AWVVT.DLL .... please help

[dubzter]

Hi Everyone,

my computer has been infected with the AWVVT.DLL file and I've tried removing the bugger using hijack this but it keeps coming back. Microsoft Antispyware detects the file and removes it be it also keeps coming back.

My Hijackthis log file is as follows:

Logfile of HijackThis v1.99.1
Scan saved at 11:51:53 AM, on 11/28/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
c:\jetsuite\jsdaemon.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\User\Local Settings\Temp\Temporary Directory 1 for hijackthis-1.zip\HijackThis.exe

O2 - BHO: (no name) - {8E13DDE1-E013-47ec-9C4C-27C2F78BDD26} - C:\WINDOWS\system32\awvvt.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O20 - Winlogon Notify: awvvt - C:\WINDOWS\SYSTEM32\awvvt.dll
O20 - Winlogon Notify: Run - C:\WINDOWS\system32\m2460chsef460.dll
O23 - Service: jsdaemon - JetFax, Inc. - c:\jetsuite\jsdaemon.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe






When I run VX2 Finder, I get the following log:

Log for VX2.BetterInternet File Finder (ALL)

Files Found---

Additional Files---

Keys Under Notify---
awvvt
Run


Guardian Key--- is called:

Guardian Key--- :

User Agent String---
{C19F8413-0F5A-2D59-6760-57AA02B52319}

I've tried using VundoFix in safe mode (without internet attached) but I keep getting the message that it can't access the process because it is being used by another process.

I've tried running killbox and typing in the file manually and selecting delete on reboot and end explorer shell while killling file but then I get the following message: "PendingFileRenameOperationsRegistryData has been removed by External Processes".

Is there something that I can do to get rid of this? I'm getting pop ups galore and also flash ad pop ups which has never happened before.

Can Anyone help me PLEASE?

thanks,