Download
KillBox http://www.greyknight17.com/spy/KillBox.exe.
Run KillBox and check the box that says '
End Explorer Shell While Killing File'. Next click on '
Delete on Reboot'. For each of the following files below, check the box that says '
Unregister .dll Before Deleting' if it's not grayed out. Copy and paste each of the following into KillBox (hitting the X button for each file -
Choose YES when informs you the file will be deleted on Reboot.
Choose NO when it asks if you want to reboot):
C:\WINDOWS\SYSTEM32\444.exe
C:\WINDOWS\SYSTEM32\doriot.exe
C:\WINDOWS\SYSTEM32\ewerf.exe
C:\WINDOWS\SYSTEM32\ewerfw.exe
C:\WINDOWS\SYSTEM32\svc.exe
C:\WINDOWS\SYSTEM32\sysdoor.exe
C:\WINDOWS\SYSTEM32\winerdir.exe
C:\WINDOWS\SYSTEM32\wnrot.exe
C:\WINDOWS\SYSTEM32\wwnrot.exe
C:\WINDOWS\23148187.exe
C:\WINDOWS\37454578.exe
C:\WINDOWS\579578.exe
C:\WINDOWS\832328.exe
C:\WINDOWS\867125.exe
C:\WINDOWS\igfseajuvsu.exe
Reboot your computer now.
Re run HJT and a Virus scan and bring the results from both with you in your next post.