mannen: yes, it's possible to get reinfected from the machine, where domain admin is logged, cause he don't need to exploit anything, he has the rights by default.. other way is the autorun hole in windows (autorun.inf is processed everywhere by default)... collect all USB sticks which got in touch with any infected PC.. plug these flash drives to some safe machine (windows with disabled autoruns or linux) and delete the autorun.inf and the *SID* folder or let avast do that...