Hola amigos, tengo un lio con unos virus que me estan afectando mi pc. Resulta que ya he formateado e instalado windows xp SP2 y apenas me conecto a internet para actualizar el antivirus Avast 4.8 de una se me activa la alerta del Avast y me dice que encontro un virus en C:\WINDOWS\file.bat, lo elimino pero al siguiente reinicio vuelve a salir. Estuve mirando su contenido por medio del bloc de notas y trae una lìnea de comandos "netsh firewall set opmode DISABLE
del %0" que de una me desactiva el Firewall de Windows. No se como hacer para eliminarlo definitivamente. Aparece luego otro llamado protect.sys, al abrirlo en bloc de notas sale una serie de simbolos ilegibles:

MZ�   ÿÿ ¸ @ È º ´ Í!¸
LÍ!This program cannot be run in DOS mode.

$ÉtƒÈÿé ‹Uüƒz uVjj ÿP
‹Mü‰A‹Uüƒz u
¸š Àéé
jj ‹Eü‹HQè+' ƒÄ ‹Uü‹BÇ ÿÿÿÿj j ‹Mü‹QƒÂRÿ8P
h€b
�EôPÿ\P
‹Mü‹QƒÂR‹Eü‹HQ‹UüŠBP‹Mü‹QR�EôPèg ‰Eðƒ}ð }!‹Mü‹QÇB ‹Eü‹HÇ
ÿÿÿÿ‹EðéU
‹Uü‹B P‹Mü‹Q‹BPè— ‰Eðƒ}ð }?‹Mü‹Q‹Jÿ<P
‹Eü‹HÇA ‹Uü‹B‹Qÿ´P
‹Uü‹BÇ ÿÿÿÿ‹Eðé÷ ‹Mìf‹QR‹Eì‹HQ‹Uü‹B‹HQè!
_^[‹å]Â ÌÌÌÌÌÌÌÌÌÌÌÌÌÌÌU‹ìjÿhHQ
h*C
d¡ Pd‰% ƒÄ¸SVW‰eè‹EPÿ`P
‰EÌj j �M¸Qÿ8P
jFj ÿP
‰Eäƒ}ä u
¸š Àé_ jFj ‹UäRèÿ ƒÄ ‹EäÇ@ ‹MäÇA ‹UäƒÂ‰U´‹E´Ç@ ‹M´ƒÁ‹U´‰J‹E´‹H‰Mà‹UàÇ
‹EàfÇ@ ‹MàfÇA �UØR�E¸Pj
j j j j ‹MÌQjÿ°P
‰EЃ}Ð uj ‹UäRÿP
¸š Àé»
ƒ} „§ j j j ‹EP‹MQÿtP
‰EÔƒ}Ô u ‹UÐRÿpP
j ‹EäPÿP
¸š Àét
ÇEü j
j ‹MÔQÿlP
ÇEÈ ÇEüÿÿÿÿë7¸
Ëeè‹UÔRÿhP
‹EÐPÿpP
j ‹MäQÿP
ÇEÈè ÀÇEüÿÿÿÿƒ}È }‹EÈé

3Òtj
j
j
j j ‹EÐPèF ëj j j j j ‹MÐQè1 ‹UЋB`ƒè$‰E¬‹M¬Æ
‹U¬ÆB

‹E¬‹M̉H‹U¬‹E‰B‹M¬ƒÁ‰M°‹U°‹E‰‹M°‹Uä‰Q‹E°‹M´ ‰H‹U°‹E‰B ‹M÷ÙÉ#MÔ‹UЉJ‹UЋMÌÿXP
‰EÈ�}È
uj j j j �E¸Pÿ(P
‹M؉Mȃ} t‹U ‹Eà‹H
‰
ƒ} t
‹U‹Eàf‹Hf‰
À‹EüÇ@ éä �}ì  r �}ø  s‹MüÇA
À‹UüÇB é¹ ‹E´‰Eè‹M胹
| ‹U胺

s‹EüÇ@
À‹MüÇA é‚ ‹Uè�º
 v ÇE*  ë ‹E苈
‰M*j ‹U*R‹E°
P‹Mè‹‘
RèZáÿÿƒÄ‰Eð·Eð‹M°‰�
‹UüÇB  3Àƒ}ð ŸÀƒè
%
À‹Mü‰Aë
‹UüÇBƒ
À2Ò‹Müÿ|P
‹Eƒx$ t
�MÐQÿxP
é»ûÿÿévûÿÿ‹å] ´:
¿;
V<
==
<>

ÌÌÌÌÌÌÌÌÌÌÌU‹ìQj,j ÿP
£´c
ƒ=´c
u
¸ Àéî j,j ¡´c
Pè… ƒÄ ‹
´c
ÇA( ‹´c
Rè¿
¡´c
ƒÀPèÑ
j j
‹
´c
ƒÁ Qÿ8P
‹´c
RhÐ9
j j j j ¡´c
ƒÀPÿ4P
‰Eüƒ}ü }j ‹
´c
QÿP
Ç´c
ëPj ‹´c
ƒÂ Rj j hÿ ¡´c
‹HQÿ0P
‰Eüƒ}ü }j ‹´c
RÿP
Ç´c
ë3À…iÿÿÿÆ°c

‹Eü‹å]ÃÌÌÌÌÌÌÌÌU‹ìƒìƒ} t(�EøP‹MQÿ”P
‰Eüƒ}ü }‹EüëV‹´c
‹Eø‰B$‹M ‹Q`¶BƒÈ
‹M ‹Q`ˆB¡´c
ƒÀP‹U ƒÂX‹
´c
ÿ�P
j j ‹
´c
ƒÁ Qÿ@P
¸
‹å]Â ÌÌÌÌÌÌÌÌÌÌÌÌU‹ìQ¡´c
ƒÀ(¹
ðÁj j ‹´c
ƒÂ Rÿ@P
j j
j j ¡´c
‹H Qÿ(P
‰Eüj ‹´c
RÿP
Æ°c
‹Eü‹å]ÃU‹ì‹E‹M‰H‹U‹E‰] ÌÌÌÌÌÌÌÌU‹ì‹EÇ ] U‹ìƒì ‹E ‹H`‰Mð‹U ‹B ‰Eì‹Mð‹Q‰Uô‹E ‹H ‰Mè‹Uð‹B‰Eø‹Mð‹Q ‰UüÇEä ‹Eð‹H ‰Mà‹Uà�Âßÿ|‰Uàƒ}à4w0‹Eඈ´A
ÿ$�*A
ë'ë%ë#‹U Rjè`þÿÿ‰Eä‹E ‹Mä‰Hë
‹U ÇB
À�}ä
t‹E ‹Mä‰H2Ò‹M ÿ|P
‹Eä‹å]Â ‹ÿOA
QA
SA
UA
nA

 ÌÌÌÌÌÌÌU‹ìƒìÇEô h<c
�EìPÿ\P
�MôQj
j h ƒ �UìRj‹EPÿ*P
‰Eäƒ}ä |U‹Mô‹Q(‰Uèh\c
�EøPÿ\P
�MìQ�UøRÿœP
‰Eä‹EÇ@pà@
‹M‹U‹Bp‰A@‹M‹U‹B@‰A8‹MÇA4P
ƒ}ä }ƒ}ô t
‹UôRÿ˜P
‹Eä‹å] ÌÌÌÌÌÌÌÌÌÌU‹ìƒì h„c
�EøPÿ\P
�MøQÿ¤P
‰Eô‹U‹BPÿ˜P
‹Eô‹å]Â ÿ%´P
ÿ%¬P
ÿ%¨P
ÿ%\P
ÿ%P
ÿ%P
ÿ%P
ÿ%P
ÿ% P
ÿ%$P
ÿ%(P
ÿ%,P
ÿ%0P
ÿ%4P
ÿ%8P
ÿ%<P
ÿ%@P
ÿ%DP
ÿ%HP
ÿ%LP
ÿ%PP
ÿ%TP
ÿ%XP
ÿ%°P
ÿ%`P
ÿ%dP
ÿ%hP
ÿ%lP
ÿ%pP
ÿ%tP
ÿ%xP
ÿ%|P
ÿ%€P
ÿ%„P
ÿ%ˆP
ÿ%ŒP
ÿ%�P
ÿ%”P
ÿ%˜P
ÿ%œP
ÿ%*P
ÿ%¤P
ÿ%P
ÿ% P
ÿ%P
èU ÔU öU ¶R ÆR ÚR ìR þR S ,S DS XS tS ŒS *S ¸S ÆS ÜS æS ðS T
T žR :T VT bT nT „T �T *T ºT ÐT ðT U U 4U TU rU „U œU ®U ’R †R T |R ócÄF  ; ÜP Ü8 RSDS# f!ÅKN¤u¹Ìü·.�
c:\work\mailman\output\protect.pdb ÿÿÿÿ½
Ã
ÿÿÿÿ


ÿÿÿÿµ.
».
ÿÿÿÿ^1
d1
ÿÿÿÿ’3
˜3
ÿÿÿÿ‚5
ˆ5
ÿÿÿÿ´7
º7
ÐQ ÆU P ÀQ V P èU ÔU öU ¶R ÆR ÚR ìR þR S ,S DS XS tS ŒS *S ¸S ÆS ÜS æS ðS T
T žR :T VT bT nT „T �T *T ºT ÐT ðT U U 4U TU rU „U œU ®U ’R †R T |R ^ZwClose 1 DbgPrint ˆZwOpenKey lRtlInitUnicodeString ÃZwSetValueKey W ExFreePoolWithTag B ExAllocatePool ©ZwQueryValueKey mZwDeleteValueKey åPsTerminateSystemThread ®KeWaitForSingleObject ß_except_handler3 mObReferenceObjectByHandle ‘PsCreateSystemThread JKeInitializeEvent uObfDereferenceObject “KeSetEvent iObOpenObjectByName "wcsncmp memset cZwCreateFile
memcpy
IofCallDriver S
IoBuildDeviceIoControlRequest ž
IoGetRelatedDeviceObject RtlAssert ‰
IoFreeMdl
MmProbeAndLockPages ˆ
IoFreeIrp J
IoAllocateMdl ¨KeUnstackDetachProcess IofCompleteRequest £ ExfInterlockedRemoveHeadList ¡KeStackAttachProcess ˜KeSetPriorityThread 9KeGetCurrentThread * ExfInterlockedInsertTailList ÊPsLookupProcessByProcessId v
IoDeleteDevice l
IoCreateSymbolicLink c
IoCreateDevice x
IoDeleteSymbolicLink ntoskrnl.exe @ KeGetCurrentIrql M KfLowerIrql N KfRaiseIrql HAL.dll S t a r t DriverEntry(%x, %ws)
EX: Pageable code called at IRQL %d
\ f i l e s y s t e m N t f s ..\..\..\src\protect\prot\wob.c ASSERT %s(%d)
..\..\..\src\protect\prot\wob.c ASSERT %s(%d)
..\..\..\src\protect\prot\wob.c ASSERT %s(%d)
..\..\..\src\protect\prot\wob.c ASSERT %s(%d)
..\..\..\src\protect\prot\wob.c ASSERT %s(%d)
..\..\..\src\protect\prot\wob.c ASSERT %s(%d)
..\..\..\src\protect\prot\wob.c ASSERT %s(%d)
..\..\..\src\protect\prot\wob.c ASSERT %s(%d)
..\..\..\src\protect\prot\wob.c ASSERT %s(%d)
..\..\..\src\protect\prot\wob.c ASSERT %s(%d)
\ D e v i c e \ U d p \ D e v i c e \ T c p \ D e v i c e \ T c p TransportAddress ConnectionContext (InvokeOnSuccess || InvokeOnError || InvokeOnCancel) ? (CompletionRoutine != NULL) : TRUE C:\winddk\6000\inc\ddk\wdm.h \ D e v i c e \ p r o t e c t \ D o s D e v i c e s \ p r o t e c t \ D o s D e v i c e s \ p r o t e c t 
  € 

0 € 
 H Xp V ä <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
</assembly>PAPADDINGXXPADDINGPADDINGXXPADDINGPADDING XXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXX PADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPA DDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADD INGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDIN GPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGP ADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDING  À &0<0¼0]1�1Û1 2A2d2r2{2“2º2Ï2 33&3+3U3_3d3n3ß3å3ö344&43494I4T4[4a4h4…4‘4—4¤4«4±4·4½4à4å4û4 5P5q5„5�5™5×5Ü5ò5÷5
6666¬7Ó7Ø7ñ7ö788v8{8£8¨8Á8Æ8_9¼9Æ9Õ9ß9F:í:;;2 ;H;T;<N<S<]<Ý<ù<R=n= € ·2¯4ò4Š5™5¿5Ô5/6r6Ð6ß677<7M7k78"8l8}8›8"9@9l9}9›9:8:\:m:w:I;^ ;ð;< <<<M<k<=.=V=[=|=�=—=&>;>c>v>‚>¡>Ä>Î>Ú>ƒ?¡?³?ö?û? 0 Ì 0-070Ï0ä0 11+1J1m1w1ƒ1>2\2’2Æ2Ë2ì2ý23L3_3~3¡3«3T4r4¶4»4Ü4í 45<5O5n5‘5›5D6b6¦6«6Ì6Ý6ê6.7C7b7u7�7*7Ã7Í7Ù7}8›8Ú 8A9F9L9à9õ9: :/:©:°:M>`>t>x>|>€>„>ª>¯>µ>Ë>Ú>ç>ò>????(?2?C?J?P ?^?p?z?‹?’?˜?¬?Ö?ê? @ ¨ 00!0+050U0k0u0‚0Œ0—0ž0¤0D1K1‘1*1¤1¨1¬1°1þ12%2<2 F2T2a2ƒ2™2·2Á2Ë2Û2ê2ð2ö2ü233333 3&3,32383>3D3J3P3V3\3b3h3n3t3z3€3†3Œ3’3˜3ž3¤3ª3°3¶ 3¼3Â3È3Î3Ô3Ú3à3æ3ì3ò3 P $ 1 1,101<1@1L1P1\1`1l1p1|1€1 Si alguien sabe como solucionar el problema le agradezco, ya que no quiero formatear otra vez.

Mil gracias.