicted on your computer now. After the very big guys have taken your home by storm and switched your computer on, you will face very big problems. Have you ever thought what you'll answer in the court to the following question: " Have you visited an illegal PEDO site by chance or deliberately?" To avoid answering this question and facing very big problems use the package of professional software and services Privacy Out Post. Protect your privacy now!