Endpoint Protection

I believe my PC to be infected with some variant of Vundo. Symantec AV is up to date and gave no warnings. Spybot, Ad-Aware, and MalwareBytes have failed to eliminate the issue. The current symptom is that when the system is started and connects to the internet a .tmp file with a name of random alternating letters and numbers is created in C:\Windows\Temp and runs itself as a process. The process can be terminated and when the .tmp files are scanned they show up as "Trojan.Downloader". I don't see any registry entries that could be problematic, and after the .tmp files are deleted a scan of the system in Safe Mode comes up clean. However, upon rebooting and connecting to the internet again the temp files start appearing again. I have restore disks for my system and plenty of flash drives so a backup and reset is an option, but I'd like to avoid it if possible. Any assistance would be greatly appreciated.

Try this removal first - http://www.symantec.com/security_response/writeup.jsp?docid=2004-112111-3912-99&tabid=3

If that fails try running the SEP Support tool. Check the option for Load Point analysis, run the tool and then reveiw the output  for any suspicious files. Submit the files to Security Response for a look.

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2008071709480648

http://www.symantec.com/business/security_response/submitsamples.jsp

Vundo infection is not that easy to clear out..it install various other un-detectable rootkits and other downloaders that remain un-detected and keeps re-infecting the system..

Since its only one machine the easiest way and best way would be to re-image this machine..because even if you remove the infection you cannot be 100% sure if it has not left behind any Bot on the machine..