We'll need to see a Hijackthis log on your mother's account, does everything work ok in safemode?
Let's clean your log up.
Run Hijackthis and select "Do a system scan only", place a check by the following entries.
F2 - REG:system.ini: Shell=Explorer.exe,veriogon.exe
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDO WS\system32\veriogon.exe,C:\Documents and Settings\nick coffey\Application Data\Explorer\veriogon.exe
O2 - BHO: CInterfaceObj Object - {58F07DD3-924D-4141-BC74-299F523A95F1} - C:\WINDOWS\pxwma.dll
O4 - HKLM\..\Run: [Microsoft Windows System] wodtfaaa.exe
O4 - HKLM\..\Run: [Media Player] C:\WINDOWS\system32\veriogon.exe
O4 - HKLM\..\Run: [winupdates] C:\Program Files\winupdates\winupdates.exe /auto
O4 - HKLM\..\RunServices: [Microsoft Windows System] wodtfaaa.exe
O4 - HKCU\..\Run: [Media Player] C:\Documents and Settings\Gail\Application Data\Explorer\veriogon.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearc...p=ZUxdm080YYUS
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache...up1.0.0.15.cab
O21 - SSODL: Media Themes - {938B49B5-0F06-4461-AB97-AAD3342CD2BA} - C:\WINDOWS\system32\wowddisp.dll
Close all open windows and browsers, and hit "Fix Checked".
Download Avenger from here:
http://swandog46.geekstogo.com/
Open the program. Check the 'Input script manually' option.
Click the Magnifying Glass icon.
In the box that opens, paste this:
Files to delete:
C:\WINDOWS\system32\veriogon.exe
C:\Documents and Settings\nick coffey\Application Data\Explorer\veriogon.exe
C:\Program Files\winupdates\winupdates.exe
C:\Documents and Settings\Gail\Application Data\Explorer\veriogon.exe
C:\WINDOWS\system32\wowddisp.dll
C:\WINDOWS\system32\wodtfaaa.exe
and click 'Done'
Click the Traffic Light icon to start the program, and OK the prompts to reboot your PC.
After the restart, post a new Hijackthis log.