You have a Rootkit on your system.  I will notify on expert on removal about your problem.  Hang in there as he is backed up at the moment but Quads will get to you in due course.  Thanks.

Hi

 

I have sent you a personal message, look for the yellow envelope on the upper right hand side

 

Quads 

Hi

 

The location of the log would be for instace for Vista in "Users" folder , oh well

 

 

Continuation of Stage 1,  File removal

 

Now the registry entries will be greyed out I think, will get them later.

 

Tick (check) these entries (little square box beside each entry) Only the entries below, not the others

 

---

C:\Windows\System32\drivers\kbiwkmnvtvehvs.sys

C:\Windows\System32\kbiwkmxrqmyhsx.dll

C:\Windows\System32\drivers\kbiwkmrmpsnjvx.sys

C:\Windows\System32\kbiwkmretscvtu.dll

C:\Windows\System32\kbiwkmhxxxromi.dat

C:\Windows\System32\kbiwkmrunewmiv.dll

C:\Windows\System32\kbiwkmbjdioyjy.dll

C:\Windows\System32\kbiwkmkfqwpewr.dat

C:\Windows\System32\kbiwkmbcudbpya.dll

C:\Windows\System32\kbiwkmqipdftol.dat

C:\Windows\System32\kbiwkmwegowsoa.dat

C:\Windows\System32\kbiwkmmmniccub.dat

C:\Windows\Temp\kbiwkmgrrtgqcxdp.tmp

C:\Windows\System32\kbiwkmqbgpwone.dat

C:\Windows\System32\drivers\kbiwkmecfxwtsn.sys

C:\Windows\System32\kbiwkmmvpiptmu.dll

---

Then click the Clean items button

Follow the prompts to remove them and restart your computer.

After reboot, a dialog box displays the files you selected for removal and the action taken.

 

Step 2 after 

 

 

Quads 

Ok, I've done as you instructed and am know waiting for step two

Step 2. Detect - Delete any buddies

 

Download, Install, Update the definitions and run a Full Scan with Malwarebytes  http://www.filehippo.com/download_malwarebytes_anti_malware/

 

Quads 

OK I ran Malwarbytes again.

 

I don't know if I should mention that I downloaded Malwarbytes on Sunday after reading some of the other posts and, after running a quick scan, it did find and delete some infected files. I ran it last night and it behaved a little strange; 20 minutes into a complete scan and it locked my computer. I had to do another complete scan in Safe Mode and it found nothing.

Rodrigo:

 

Please see if you can run it again in normal mode.  Update it again.  If successful, please attach the log for Quads to view when he becomes available.

Sorry took awhile I've just been a little behind on a few things. Anyway here's the file you needed. 

Step 3. Registry

 

 

If you have Spybot S&D installed remove it 

 

Also during the restarts with Avenger if Your PC has a Startup repair center like with HP and Toshiba tell it to start Normally if it kicks in.

 

1. Download Avenger to your desktop,

 

Unzipped version http://homepages.slingshot.co.nz/~crutches/Avenger/

OR Creators website http://swandog46.geekstogo.com/avenger2/avenger2.html with zipped version to the unzip to desktop 

 

2. Click to run "Avenger.exe"  (right click "Run as Administrator" if using Vista)

 

3. In the "Input script here:" copy and paste the script between the lines

 

---

Drivers to disable:

kbiwkmlrccebvu

 

Drivers to delete: 

kbiwkmlrccebvu

 

Files to delete:

C:\WINDOWS\system32\drivers\kbiwkmrmpsnjvx.sys 

C:\WINDOWS\System32\drivers\kbiwkmnvtvehvs.sys 

C:\WINDOWS\System32\drivers\kbiwkmecfxwtsn.sys 

 

Registry keys to delete:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbiwkmlrccebvu

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\kbiwkmlrccebvu

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\kbiwkmlrccebvu

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\kbiwkmlrccebvu

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\kbiwkmlrccebvu

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\kbiwkmlrccebvu

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet006\Services\kbiwkmlrccebvu

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet007\Services\kbiwkmlrccebvu

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet008\Services\kbiwkmlrccebvu

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet009\Services\kbiwkmlrccebvu

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet010\Services\kbiwkmlrccebvu

---

 

 

Here is a screenshot (script updated since shot)

 

 

Make sure the "Automatically disable any rootkits found" is NOT selected

 

4. Click "Execute"

 

You will be asked to restart the PC click "Yes", when the PC restarts the load screen will takes slightly longer, then when it looks as though windows is loading the PC will restart again.

Then when Windows fully loads the Avenger log will be loaded, showing files it could or could not find.

 

Quads