Everytime there is something new in your logs.
Ok. run AVZ - you'd better right click on AVZ.exe and chose "Run as" option in the context menu - and Execute the script:
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
SetServiceStart('SysProtDrv.sys', 4);
QuarantineFile('C:\Windows\System32\kbiwkmxgvovppt.dll','');
QuarantineFile('C:\Windows\System32\kbiwkmvdwpopfq.dll','');
QuarantineFile('C:\Windows\DOWNLO~1\SysInfo.dll','');
QuarantineFile('C:\Users\AMAN\Desktop\SysProtDrv.sys','');
QuarantineFile('\\?\globalroot\systemroot\system32\kbiwkmvdwpopfq.dll','');
DeleteFile('C:\Users\AMAN\Desktop\SysProtDrv.sys');
BC_DeleteFile('C:\Users\AMAN\Desktop\SysProtDrv.sys');
DeleteFile('C:\Windows\System32\kbiwkmxgvovppt.dll');
DeleteFile('C:\Windows\System32\kbiwkmvdwpopfq.dll');
BC_DeleteFile('C:\Windows\System32\kbiwkmxgvovppt.dll');
BC_DeleteFile('C:\Windows\System32\kbiwkmvdwpopfq.dll');
Deletefile('C:\Windows\System32\drivers\kbiwkmqvjasdld.sys');
Deletefile('C:\Windows\System32\kbiwkmxqrbylxk.dll');
Deletefile('C:\Windows\System32\kbiwkmyqsxlupx.dat');
Deletefile('C:\Windows\System32\kbiwkmvpbcxlev.dll');
Deletefile('C:\Windows\System32\kbiwkmqedetqqn.dat');
Deletefile('C:\Windows\System32\kbiwkmcfneqdri.dll');
BC_Deletefile('C:\Windows\System32\drivers\kbiwkmqvjasdld.sys');
BC_Deletefile('C:\Windows\System32\kbiwkmxqrbylxk.dll');
BC_Deletefile('C:\Windows\System32\kbiwkmyqsxlupx.dat');
BC_Deletefile('C:\Windows\System32\kbiwkmvpbcxlev.dll');
BC_Deletefile('C:\Windows\System32\kbiwkmqedetqqn.dat');
BC_Deletefile('C:\Windows\System32\kbiwkmcfneqdri.dll');
DeleteService('SysProtDrv.sys');
DeleteService('kbiwkmispmtixr');
BC_DeleteSvc('SysProtDrv.sys');
BC_DeleteSvc('kbiwkmispmtixr');
BC_Activate;
ExecuteSysClean;
RebootWindows(true);
end.
After restart, upload quarantine and make new logs. You should also make a new log with GMER