virus kavo

I am trying to help a junior student remove rootkit virus kavo.exe and ubs.exe from her computer. But it always comes back after I thought it's cleaned. So far I've tried:

1. del_kavo.exe

2. del_kavo from trend micro

It seems some copy of the executable was hidden and executed every time I thought the virus is removed. I'll try the following:

• Disable "system restore" function of windows XP.
• Delete autorun.inf on disks and removable media.
  

Link of Virus Kavo at Trend Micro

Follow up: (3/04)
A post of detailed steps to clean kavo:
http://forums.spywareinfo.com/index.php?showtopic=108252&hl=kavo