Desperate - Evil virus entrenched!

Hello,
There is a virus deeply entrenched on my son's computer, which he desperately needs to finish his senior project. There are two .dll files that I cannot delete --Superantispyware and AntiMalwareBytes can see them, but there are always back on reboot. (Eset NOD Antivirus can't even see them.)
They will not allow me to get into safe mode or the recovery console, and they prevent system restore from functioning. I have had booting trouble since attempting to access the recovery console (I don't get the setup screen, it just goes through as a boot to XP from the disk.)They probably arrived via Limewire (a Very Bad Choice, my son will now agree, and one that is no longer on the computer.) I am new to this forum and so may need instructions in simple terms --is anyone up for the challenge of killing this beast? Please help! We are running windows XP SP3. Thank you in advance for even considering it!! Here is the SAS log:

Memory items scanned : 436
Memory threats detected : 0
Registry items scanned : 464
Registry threats detected : 7
File items scanned : 5496
File threats detected : 2

Trojan.Agent/Gen-Nullo[Short]
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E7FBE93-9E94-4C2A-A07E-707117C2BD90}
HKCR\CLSID\{8E7FBE93-9E94-4C2A-A07E-707117C2BD90}
HKCR\CLSID\{8E7FBE93-9E94-4C2A-A07E-707117C2BD90}
HKCR\CLSID\{8E7FBE93-9E94-4C2A-A07E-707117C2BD90}\InprocServer32
HKCR\CLSID\{8E7FBE93-9E94-4C2A-A07E-707117C2BD90}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\IZHGRXK.DLL
HKU\S-1-5-21-1229272821-562591055-839522115-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E7FBE93-9E94-4C2A-A07E-707117C2BD90}
Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\qawbfwsw
C:\WINDOWS\SYSTEM32\MTAEKSP.DLL

 

Please follow the stickies in the malware forum. They will be able to best assist you there.

 

Thank you!

 

Did you see this at the SuperAntiSpyware site?
http://forums.superantispyware.com/viewtopic.php?f=4&t=3804

 

Have you run The Avenger to try and clean up? I saw a post where this can also report a false positive in SAS of Trojan.Agent/Gen-Nullo

 

I ran the READ ME FIRST procedures and they seemed to get everything, esp. Combofix. I am running scans from safe mode now (which I can now get back into) and they are coming up clean. My only concern is that through all of this, my regular virsu protection - an up-to-date Eset NOD32 Internet Security - never saw any of them. It kept telling me my computer was clean. I wonder if it was disabled by the virus into saying that (if so--is it STILL disabled?) or if it just doesn't see them (which makes it a bad choice for my son). Is there any way to tell if your virus program is ok? Now that the system is clean I am afraid to let it back out to play on the internet! Thanks everyone for your interest and help.

 

ESET NOD is a very good av program.
Personally, I'd trust it before I'd trust SuperAntiSpyware, which has had problems with false postives and removing things that should not have been removed.

The malware fighters will be able to figure out from the logs whether you have a virus or something being picked up by SAS that should not be.

 

Well, I have trusted Eset NOD32 for a while but it has let in some viruses that are quite old (like Braviax) and doesn't seem to see trojans. I used SuperantiSpyware as a scanner because it was part of the READ ME FIRST directions. SuperMalwareBytes also found the same viruses, and researching the .dll files that I found also corroborated the findings, so I don't think they were false, at least this time. I was just worried that the virus could have damaged or turned off NOD32 wihtout me knowing --it was so hard to get that stuff off, I'm probably just being paranoid to worry that it is not working now!

 

The way I solved a similar problem: Update the signatures/antivirus program on YOUR pc. Remove the hard drive from your son's pc. Note the jumper settings. Set the humper to C.S. Attach your son's hard drive to your computer's hard drive cable. Restart your PC and it should detect the new hardware and automatically run the antivirus program on your pc, and remove the virus. After it's complete, reset the jumpers for your son's drive. Reinstall it into his pc. After this is done, the virus should be gone and No problems! Good luck and I hope this helps.:-D

 

That's a clever way too! Fortunately, it isn't necessary. The computer is still coming up clean and he is busy working on his project, so it looks like a success story here. Many thanks to everyone who offered help! Happy new year!