So, here's what I did:
Ran CWShredder, AboutBuster, Ewido, Adaware, and a virus scan with TrendMicro's House Call.
Things are running much better now, but Ewido keeps reporting finding registry keys that it can't delete ("Error during cleaning").
I'll post my HijackThis and Ewido logs. First, here's my HijackThis log:
==========
Logfile of HijackThis v1.99.1
Scan saved at 6:58:50 AM, on 8/4/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\System32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Administrator\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0AD937E7-2F37-4873-A05E-548A67EF1D0E} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: FlashEnhancer Ext - {5EDB03AF-0341-4e96-9E9B-3171522E4BAF} - c:\Program Files\Fla\fla.dll (file missing)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: FlashEnhancer Extnder - {A749B4BC-7621-4a80-9220-D0A283367DD5} - c:\Program Files\Fln\fln.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\en-us\msntb.dll
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [System-Service] C:\WINDOWS\SYSTEM\EXPLORER.SCR
O4 - HKLM\..\Run: [autoupd] C:\WINDOWS\autoupd\autoupd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [tvs_b] c:\Program Files\tvs\tvs_ln.exe
O4 - HKLM\..\Run: [Client ] C:\WINDOWS\system32\tscoeset.exe
O4 - HKLM\..\Run: [FlnCPY] "C:\Program Files\Common Files\Java\flncpy.exe"
O4 - HKLM\..\Run: [sys730] C:\WINDOWS\sys730.exe
O4 - HKLM\..\Run: [Service Host] C:\WINDOWS\system32\Services\{1B66344B-A60D-4D80-9239-298AB697650C}\SVCHOST.EXE
O4 - HKLM\..\Run: [03mi39e] msjctfrm.exe
O4 - HKLM\..\Run: [Disk Keeper] C:\WINDOWS\system32\Services\{1B66344B-A60D-4D80-9239-298AB697650C}\SECURITY.EXE
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0335A685-ED24-4F7B-A08E-3BD15D84E668} - http://dl.filekicker...IL/PhPSetup.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - https://components.v...MetaStream3.cab
O16 - DPF: {11A4AEAA-4AE4-4EBA-BAB0-511B2CF8C062} - http://download.fami.....e Legends.cab
O16 - DPF: {341FF14B-00CB-49F5-A427-A164DF1D5E1F} (MALPlaybackCtrl Class) - http://musicstore.co...ALStreaming.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1408.g.akama...iTunesSetup.exe
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.ofoto.com..._1/axofupld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9FC87BC7-7963-4B70-8485-B1A41034C9A1} (CSonyPicturesGameDownloaderCtl Object) - http://www.shockwave...eDownloader.cab
O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildt...ion/install.cab
O16 - DPF: {C8BAC37C-A8D2-425E-B7FC-80B9537FB14A} - http://www.spyblast....SBFullSInst.cab
O16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} (ContentAuditX Control) - http://www.contentwa...uditControl.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.app.../ITDetector.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredim...er/imloader.cab
O21 - SSODL: Security Access - {03E81FD0-0A8E-4817-83CF-744827A4E9E3} - C:\WINDOWS\system32\c_28csvc.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox.exe
O23 - Service: IomegaAccess - Unknown owner - C:\WINDOWS\System32\iomegaaccess.exe (file missing)
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
==========
Here's my Eiwdo log:
==========
---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------
+ Created on: 6:55:52 AM, 8/4/2005
+ Report-Checksum: 437C9FC2
+ Scan result:
HKLM\SOFTWARE\Altnet -> Spyware.Altnet : Error during cleaning
HKLM\SOFTWARE\Altnet\Dashboard -> Spyware.Altnet : Error during cleaning
HKLM\SOFTWARE\Altnet\Dashboard\Messages -> Spyware.Altnet : Error during cleaning
HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller -> Spyware.180Solutions : Error during cleaning
HKLM\SOFTWARE\Classes\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -> Spyware.NewDotNet : Error during cleaning
HKLM\SOFTWARE\Classes\Common.Buttons -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\CSIE.CSIECore -> Spyware.ClearSearch : Error during cleaning
HKLM\SOFTWARE\Classes\F1.Organizer -> Spyware.VX2 : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.PluginConfig -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.PluginConfig\Clsid -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.PluginDown -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.PluginDown\Clsid -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.PluginEvents -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.PluginEvents\Clsid -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.PluginInst -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.PluginInst\Clsid -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.PluginServer -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.PluginServer\Clsid -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.ToolbarScript -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\TBPS.ToolbarScript\Clsid -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\toolbar.IToolbarScriptClass -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\toolbar.ResProtocol -> Spyware.WebSearch : Error during cleaning
HKLM\SOFTWARE\Classes\UnawareObj.UnawareObj -> Spyware.FlashTrack : Error during cleaning
HKLM\SOFTWARE\Classes\WebCom.WebBar -> Spyware.MediaMotor : Error during cleaning
HKLM\SOFTWARE\Classes\WToolsB.ResProtocol -> Spyware.WebSearch : Error during cleaning
::Report End
==========
Note that since I'm now at work I won't have access to this system until tonight around 5:30 CDT.
Thanks for the help.