Hi CharleyO,
Well so much the better you got it working, because it is nice as a second opinion or addition to the famous HijackThis and Eddy's HiLoa proggies. I don't have all these proggies on the comp but on the mem stick.
Good to have is ShareEnum from sysinternals too. There you can see all the processes' privileges, what is not completely secure. I have that there too.
And HijackThis and XrayPC feel much better with Process Explorer in the neighbourhood. Next use FileAlyzer and a good Hex Viewer, and you have all the basic analytical tools to encounter any file, packer and code and all, hashes included.
Enjoy,
friend polonus