Posted 13 December 2009 - 06:59 PM
From a quick read of your situation, it looks like you did not get the same version of xp media center oem for dell that originally came with your computer. Version 2002 and version 2005 are quite different. If you used an actual 2005 Dell oem cd to do a "repair install" rather then an actual reinstall, then your malware was never gone at all since a repair install will do nothing to find and replace rootkits though it can replace and repair files that have been damaged by rootkits in some cases. A mixed install of 2002 and 2005 mediacenter files is going to act like it is infected even if it isn't.
Also your infection is unlikely to follow a Dell full reinstall from OEM cd/dvd. You may have backed up an infected file or dropper. Can we assume you no longer have the recovery partition or the diagnostic partition our Dell originally shipped with?
Back up your files to an external drive with no bootable os on it. Killdisk and dban are handy for sterilizing your drive even though deleting partitions and making and creating a couple of different sized partitions in setup after booting from your Dell oem xp mc disk should be good enough to kill anything on the original partitions...
Do a complete reinstall on the clean drive. Load only the dell network driver from cd or known clean usb key if needed for internet access.
Manually load SP3 from a cd or flash drive. If it is sp1 you should be able to run just sp3 rather than sp2 and then sp3.
Make sure your firewall is turned on. Do manual windows updates (63 of them I think) Do not install IE8 until last. Then install the updates to IE8 that will appear. Turn on automatic updates and make sure the firewall is still on and remove all the AOL exemptions from it unless you actually use AOL.
Install you antivirus of choice looking for and enabling scanning of external drives on plug.
Install malwarebytes and superantispyware.
Do a restore point and/or a clonezilla backup image.
plug in your drive with backed up files and scan with everything you have. Let it kill anything that looks suspicious.
Move on with you life and reinstall the apps you use.