Al buscar en google me manda a otra página

Hola amigos, mi problema es que cuando entro a google y busco algo, la URL de mi navegador IE 6.0 cambia a una pagina zonagamers.com o algo asi, pero la página en si realiza la búsqueda como si fuera google, una vez que le doy a un enlace para ver la información de búsqueda, me manda a otra página. También mi restaurar el sistema ha sido desactivado y no puedo activarlo ni en MIPC-Propiedades-restaurar... por que no aparece. Los métodos que he usado ha sido pasar con el Anti-Malaware y el nod 32 y el problema persiste así que encontre este fabuloso foro y use el HijackThis 2.0.2 para hacer un log que es este:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:56:39 a.m., on 15/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\LogWatNT.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSAS10.MSSQLSERVER\OLAP\bin\msmdsrv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http:\\www.zonagamerz.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: 97.74.194.111 www.viabcp.com
O1 - Hosts: 97.74.194.111 viabcp.com
O1 - Hosts: 97.74.194.111 www.bcpzonasegura.viabcp.com
O1 - Hosts: 97.74.194.111 bcpzonasegura.viabcp.com
O1 - Hosts: 97.74.194.111 www.scotiabank.com.pe
O1 - Hosts: 97.74.194.111 scotiabank.com.pe
O1 - Hosts: 97.74.194.111 scotiaenlinea.scotiabank.com.pe
O1 - Hosts: 97.74.194.111 www.scotiaenlinea.scotiabank.com.pe
O1 - Hosts: 97.74.116.108 www.portalxd.com
O1 - Hosts: 97.74.116.108 portalxd.com
O1 - Hosts: 97.74.116.108 www.gamerzlove.com
O1 - Hosts: 97.74.116.108 gamerzlove.com
O1 - Hosts: 97.74.116.108 www.tux-hack.net
O1 - Hosts: 97.74.116.108 tux-hack.net
O1 - Hosts: 97.74.116.108 wwww.bloodzone.net
O1 - Hosts: 97.74.116.108 bloodzone.net
O1 - Hosts: 97.74.116.108 www.analea.com
O1 - Hosts: 97.74.116.108 analea.com
O1 - Hosts: 97.74.116.108 forospyware.com
O1 - Hosts: 97.74.116.108 www.forospyware.com
O1 - Hosts: 97.74.116.108 lukor.com
O1 - Hosts: 97.74.116.108 www.lukor.com
O1 - Hosts: 97.74.116.108 kioskea.net
O1 - Hosts: 97.74.116.108 www.google.com.pe
O1 - Hosts: 97.74.116.108 google.com.pe
O1 - Hosts: 97.74.116.108 www.kioskea.net
O1 - Hosts: 97.74.116.108 es.kioskea.net
O1 - Hosts: 97.74.116.108 norton.com
O1 - Hosts: 97.74.116.108 www.norton.com
O1 - Hosts: 97.74.116.108 safeweb.norton.com
O1 - Hosts: 97.74.116.108 wilkinsonpc.com.co
O1 - Hosts: 97.74.116.108 www.wilkinsonpc.com.co
O1 - Hosts: 97.74.116.108 comunidad.wilkinsonpc.com.co
O1 - Hosts: 97.74.116.108 chema999.wordpress.com
O1 - Hosts: 97.74.116.108 forosperu.net
O1 - Hosts: 97.74.116.108 www.forosperu.net
O1 - Hosts: 97.74.116.108 soporte.miarroba.com
O1 - Hosts: 97.74.116.108 configurarequipos.com
O1 - Hosts: 97.74.116.108 www.configurarequipos.com
O1 - Hosts: 97.74.116.108 vbhispano.com
O1 - Hosts: 97.74.116.108 www.vbhispano.com
O1 - Hosts: 97.74.116.108 es.answers.yahoo.com
O1 - Hosts: 97.74.116.108 9reyes.net
O1 - Hosts: 97.74.116.108 www.9reyes.net
O1 - Hosts: 97.74.116.108 hacksantana.com
O1 - Hosts: 97.74.116.108 www.hacksantana.com
O1 - Hosts: 97.74.116.108 trucoswindows.net
O1 - Hosts: 97.74.116.108 www.trucoswindows.net
O1 - Hosts: 97.74.116.108 atevip.net
O1 - Hosts: 97.74.116.108 atrapadoz.com
O1 - Hosts: 97.74.116.108 bateriaseria.biz
O1 - Hosts: 97.74.116.108 bateriaseria.info
O1 - Hosts: 97.74.116.108 bateriafina.org
O1 - Hosts: 97.74.116.108 bateriaseria.net
O1 - Hosts: 97.74.116.108 bautizame.org
O1 - Hosts: 97.74.116.108 buenamusica.com
O1 - Hosts: 97.74.116.108 caidos.net
O1 - Hosts: 97.74.116.108 caleta.com.pe
O1 - Hosts: 97.74.116.108 caleta.tk
O1 - Hosts: 97.74.116.108 nuevaq.net
O1 - Hosts: 97.74.116.108 callevip.com
O1 - Hosts: 97.74.116.108 enladisco.com
O1 - Hosts: 97.74.116.108 fulltono.com
O1 - Hosts: 97.74.116.108 musica.com
O1 - Hosts: 97.74.116.108 thedaniex.com
O1 - Hosts: 97.74.116.108 trikool.com.pe
O1 - Hosts: 97.74.116.108 unvicio.net
O1 - Hosts: 97.74.116.108 yumusica.com
O1 - Hosts: 97.74.116.108 zonamusical.net
O1 - Hosts: 97.74.116.108 cholotube.com
O1 - Hosts: 97.74.116.108 macizorras.com
O1 - Hosts: 97.74.116.108 quevideos.com
O1 - Hosts: 97.74.116.108 videosgratis.tv
O1 - Hosts: 97.74.116.108 guiaporno.com
O1 - Hosts: 97.74.116.108 unaspajas.com
O1 - Hosts: 97.74.116.108 videosgratis.net
O1 - Hosts: 97.74.116.108 cuantosexo.com
O1 - Hosts: 97.74.116.108 marqueze.net
O1 - Hosts: 97.74.116.108 iberporno.com
O1 - Hosts: 97.74.116.108 muyzorras.com
O1 - Hosts: 97.74.116.108 viendosexo.com
O1 - Hosts: 97.74.116.108 petardas.com
O1 - Hosts: 97.74.116.108 babosas.com
O1 - Hosts: 97.74.116.108 redtube.com
O1 - Hosts: 97.74.116.108 pornhub.com
O1 - Hosts: 97.74.116.108 pornotube.com
O1 - Hosts: 97.74.116.108 xvideos.com
O1 - Hosts: 97.74.116.108 www.atevip.net
O1 - Hosts: 97.74.116.108 www.atrapadoz.com
O1 - Hosts: 97.74.116.108 www.bateriaseria.biz
O1 - Hosts: 97.74.116.108 www.bateriaseria.info
O1 - Hosts: 97.74.116.108 www.bateriafina.org
O1 - Hosts: 97.74.116.108 www.bateriaseria.net
O1 - Hosts: 97.74.116.108 www.bautizame.org
O1 - Hosts: 97.74.116.108 www.buenamusica.com
O1 - Hosts: 97.74.116.108 www.caidos.net
O1 - Hosts: 97.74.116.108 www.caleta.com.pe
O1 - Hosts: 97.74.116.108 www.caleta.tk
O1 - Hosts: 97.74.116.108 www.nuevaq.net
O1 - Hosts: 97.74.116.108 www.callevip.com
O1 - Hosts: 97.74.116.108 www.enladisco.com
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Inicio rápido de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1241745923031
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Event Log Watch (LogWatch) - Unknown owner - C:\WINDOWS\LogWatNT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe

--
End of file - 12680 bytes


Bueno amigos, espero me puedan ayudar, y muchas gracias de antemano.

Amigo muchas gracias por averme respondido, he solucionado el problema del redireccionamiento de la´página pero el restaurar sistema no me funciona aparece como desactivado y me voy a MiPC-Propiedades-restaruar sistema para activarlo pero no aparece la opción, y tengo una duda y es que en el log de hijackthis sale la página zonagamers.com y no se si devo borrala , que me recomiendas aquí te lo dejo:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:45:14 p.m., on 15/05/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\LogWatNT.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\MSAS10.MSSQLSERVER\OLAP\bin\msmdsrv.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\mqsvc.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http:\\www.zonagamerz.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Aplicación auxiliar de vínculos de Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICIO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Servicio de red')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Inicio rápido de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: E&xportar a Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Consola de Sun Java - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra button: Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar a OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1241745923031
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Event Log Watch (LogWatch) - Unknown owner - C:\WINDOWS\LogWatNT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe

--
End of file - 8112 bytes


Amigo de verdad muchas gracias por tu ayuda, sino fuera por gente como tú donde estariamos , de antemano gracias.

Hola amigo, disculpa la demora, hize todos los pasos que me dijiste y aqui te dejo el log de ComboFix:

Log ComboFix:

ComboFix 09-05-17.07 - GrimaldoCV 18/05/2009 10:40.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.52.1033.18.1014.487 [GMT -5:00]
Running from: c:\documents and settings\GrimaldoCV\Desktop\ComboFix.exe

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\recycler\k-1-3542-4232123213-7676767-8888886
c:\recycler\k-1-3542-4232123213-7676767-8888886\Desktop.ini
c:\windows\system32\Cache

.
((((((((((((((((((((((((( Files Created from 2009-04-18 to 2009-05-18 )))))))))))))))))))))))))))))))
.

2009-05-14 15:11 . 2009-05-14 15:11 -------- d-----w c:\program files\Trend Micro
2009-05-13 20:47 . 2009-05-13 20:47 -------- d-----w c:\documents and settings\GrimaldoCV\Application Data\Malwarebytes
2009-05-13 20:47 . 2009-05-13 20:47 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-13 18:42 . 2009-05-13 18:42 -------- d-----w c:\documents and settings\GrimaldoCV\Local Settings\Application Data\GlobalSCAPE
2009-05-13 18:42 . 2009-05-13 18:42 -------- d-----w c:\documents and settings\All Users\Application Data\GlobalSCAPE
2009-05-13 16:38 . 2009-05-13 16:38 -------- d-----w c:\documents and settings\GrimaldoCV\Application Data\GlobalSCAPE
2009-05-13 16:29 . 2009-05-13 16:29 -------- d-----w c:\program files\GlobalSCAPE
2009-05-08 01:28 . 2008-10-16 19:09 43544 ----a-w c:\windows\system32\wups2.dll
2009-05-06 00:29 . 2009-05-06 00:11 -------- d-----w C:\Examen
2009-05-05 23:59 . 2009-05-05 23:59 -------- d-----w c:\documents and settings\Administrator\Nueva carpeta
2009-04-28 23:17 . 2009-04-28 23:18 -------- d-----w C:\Seminario 1 en 192.168.106.153
2009-04-28 02:00 . 2009-04-28 23:48 -------- d-----w c:\documents and settings\GrimaldoCV\.netbeans-derby
2009-04-28 01:58 . 2009-04-28 01:58 -------- d-----w c:\documents and settings\GrimaldoCV\.netbeans
2009-04-28 01:55 . 2009-04-28 01:55 -------- d-----w c:\documents and settings\GrimaldoCV\.netbeans-registration
2009-04-28 01:52 . 2009-04-28 02:00 -------- d-----w c:\program files\glassfish-v2ur2
2009-04-28 01:46 . 2009-05-12 23:34 -------- d-----w c:\program files\NetBeans 6.1
2009-04-28 01:45 . 2009-04-28 01:58 -------- d-----w c:\documents and settings\GrimaldoCV\.nbi
2009-04-28 01:40 . 2009-04-28 01:40 -------- d-----w c:\documents and settings\GrimaldoCV\Local Settings\Application Data\{32A3A4F2-B792-11D6-A78A-00B0D0150070}

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-18 15:35 . 2009-02-04 12:03 -------- d-----w c:\program files\Eset
2009-05-13 21:01 . 2009-03-18 22:48 -------- d-----w c:\program files\Microsoft Windows Security Update
2009-05-13 16:29 . 2006-10-26 06:19 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-28 01:44 . 2006-10-26 06:19 -------- d-----w c:\program files\Java
2009-04-06 05:09 . 2009-04-06 05:05 -------- d-----w c:\program files\MinuteMan
2009-04-03 20:40 . 2009-03-20 18:02 28672 ----a-w C:\NTDET.EXE
2009-03-27 17:38 . 2009-03-27 17:38 -------- d-----w c:\program files\Common Files\NSV
2009-03-27 17:36 . 2009-03-27 17:36 -------- d-----w c:\program files\Common Files\Nullsoft
2009-03-24 17:51 . 2009-02-12 16:35 -------- d-----w c:\program files\Macromedia
2009-03-21 22:41 . 2009-03-20 18:44 49152 ----a-w C:\explorers.exe
2009-03-21 16:17 . 2009-03-21 16:17 -------- d-----w c:\program files\Common Files\TechSmith Shared
2009-03-21 16:17 . 2009-03-21 16:17 -------- d-----w c:\program files\TechSmith
2009-03-21 16:10 . 2006-10-26 05:25 89784 ----a-w c:\documents and settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-03-21 15:38 . 2009-02-12 16:35 -------- d-----w c:\program files\Common Files\Macromedia
2009-03-20 22:03 . 2009-03-20 22:03 -------- d-----w c:\program files\Common Files\Windows Live
2009-03-20 18:06 . 2009-03-20 18:06 328 ----a-w c:\documents and settings\GrimaldoCV\DDxDDD.EXE
2009-03-20 03:58 . 2009-03-20 03:58 -------- d-----w c:\program files\FDRLab
2009-03-18 22:48 . 2009-03-18 22:47 987483 ----a-w c:\documents and settings\GrimaldoCV\explods.exe
2009-03-15 05:01 . 2009-02-20 00:33 30 ----a-w c:\windows\popcinfo.dat
2009-03-02 21:06 . 2009-02-26 22:19 664 ----a-w c:\windows\system32\d3d9caps.dat
2007-01-07 11:22 . 2009-02-03 22:33 0 --sha-w c:\windows\SMINST\HPCD.SYS
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2006-03-16 15360]
"MsnMsgr"="c:\program files\MSN Messenger\MsnMsgr.Exe" [2009-03-05 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UserFaultCheck"="c:\windows\system32\dumprep 0 -u" [X]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"hpWirelessAssistant"="c:\program files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-05-03 458752]
"SunJavaUpdateSched"="c:\program files\Java\jre1.5.0_07\bin\jusched.exe" [2006-05-03 36975]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-23 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-23 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-23 118784]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-17 794713]
"QPService"="c:\program files\HP\QuickPlay\QPService.exe" [2006-07-12 102400]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"QlbCtrl"="c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-06-19 163840]
"Cpqset"="c:\program files\HPQ\Default Settings\cpqset.exe" [2006-01-26 40960]
"RecGuard"="c:\windows\SMINST\RecGuard.exe" [2005-10-11 1187840]
"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]
"MsmqIntCert"="mqrt.dll" - c:\windows\system32\mqrt.dll [2006-03-16 177152]
"High Definition Audio Property Page Shortcut"="CHDAudPropShortcut.exe" - c:\windows\system32\CHDAudPropShortcut.exe [2006-06-23 61952]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-16 15360]

c:\documents and settings\GrimaldoCV\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-2-3 546816]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Inicio r*pido de HP Photosmart Premier.lnk - c:\program files\HP\Digital Imaging\bin\hpqthb08.exe [2005-9-24 73728]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Pavilion Webcam Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Pavilion Webcam Tray Icon.lnk
backup=c:\windows\pss\HP Pavilion Webcam Tray Icon.lnkCommon Startup

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\mqsvc.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=

R2 LogWatch;Event Log Watch;c:\windows\LogWatNT.exe [08/06/2000 01:15 p.m. 50176]
R2 MsDtsServer100;SQL Server Integration Services 10.0;c:\program files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [10/07/2008 01:22 a.m. 218136]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS10.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [10/07/2008 02:22 a.m. 1106968]
S4 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [10/07/2008 01:15 a.m. 31256]
S4 MSSQLServerADHelper100;Servicio auxiliar de SQL Active Directory;c:\program files\Microsoft SQL Server\100\Shared\sqladhlp.exe [10/07/2008 04:49 a.m. 47128]
S4 RsFx0102;RsFx0102 Driver;c:\windows\system32\drivers\RsFx0102.sys [10/07/2008 02:49 a.m. 242712]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{23KLN5J0-4OPM-11WE-AAX5-24EF1F187332}]
c:\recycler\k-1-3542-4232123213-7676767-8888886\r00t.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{67KLN5J0-4OPM-00WE-AAX5-77EF1D187322}]
c:\restore\k-1-3542-4232123213-7676767-8888886\Ogard.exe
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com.pe/
mStart Page = hxxp:\\www.zonagamerz.com
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
IE: E&xportar a Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-18 10:45
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = c:\program files\HPQ\Default Settings\cpqset.exe?????? ???@???????????????@? ????[????????@???????@

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2009-05-18 10:47
ComboFix-quarantined-files.txt 2009-05-18 15:47

Pre-Run: 34,410,233,856 bytes free
Post-Run: 34,480,824,320 bytes libres

156


Muchas Gracias de Antemano Amigo !!