Mike, the problem is that rootkit does not just set&install some of his files as loading points. Antivirus/antimalware know thouse files but they cannot easily delete thouse.
Why? The trick is that this malware also patching some system file (it patching Service Control Manager's executable file). Patched file should not be deleted
because file is system file and used by the OS. It is necessary to find a legitimate copy of the file and replace with patched-one.
(just to note that even the replacement is not simple procedure)And here arises the problem for AV/AM.
So it's not just enough to locate and try to do some violent deletion of thouse files (malware loading points) because the file system is still infected with patching one and malware on reboot continues to live.
Some tools have been updated and they have learned where to find a legitimate copy of the file with some Heuristic and triying to perform the replacement (if they even succeed).
But if a rootkit hiding a legitimate file to a different location or AV/AM does not know where to find or even there is no a valid copy of the legitimate file on the system...
...without this type of malware removal and scripting is generally not possible to completely (or fully) disinfect malware and then remove thouse loading points.
---------------------
If you need help with malware removal, you need to open a new thread and follow this instructions:
http://forum.avast.com/index.php?topic=53253.0