Hello.
Please, download AVZ tool (the link is in the rules) and unpack it into a separate folder. Run AVZ - upper menu "File" - "Database update" - perform update. Then, upper menu "File" - "custom scripts" - execute the script:
Код:
begin
SearchRootkit(true, true);
SetAVZGuardStatus(True);
QuarantineFile('C:\WINDOWS\system32\01.tmp','');
DelBHO('{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}');
DeleteFile('C:\WINDOWS\system32\01.tmp');
BC_DeleteFile('C:\WINDOWS\system32\01.tmp');
DeleteService('hwdixc');
BC_DeleteSvc('hwdixc');
BC_Activate;
ExecuteSysClean;
setavzpmstatus(true);
RebootWindows(true);
end.
During the script execution KIS could inform you about hidden driver installation by AVZ - it should be allowed. After restart, make two logs with AVZ. First: run AVZ - upper menu "File" - "Standart scripts" - mark script N3, press "Execute selected script" button. This script may work rather long time, so do not try to close AVZ, and/or restart your system untill "script executed" message appears. When it's appears, close AVZ and restart your system. After restart make the same steps, but mark script N2. The results vill be saved in the "Log" subfolder as archives: virusinf_syscheck.zip and virusinfo_syscure.zip. Attach them to your post here.