Tengo un portatil antiguo HP Pentium III con Windows 2000 con conexion de modem de cable de ONO,y desde que visité una pagina porno, primero se abría una ventana diciendo que tenia un problema con mi seguridad, para que me conectára y luego ya no se abria el navegador y no me podía conectar a internet, le pasé el antivirus Norton, y el SuperaAntySpyware, incluso utilicé el firefox portable desde un disco externo, pero seguia sin poder conectar, necesito vuestra ayuda, te envío el log del HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:16, on 03/08/2008
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.51 SP2 (5.51.4807.2300)
Boot mode: Normal

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
c:\hp\i\connected\CBRegCap.EXE
c:\HP\i\connected\CBlaunch.exe
C:\PROGRA~1\navnt\DefWatch.exe
C:\WINNT\System32\svchost.exe
C:\PROGRA~1\navnt\Rtvscan.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\SavRoam.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\igfxtray.exe
C:\WINNT\System32\hkcmd.exe
C:\WINNT\system32\AEIWLSTA.EXE
C:\Program Files\Hewlett-Packard\PC COE\IDA.EXE
C:\PROGRA~1\navnt\vptray.exe
C:\WINNT\essspk.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb09. exe
C:\WINNT\system32\hphmon05.exe
C:\WINNT\system32\internat.exe
C:\Program Files\NetMeeting\conf.exe
C:\WINNT\system32\HPZipm12.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
C:\Program Files\WinZip\wzqkpick.exe
C:\WINNT\system32\spool\DRIVERS\W32X86\3\E_S10IC2. EXE
C:\HP\i\connected\CBSysTray.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.portal.hp.com/search/iesearchpane/pane.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.es/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://athp.hp.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Hewlett-Packard
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = web-proxy:8088
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.core.hp.com;*.corp.hp.com;*.cup.hp.com;<local>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {B965A73D-3568-4F99-BA93-CE76BFE705F3} - c:\winnt\system32\vajgnqs.dll
O2 - BHO: (no name) - {D27534C2-BAD0-400C-8F32-A90CE59A4E3A} - C:\DOCUME~1\PVIRGI~1.EME\LOCALS~1\Temp\dm2CEF.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [IgfxTray] C:\WINNT\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINNT\System32\hkcmd.exe
O4 - HKLM\..\Run: [1AEIWLRAD.exe] AEIWLRAD.exe
O4 - HKLM\..\Run: [AEIWLSTA.EXE] AEIWLSTA.EXE
O4 - HKLM\..\Run: [IDA] C:\Program Files\Hewlett-Packard\PC COE\IDA.EXE
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\navnt\vptray.exe
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb09. exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINNT\system32\hphmon05.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Microsoft NetMeeting] "C:\Program Files\NetMeeting\conf.exe" -Background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')
O4 - .DEFAULT Startup: Connected TaskBar Icon.LNK = C:\HP\i\connected\CBSysTray.exe (User 'Default user')
O4 - .DEFAULT User Startup: Connected TaskBar Icon.LNK = C:\HP\i\connected\CBSysTray.exe (User 'Default user')
O4 - Startup: Connected TaskBar Icon.LNK = C:\HP\i\connected\CBSysTray.exe
O4 - Startup: Epson Printer Status Agent2.lnk = C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02. EXE
O4 - Global Startup: LUMIX Simple Viewer.lnk = C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\wzqkpick.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O14 - IERESET.INF: START_PAGE_URL=http://athp.hp.com/
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20031216/qtinstall.info.apple.com/mickey/us/win/QuickTimeInstaller.exe
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avghcqja - C:\WINNT\SYSTEM32\vajgnqs.dll
O23 - Service: Connected RegCap (CBRegCap) - Connected Corporation - c:\hp\i\connected\CBRegCap.EXE
O23 - Service: Connected Launcher (ConnectedLauncher) - Connected Corporation - c:\HP\i\connected\CBlaunch.exe
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\navnt\DefWatch.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\navnt\Rtvscan.exe
O23 - Service: PictureTaker - LANovation - C:\WINNT\system32\PCTKRNT.SYS
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: SAVRoam - symantec - C:\WINNT\SavRoam.exe

--
End of file - 6549 bytes

Hola gardean, te doy la bienvenida al Foro de InfoSpyware.

Paso 1- Descarga, Instala y/o actualiza estas herramientas: (pero no los ejecutes aun)

• ComboFix.exe
• Malwarebytes' Anti-Malware

Paso 2- Con todos los programas cerrados, ejecuta HijackThis y dale a las siguientes entradas:


O2 - BHO: (no name) - {B965A73D-3568-4F99-BA93-CE76BFE705F3} - c:\winnt\system32\vajgnqs.dll

O2 - BHO: (no name) - {D27534C2-BAD0-400C-8F32-A90CE59A4E3A} - C:\DOCUME~1\PVIRGI~1.EME\LOCALS~1\Temp\dm2CEF.dll

O20 - Winlogon Notify: avghcqja - C:\WINNT\SYSTEM32\vajgnqs.dll





Paso 3- Ejecuta estas herramientas, de a una:

• Malwarebytes' Anti-Malware
  *Nota* Es importante que envíes a "Cuarentena" todo lo que este detecte antes de copiar y pegarnos su reporte.

• Antes de usar ComboFix....
• Desactiva temporalmente el Antivirus y/o Antispyware.
• Cierra todas las ventanas abiertas.
• Hacele doble clic al archivo ComboFix.exe y seguí las instrucciones.
• Cuando termine, generara un registro en C:\ComboFix.txt.
  • *Nota* Mientras CF este trabajando no mover el mouse ya que pararía su proceso.
  • *Nota* ComboFix puede reiniciar automáticamente el PC para completar el proceso de eliminación.

Paso 4- Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de Internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

Reinicia y nos contas los resultados. junto con el reporte de

Paso 5- Reinicia en modo normal y nos dejas los reportes de:

• Malwarebytes' Anti-Malware
• C:\ComboFix.txt en este mismo mensaje.

**Nota**
- Para mayor comodidad imprime los pasos.
- Recuerda regresar y contarnos los resultados.

Salu2

Gracias El Piedra, el navegador ya se puede abrir y ya puedo conectar con internet, Malwarebytes' Anti-Malware ha encontrado 6 troyanos que ha puesto en quarentena, pero el antivirus Norton no se puede abrir, solo el liveUpdate, en fin te pego los 2 informes:

Malwarebytes' Anti-Malware 1.24
Versión de la Base de Datos: 1012
Windows 5.0.2195 Service Pack 4

18:40:40 07/08/2008
mbam-log-8-7-2008 (18-40-40).txt

Tipo de examen : Examen Rápido
Objetos examinados: 39282
Tiempo transcurrido: 8 minute(s), 33 second(s)

Procesos en Memoria Infectados: 0
Módulos en Memoria Infectados: 0
Claves del Registro Infectadas: 2
Valores del Registro Infectados: 4
Elementos de Datos del Registro Infectados: 0
Carpetas Infectadas: 0
Ficheros Infectados: 0

Procesos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Módulos en Memoria Infectados:
(No se han detectado elementos maliciosos)

Claves del Registro Infectadas:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Ias (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\WinOpts (Trojan.Downloader) -> Quarantined and deleted successfully.

Valores del Registro Infectados:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Quarantined and deleted successfully.

Elementos de Datos del Registro Infectados:
(No se han detectado elementos maliciosos)

Carpetas Infectadas:
(No se han detectado elementos maliciosos)

Ficheros Infectados:
(No se han detectado elementos maliciosos)

ComboFix 08-08-06.04 - pvirgili 07/08/2008 18:47:15.1 - NTFSx86
Running from: F:\antiespias hijack\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINNT\system32\vajgnqs.dll
C:\WINNT\Tasks.\At1.job
C:\WINNT\Web\default.htt

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_TTRFZIMY
-------\Service_ttrfzimy


((((((((((((((((((((((((( Files Created from 2008-07-07 to 2008-08-07 )))))))))))))))))))))))))))))))
.

2008-08-07 18:03 . 08-08-07 18:03 <DIR> d-------- C:\Documents and Settings\pvirgili.EMEA\Application Data\Malwarebytes
2008-08-07 18:02 . 08-08-07 18:03 <DIR> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-07 18:02 . 08-08-07 18:02 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-07 18:02 . 08-07-30 20:07 38,472 --a------ C:\WINNT\system32\drivers\mbamswissarmy.sys
2008-08-07 18:02 . 08-07-30 20:07 17,144 --a------ C:\WINNT\system32\drivers\mbam.sys
2008-08-03 18:58 . 08-08-03 18:58 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-03 18:57 . 08-08-03 18:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-03 18:56 . 08-08-03 18:57 <DIR> d-------- C:\Program Files\SpywareBlaster
2008-08-03 18:52 . 08-08-03 18:56 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-08-03 18:52 . 08-08-03 18:52 <DIR> d-------- C:\Documents and Settings\pvirgili.EMEA\Application Data\SUPERAntiSpyware.com
2008-08-03 18:52 . 08-08-03 18:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-08-03 18:51 . 08-08-03 18:51 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-02 20:11 . 08-08-02 20:11 0 --a------ C:\WINNT\VPC32.INI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2005-06-22 16:33 14,592 ----a-w C:\Documents and Settings\pvirgili.EMEA\Application Data\GDIPFONTCACHEV1.DAT
2004-01-21 18:17 271 ---h--w C:\Program Files\desktop.ini
2004-01-21 18:17 21,952 ---h--w C:\Program Files\folder.htt
1999-12-07 12:00 32,528 ----a-w C:\WINNT\inf\wbfirdma.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Microsoft NetMeeting"="C:\Program Files\NetMeeting\conf.exe" [03-06-19 13:05 659728]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [08-06-04 06:05 1510640]
"internat.exe"="internat.exe" [99-12-07 14:00 20752 C:\WINNT\system32\internat.exe]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"IgfxTray"="C:\WINNT\System32\igfxtray.exe" [02-01-24 18:09 151552]
"HotKeysCmds"="C:\WINNT\System32\hkcmd.exe" [02-01-24 18:01 106496]
"IDA"="C:\Program Files\Hewlett-Packard\PC COE\IDA.EXE" [02-11-07 15:53 176128]
"vptray"="C:\PROGRA~1\navnt\vptray.exe" [03-05-21 02:21 90112]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [04-02-15 22:06 77824]
"HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [03-06-25 12:24 49152]
"HPDJ Taskbar Utility"="C:\WINNT\system32\spool\drivers\w32x86\3 \hpztsb09.exe" [03-07-25 23:14 188416]
"HPHUPD05"="C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe" [03-08-21 06:23 49152]
"HPHmon05"="C:\WINNT\system32\hphmon05.exe" [03-08-21 06:15 483328]
"Synchronization Manager"="mobsync.exe" [03-06-19 13:05 111376 C:\WINNT\system32\mobsync.exe]
"1AEIWLRAD.exe"="AEIWLRAD.exe" [01-06-28 16:13 24576 C:\WINNT\system32\AEIWLRAD.EXE]
"AEIWLSTA.EXE"="AEIWLSTA.EXE" [01-07-20 17:53 160800 C:\WINNT\system32\AEIWLSTA.exe]
"EssSpkPhone"="essspk.exe" [02-05-31 10:34 167936 C:\WINNT\essspk.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"internat.exe"="internat.exe" [99-12-07 14:00 20752 C:\WINNT\system32\internat.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\RunOnce]
"^SetupICWDesktop"="C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe" [03-06-19 13:05 186640]

C:\Documents and Settings\Default User\Start Menu\Programs\Startup\
Connected TaskBar Icon.LNK - C:\HP\i\connected\CBSysTray.exe [2004-05-07 18:21:58 131139]

C:\Documents and Settings\pvirgili.EMEA\Start Menu\Programs\Startup\
Connected TaskBar Icon.LNK - C:\HP\i\connected\CBSysTray.exe [2004-05-07 18:21:58 131139]
Epson Printer Status Agent2.lnk - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe [2005-06-22 21:08:09 114688]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
EPSON Status Monitor 3 Environment Check 2.lnk - C:\WINNT\system32\spool\drivers\w32x86\3\E_SRCV02. EXE [2005-06-22 21:08:05 127488]
LUMIX Simple Viewer.lnk - C:\Program Files\Panasonic\LUMIXSimpleViewer\PhLeAutoRun.exe [1988-01-01 00:40:49 63696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 12:01:04 86275]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"SynchronousMachineGroupPolicy"= 0 (0x0)
"SynchronousUserGroupPolicy"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\explorer]
"NoMSAppLogo5ChannelNotify"= 1 (0x1)
"NoBandCustomize"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\explorer]
"Btn_Back"= 0 (0x0)
"Btn_Forward"= 0 (0x0)
"Btn_Stop"= 0 (0x0)
"Btn_Refresh"= 0 (0x0)
"Btn_Home"= 0 (0x0)
"Btn_Search"= 0 (0x0)
"Btn_History"= 0 (0x0)
"Btn_Favorites"= 0 (0x0)
"Btn_Folders"= 0 (0x0)
"Btn_Fullscreen"= 0 (0x0)
"Btn_Tools"= 0 (0x0)
"Btn_MailNews"= 0 (0x0)
"Btn_Size"= 0 (0x0)
"Btn_Print"= 0 (0x0)
"Btn_Edit"= 0 (0x0)
"Btn_Discussions"= 0 (0x0)
"Btn_Cut"= 0 (0x0)
"Btn_Copy"= 0 (0x0)
"Btn_Paste"= 0 (0x0)
"Btn_Encoding"= 0 (0x0)
"Btn_PrintPreview"= 0 (0x0)
"NoFavoritesMenu"= 0 (0x0)
"NoLogoff"= 0 (0x0)
"EnforceShellExtensionSecurity"= 0 (0x0)
"NoDeletePrinter"= 0 (0x0)
"NoAddPrinter"= 0 (0x0)
"NoPrinterTabs"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [08-05-13 10:13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
07-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

R2 CBRegCap;Connected RegCap;c:\hp\i\connected\CBRegCap.EXE [03-06-03 19:06 ]
R2 ConnectedLauncher;Connected Launcher;c:\HP\i\connected\CBlaunch.exe [03-06-03 19:15 ]
R3 {A7E39B01-B403-11d4-BD18-00D0B7A1821E};AIM 3.0 Part 01 Codec Driver VCH-A;C:\WINNT\system32\drivers\Vch.sys [02-01-24 23:30 ]
S2 NECEHCD;NEC PCI to USB Enhanced Host Controller;C:\WINNT\system32\Drivers\NEHCD.sys [01-10-01 16:45 ]
S3 AEIWL;Actiontec PRISM Wireless LAN USB Driver;C:\WINNT\system32\DRIVERS\AEIWLUSB.sys [01-07-20 17:46 ]
S3 IPSECSHM;Nortel IPSECSHM Adapter;C:\WINNT\system32\DRIVERS\ipsecw2k.sys []
S3 openhci;Microsoft USB Open Host Controller Driver;C:\WINNT\system32\DRIVERS\openhci.sys [03-06-19 13:05 ]
S3 UDTT2BDA;DTV-DVB USB2 DVB-T receiver;C:\WINNT\system32\Drivers\UDTT2BDA.sys [05-12-08 12:49 ]
S3 usbhub20;USB 2.0 Root Hub Support;C:\WINNT\system32\DRIVERS\usbhub20.sys [03-06-19 13:05 ]
S3 VPNET;DTVNet Ethernet Controller;C:\WINNT\system32\DRIVERS\DTVNet.sys [04-11-09 13:04 ]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{44BBA851-CC51-11CF-AAFA-00AA00B6015C}]
rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\wpie5x86.inf,PerUserStub
.
Contents of the 'Scheduled Tasks' folder

2008-08-07 C:\WINNT\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}000.job
- C:\Program Files\Hewlett-Packard\PC COE\coecinvt.exe [01-03-29 20:08 ]

2008-08-07 C:\WINNT\Tasks\IDA{5B940D5F-0A3F-11D2-95B5-080009DC8202}001.job
- C:\Program Files\Hewlett-Packard\PC COE\coetl32.exe [01-03-22 21:59 ]

2008-08-07 C:\WINNT\Tasks\IDA{884F3959-E5F7-11D1-9B15-080009F878E4}000.job
- C:\WINNT\system32\rundll32.exe [99-12-07 14:00 ]

2008-08-07 C:\WINNT\Tasks\IDA{E1B2A4DD-AE06-4B97-9B55-8E8F1348E7FB}000.job
- C:\WINNT\system32\rundll32.exe [99-12-07 14:00 ]
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.es/
R1 -: HKCU-Internet Settings,ProxyServer = web-proxy:8088
R1 -: HKCU-Internet Settings,ProxyOverride = *.core.hp.com;*.corp.hp.com;*.cup.hp.com;<local>
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 -: {c95fe080-8f5d-11d2-a20b-00aa003c157a} - %SystemRoot%\web\related.htm

O16 -: DirectAnimation Java Classes - file://C:\WINNT\Java\classes\dajava.cab
C:\WINNT\Downloaded Program Files\DirectAnimation Java Classes.osd

O16 -: Microsoft XML Parser for Java - file://C:\WINNT\Java\classes\xmldso.cab
C:\WINNT\Downloaded Program Files\Microsoft XML Parser for Java.osd


************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-07 18:56:36
Windows 5.0.2195 Service Pack 4 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINNT\system32\winlogon.exe
-> C:\WINNT\system32\NavLogon.dll
.
Completion time: 2008-08-07 19:01:11 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-07 17:00:58

Pre-Run: 19,520,602,112 bytes free
Post-Run: 19,475,267,584 bytes free

165

Hola, sobre el Norton tendrias que probar intentar reinstalarlo nuevamente.

Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar cookies, temporales de internet y todos los archivos que este te muestre como obsoletos, y luego usa su opción de "Registro" para limpiar todo el registro de Windows (haciendo copia de seguridad).

Una vez que este termine de limpiar todo, actualiza "Java", hace una Desfragmentación del disco con la opción de Windows y pasa por www.windowsupdate.com para descargar todos los parches disponibles (si tu sistema lo permite)

• Descarga y ejecuta la utilidad Advanced WindowsCare, para reparar y optimizar a fondo tu PC.

Reinicia y nos contas los resultados.

Salu2