Expert: Lorry - 1/22/2009

Question
My daughters Vista Ultimate computer has CyberSitter 10 and a popular anti-virus program installed and running.  CyberSitter logs the browser activity and sends the log via email to me.  The contents of the daily log show that Cybersitter is filtering out (preventing) a plethora of http requests for various profane words.  The url requested are not properly formed, as is any of the user accounts browing activity.  i.e the log shows entries such as:
12/30/08 01:09:40 AM   andrea   ACCESSED   http://www.updatesdomain.com/bases/ids/i386/ah-i386-0607g.xml
12/30/08 03:13:46 AM   SYSTEM   FILTERED   FUCK
12/30/08 03:33:46 AM   SYSTEM   IGNORED   http://au.download.windowsupdate.com/msdownload/update/software/svpk/2007/12/mai...

(I hope by including the profane data that it doesn't get this message junked)

The anti-virus program has perfomred many "full system checks" but has not reported a problem.

Other symptoms that MAY be related:
Can't install Vista SP1 - fails on all attempts

Can you identify the malware and recomend a way to remove it?  

Answer
Hi Mark,

I would suggest downloading Malwarebytes' Anti-Malware 1.33 from:

http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html

Not knowing which AV program you have installed, I would also suggest the following, using Internet Explorer, go to:

http://security.symantec.com/sscv6/WelcomePage.asp

Click "Continue to Symantec Security Check", in the next window click No when asked if you want to close this window, that will bring you to a window where you should click Virus Detection.

Write down exactly anything it finds, then go to: http://www.symantec.com/search/  and do a search for what was found. Symantec usually has a removal tool and/or directions for removing manually. Make sure that you follow the instructions for removal, step by step, especially the part regarding disabling System Restore.

Hope this helps!
Lorry