Help me get rid of this b1tch @ss virus

[DotheDamnTHing]

Reinstalled XP with sp2 about 2 days ago and was planning to install firefox. Laziness got the better of me and used IE for a couple of hours and contracted a combo trojan/spyware called AdClicker AF. Using McAfee 8 with updated definitions, Spybot search and destroy and Lavasoft Adaware. Everytime, all three programs manage to find infected files and delete them BUT on the next boot, its there agian. Searched on McAfee's forums and they suggested removing some Registry entries but to no avail. Every scan was done in safe mode.
Any suggestions?

Much appreciated

 

[mechBgon]

Did you disable System Restore first?

Also, do a Microsoft Baseline Security Analyzer scan and fix weak/blank passwords on your Administrator-class accounts. Trojans and share-hopping worms love weak or non-existent passwords on Admin-class accounts :evil: A ticket to ride.

 

[Dru22]

Try getting a program called CWShredder, its really good about getting rid of that garbage, let me know if that helped.

 

[Schadenfroh]

see my Guide to Malware Removal (viruses, trojans, spyware, etc.)

 

[imported_Mitchell]

Delete everything you can for the program, boot into safemode command prompt and delete the last few files (ones in task manager you can't delete cause they keep coming back) and you should be good to go.

 

[1sikbITCH]

Spybot and the others are finding the actual files for the malware, but they are not finding the Installer.

Everytime you reboot, the installer detects that the program was removed, and reinstalls it. How you find the installer, I don't know right off the bat, but that's where you need to direct your energies.

 

[DotheDamnTHing]

thanks for the help guys

mech: disabled system restore before attempting anything....the mbsa didnt find any gaping holes in securit..only some xml issues

dru: cwshredder didnt find anything oddly enough

schadenfroh: pmd you my hijack this log