I have 2 systems with windows xp and avast pro installed.
I have the lastest virus definitions and all patches intalled on these systems.
I have been to numerous sites for removal instructions. Removed the files, registry entries and disabled system restore.
When scanning the systems with avast, it does not pickup the files e1.dll and wshtlprh.dll, which keep being put into HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows NT\CurrentVersion\Windows - AppInit_DLLs
I do find the ??.tmp file in the temp folder though, which I promptly delete.
However, I am wondering how these systems keep getting re-infected all the time and why Avast is not blocking the infection.
Anyway, I have fixed the problem here. I found another post on this forum and 1 of the replies mentioned DrWeb antivirus and AVG Anti-Spyware. I ran DrWeb first and it picked up the infected files and plus another 2 files infected with ‘Linmar’. I then ran the AVG Anti-Spyware and it picked up another file I have not noticed before (also overlooked by avast) infected with ‘Warezov’. This I think is how I kept getting re-infected. I have now removed those files and so far so good.