you could try deleting them in Safe Mode? i had a virus that kept coming back once, i turned off system restore and then did a virus scan in safe mode. it fixed the problem.

most likely there is a third file in your windows/system folder controlling those two files.

I know there is probably some third file type, but I don't know what it is or how to find it.

The Virus scan completed and didn't find any more infections.

www.sysinternals.com

Download "rootkit revealer". Sounds like you may have a rootkit. Simply put, a very persistant piece of malware. Read about the rootkit revealer before downloading it and read the help file after downloading it. If you don't know much about how your computer works I wouldn't suggest using it and just try different search engines for the file names. Maybe someone will come along on here and actually know what it is/how to remove it.

You should download "auotruns" as well. See if you find those two files in one of the tabbed lists that program will display, if you see them, delete them. Also, it may actually be registered as an "add-on" for your interenet browser. Download "autoruns" from that same site and click on the Internet Explorer tab. If you see any odd listings remove them. This program anyone can use, just use common sense and don't delete anything that you're not sure of.

I highly suggest EVERYONE no matter who you are to download "autoruns" from sysinternals.com, it is the most advacned program at finding programs that are set up to run by themselves.

Edit: I recently had a problem very close to yours and these two programs helped me out.

I decided to check over my HJT log again.

Noticed three things which I hadn't noticed til recently.

Two .exe s in the system32 folder and one in Program Files\HP

Searched for them in google.

LiUtilities said: One was a Panda Anti-Virus file (ESSENTIAL DONT TERMINATE THIS PROCESS)

and

One was an eTrust Anti-Virus file (ESSENTIAL DONT TERMINATE THIS PROCESS)

and the last one was an ESSENTIAL FILE to make sure you don't delete a partition by accident on an HP computer.

Well, I thought hmmmmm, I don't have either of these anti-virus products and my computer is not an HP, so I went to check the creation date of both of these files to see if they were created on the date I reckon the infection occured. Well, they were all apparently created on some random date in 1998 at 0:00 and all were set to hidden. Another file which I had earlier found and deleted which I had found which I was pretty sure was related to this trojan was also created on a random 1998 date at 0:00 and was also hidden.

So I thought "FUCK YOU LIUTILITIES WARNING" and deleted them, reckoning it was the whole idea of the trojan to imitate essential files so people who aren't as knowledgable about computers would find they are an "essential process" and not delete them. All seems fine for now, I'll let you know if the problem happens again.

Gonna go delete the contents of prefetch now just to be doubly sure.

Cheers.

I was gonna suggest reformatting if it really bothered you that much and you couldn't fix the problem, but that doesn't seem to be the case anymore.

what about a system restore, takes like 5 mins, set it back to when your machine was good?

I like Antivir :x
http://www.free-av.com/

I've also heard McAfee sucks badly. Don't know if it's fixed, but for months it has had this bug that if it ever runs into a file whose name it can't read, it crashes. I'm not trusting a program like that. :P