You sure it was the little brother, and not the Dad himself?
Before you start, ONLY
download, install and run updates where necessary of
ALL the programs indicated in the next 2 posts.
Read: How to remove Trojans and its ilk!
Read: How to remove Begin2Search/Coolwebsearch and Other Nasties
Next, disconnect your PC from the internet.
Next, clean up all your cookies and Internet Temporary Files (In IE, click on Tools/Internet Options)
C:\DOCUME~1\Dad\LOCALS~1\
Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe
Put
HijackThis in e.g.
C:\Program Files\HJT and
NOT in Temp or on the Desktop!.
Next, run this stuff:
Read: How to remove Trojans and its ilk!
Next, follow these instructions
EXACTLY using the info mentioned underneath.
Read: How to remove Begin2Search/Coolwebsearch and Other Nasties
The following is all adware/spyware/trojan/virus and what-have-you!
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Eyetide Media\Eyetide Viewer\EyetideController.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://results.searchscout.com/cont...m=MzU2NDIwOTU3&t=1000120168&d=0&k=pda&c=17979
O1 - Hosts: zer.com
O2 - BHO: (no name) - {00DBDAC8-4691-4797-8E6A-7C6AB89BC441} - C:\WINDOWS\system32\xxwxu.dll (file missing)
O2 - BHO: (no name) - {16875E09-927B-4494-82BD-158A1CD46BA0} - C:\WINDOWS\prflbmsgp32.dll
O2 - BHO: (no name) - {4208F879-AB9D-76CF-0B0A-E0E81EC1408A} - C:\DOCUME~1\Dad\APPLIC~1\Regspoll\Mess Ooze.exe
O2 - BHO: ShowBarObj Class - {43AE45CB-DDA7-454B-9650-93A4C090BDB8} - C:\Program Files\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O2 - BHO: C:\WINDOWS\adsldpbc.dll - {5E8D25E3-180D-4ECA-917E-D5F52D832C75} - C:\WINDOWS\adsldpbc.dll (file missing)
O2 - BHO: SDWin32 Class - {5FA6752A-C4A0-4222-88C2-928AE5AB4966} - C:\WINDOWS\System32\SWin32.dll
O2 - BHO: C:\WINDOWS\system32\adsldpbd.dll - {826B2228-BC09-49F2-B5F8-42CE26B1B712} - C:\WINDOWS\system32\adsldpbd.dll (file missing)
O2 - BHO: MSEvents Object - {85597C9D-3994-4B7F-8CE3-515E632297A1} - C:\WINDOWS\java\winkey.dll
O2 - BHO: (no name) - {DA223E41-3F7F-4B2B-8CC8-22C6A1197EEB} - C:\WINDOWS\mpatrol.dll
O2 - BHO: C:\WINDOWS\adsldpbf.dll - {EEE7178C-BBC3-4153-9DDE-CD0E9AB1B5B6} - C:\WINDOWS\adsldpbf.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &EyeTideBar - {987D027C-F0EF-40fa-9A1A-C45007F1F36F} - C:\Program Files\Eyetide Media\Eyetide Viewer\Toolbar\ETBar.dll
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [close grey acid info] C:\Documents and Settings\All Users\Application Data\joypollclosegrey\Thisfind.exe
O4 - HKLM\..\Run: [Adstartup] C:\WINDOWS\system32\automove.exe
O4 - HKCU\..\Run: [PedalToTheMetalSetup.exe] C:\DOWNLO~1\PEDALT~1.EXE /r
O4 - HKCU\..\Run: [WormsArmageddon.exe] C:\DOWNLO~1\WORMSA~1.EXE /r
O4 - HKCU\..\Run: [ClearCookies] C:\WINDOWS\cc.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [sixthpop] C:\DOCUME~1\Dad\APPLIC~1\MFCDRE~1\Fast Great.exe
O4 - Startup: Eyetide Launcher.lnk = C:\Program Files\Eyetide Media\Eyetide Viewer\EyetideController.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Picture Package Menu.lnk = ?
O4 - Global Startup: Picture Package VCD Maker.lnk = ?
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search -
http://bar.mywebsearch.com/menusearch.html?p=ZS
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
Tick/Fix ALL your O16 - DPF: entries
O17 - HKLM\System\CCS\Services\Tcpip\..\{10E27239-DB7A-414C-87D5-0DBED0A14C87}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{10E27239-DB7A-414C-87D5-0DBED0A14C87}: NameServer = 192.168.1.1
O20 - Winlogon Notify: gs - C:\WINDOWS\system32\adsldpbd.dll (file missing)
O20 - Winlogon Notify: st3 - C:\WINDOWS\system32\st3.dll
O20 - Winlogon Notify: winkey - C:\WINDOWS\java\winkey.dll
O20 - Winlogon Notify: xxwxu - xxwxu.dll (file missing)