Hello,
I am working on my Mother-in-law's computer. Of course she stated that it was working fine and then when she turned it on it started having problems.

It is a Toshiba Laptop. Running Windows Vista OS, 32 bit.

I believe she has malware, spyware and a virus on her computer as popups come up saying that her computer is infected. They ask if she wants to stay unprotected or purchase. When you click on one of the popups it brings what looks like a virus program up and it is scanning the computer. The company's name is "antivir solutions pro".

I noticed that many of the "exe" files would not work, like the snipping tool, the task manager. I could get Firefox to run though.

I uploaded the malwarebytes and it worked only after I shut down the computer and restarted. It found 8 infected files and I removed them like you stated in the instructions.

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4052

Windows 6.0.6000
Internet Explorer 8.0.6001.18904

8/4/2010 1:25:26 AM
mbam-log-2010-08-04 (01-25-26).txt

Scan type: Quick scan
Objects scanned: 117888
Time elapsed: 8 minute(s), 50 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bkdmkrgf (Rogue.AntivirusSuite.Gen) -> No action taken.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Folders Infected:
C:\ProgramData\35045421 (Rogue.Multiple) -> No action taken.

Files Infected:
C:\ProgramData\35045421\35045421.ini (Rogue.Multiple) -> No action taken.
C:\Users\Owner\AppData\Local\hdsalwpvs\wleryqytssd.exe (Rogue.AntivirusSuite.Gen) -> No action taken.
C:\Users\Owner\Desktop\Security Tool.LNK (Rogue.SecurityTool) -> No action taken.
C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> No action taken.

(continued on next threads)