Never seen anything like this

Ok, let me first start off by saying that I'm a senior computer science major and I've been fixing people's computers for years now. So I'm not the run of the mill idiot hehe.

Anyway, that said, here's the problem, my friend asked me to look at her computer because she had a few problems. I ran a virus scan with up-to-date definitions and it came up with nothing. I then ran ad-aware and got 600+ hits. I've never seen anything like that. So, I removed them, and started a more detailed removal process because I realized this wasn't normal. I found on this site the thread posted by Major Attitude entitled "DO NOT POST UNTIL YOU HAVE READ THIS: How to: Spyware, Trojan And Virus Removal" and followed every instruction to the T. I even did all of the "optional programs." I've used Hijack This before, so I removed anything I thought was malicious...but still the problem remains. It runs much, much better now, but there are a couple of problems.

On every restart, a couple of programs are created seemingly out of nowhere. When I run MSconfig, one of the programs listed is "c:\Documents and Settings\All Users\StartMenu\lgywhw.exe" I have no idea where that program came from, but everytime I delete it and restart and not only does the program reappear, but also its entry in msconfig under the startup section. I've googled this program and gotten nothing, and as its name appears to be a random string, I'm led to believe it is being dynamically created by something. That something has thus far eluded me.

Now, I also downloaded and ran Security Task Manager and it showed one of the processes had a rating of 100%. This process was called "kaytwt.exe" and was located in c:\windows\system32. I choose to end the process and quarantine it and it goes away, but it, just like the other program, reappears at startup. I also googled this and came up with no hits.

So basically I'm totally lost. I've run every spyware utility I could get my hands on, I've googled everything I could think of, deleted every file on the computer I can find that's unnecessary and fixed everything on Hijack This. Please help as I've spent waaaay too much time and gotten nowhere so far!

 

Forgot to mention

I forgot to mention that one of the times I restarted in safe mode with networking and still got pop-ups in IE...don't know if that helps at all.