only the best popup generator

To anyone out there......... after a three week battle I feel that I am getting somewhere.

Adaware, Hijack this, and manual removal of all .dll .dat and .exe files created after a specific date (but checking well before this date for files in the windows, windows/system32 and windows/system folders as there are .xxx files that seem tho have false dates but belong to the malware.

In desperation I decided to uninstall the version of internet explorer in the programs folder of the control panel.... it had a number associated like Q630016 which I didn't recognise. (To be on the safe side I had already downloaded the latest version of IE 6.0 from the microsoft website and had it ready in a download folder)

On removal of this IE version from the control panel I was surprised to find out that my internet was still working so I pressed on.....

The key moment was when I downloaded a Kerio firewall and watched the process. I had an executable file (ieupdate.exe) hidden in a folder (IXP000) residing in my temp directory which was being called. However I am not able to either find it or destroy it as this directory does not appear in windows explorer or even in the dos shell from the prompt.

Do you guys have any idea how to seek and destroy when the path does not correspond to the procedure call? I have tried searching the file to no avail in both Norton Navigator and Windows explorer.

My "fix" has been to delete the whole temp folder for the time being but I feel that the beast still lurks within.......