Run HijackThis again and check the following lines (if they are still there):
\winnt\system32\ofps.exe
\program files\spykiller\spykiller.exe
\timtemp\spyware-cop.exe
\documents and settings\administrator\application data\q??o.exe
\winnt\system32?hkdsk.exe
\program files\web_rebates\webrebates1.exe
\program files\web_rebates\webrebates0.exe
r1 - hkcu\software\microsoft\internet explorer\main,search page = res://c:\winnt\system32\xxlpt.dll/sp.html#37049
r1 - hkcu\software\microsoft\internet explorer\search,searchassistant = res://c:\winnt\system32\xxlpt.dll/sp.html#37049
r1 - hklm\software\microsoft\internet explorer\main,search bar = res://c:\winnt\system32\xxlpt.dll/sp.html#37049
r1 - hklm\software\microsoft\internet explorer\main,search page = res://c:\winnt\system32\xxlpt.dll/sp.html#37049
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = about:blank
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = res://c:\winnt\system32\xxlpt.dll/sp.html#37049
r0 - hklm\software\microsoft\internet explorer\search,searchassistant = res://c:\winnt\system32\xxlpt.dll/sp.html#37049
r1 - hkcu\software\microsoft\windows\currentversion\internet settings,proxyoverride = localhost
o4 - hklm..\run: [webrebates0] “c:\program files\web_rebates\webrebates0.exe”
o4 - hkcu..\run: [spykiller] c:\program files\spykiller\spykiller.exe /startup
o4 - hkcu..\run: [spyware-cop] “c:\timtemp\spyware-cop.exe” /s
o4 - hkcu..\run: [brct] c:\documents and settings\administrator\application data\q??o.exe
o4 - hkcu..\run: [pjxrddis] c:\winnt\system32?hkdsk.exe
o4 - startup: powerreg schedulerv2.exe
o8 - extra context menu item: web rebates - file://c:\program files\web_rebates\sy1150\tp1150\scri1150a.htm
o16 - dpf: {02bf25d5-8c17-4b23-bc80-d3488abddc6b} (quicktime object) - http://www.apple.com/qtactivex/qtplugin.cab
o16 - dpf: {11260943-421b-11d0-8eac-0000c07d88cf} (ipix activex control) - http://www.ipix.com/download/ipixx.cab
o16 - dpf: {15ad4789-cdb4-47e1-a9da-992ee8e6bad6} - http://public.windupdates.com/get_file.php?bt=ie&p=1bc2dfe0cd56b08e83cbcd56822b9d185e66a8f156560ebb18ffa2c9543cc6154a3682076ebe09604513aa4789bd8e86d2adc8ed06413126da65b131d9d0c31979:1c94cf8dd60a92140234c44bda683591
o16 - dpf: {166b1bca-3f9c-11cf-8075-444553540000} (shockwave activex control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
o16 - dpf: {2253f320-ab68-4a07-917d-4f12d8884a06} (chaincast vmr client proxy) - http://www.streamaudio.com/download/ccpm_0237.cab
o16 - dpf: {2c8eeb84-6d60-11d4-bd64-0050048a82bf} (eshare communications netagent customer activex control version 2) - http://tech-a.mhi.aol.com/netagent/objects/custappx2.cab
o16 - dpf: {40c83af8-fea7-4a6a-a470-431ee84a0886} (secureobjectfactory class) - http://virusscanasap.mcafeeasap.com/vs2/sonicwall/bin/mycioagt.cab
o16 - dpf: {4a3cf76b-ec7a-405d-a67d-8dc6b52ab35b} (qdiagaolccupdateobj class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
o16 - dpf: {9a9307a0-7da4-4daf-b042-5009f29e09e1} (activescan installer class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
o16 - dpf: {9eb320ce-be1d-4304-a081-4b4665414bef} - http://www.mt-download.com/mediaticketsinstaller.cab
o16 - dpf: {9f1c11aa-197b-4942-ba54-47a8489bb47f} (update class) - http://v4.windowsupdate.microsoft.com/cab/x86/unicode/iuctl.cab?38116.5830902778
o16 - dpf: {d27cdb6e-ae6d-11cf-96b8-444553540000} (shockwave flash object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
o16 - dpf: {d670d0b3-05ab-4115-9f87-d983ef1ac747} (aol downloader plugin) - http://pak01.pictures.aol.com/ygp/aol/plugin/download/ygppicdownload.9.0.0.2.cab
o16 - dpf: {f554b9ab-e6c9-4fa6-bfe7-b3cb24ad5027} (msn money charting) - http://fdl.msn.com/public/investor/v11/investor.cab