HACKED BY GODZILLA

Bonsoir tt le monde,
ce sujet est plutot fréquent aparament mais malgres tout je n'arrive pas à résoudre le probleme, le "Hacked by Godzilla" est constament présent dans la barre internet en haut de chaque page.
Ce serait sympa que quelqu'un me suive dans mes démarches histoire de le supprimer définitivement.

Je vous remercie d'avance.
Et Bonne année 2009.

Sinon voici le log de HijackThis :


Logfile of HijackThis v1.99.1
Scan saved at 00:43:59, on 17/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\mmc.exe
C:\WINDOWS\system32\dmremote.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\penfeunteun\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Hacked by Godzilla
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [StartupFaster] "C:\Program Files\Startup Faster\startuploader.exe" -run SFAURUN SFCURUN SFAUSTARTUP SFCUSTARTUP
O4 - HKLM\..\Run: [MS32DLL] C:\WINDOWS\MS32DLL.dll.vbs
O4 - HKLM\..\Run: [WebCam Go Sti Service Application] wbcgosvc
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Startup: Moteur du Planificateur de tâches SolidWorks.lnk = C:\Program Files\SolidWorks\swScheduler\swBOEngine.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/control [...] oader3.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V0 [...] /CTPID.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Voici le rapport, merci de ton aide.

ComboFix 09-01-17.03 - penfeunteun 2009-01-18 2:50:23.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.510.279 [GMT 1:00]
Lancé depuis: c:\documents and settings\penfeunteun\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\penfeunteun\Application Data\SystemDoctor 2006 Free
c:\documents and settings\penfeunteun\Application Data\SystemDoctor 2006 Free\Logs\update.log
c:\documents and settings\penfeunteun\Application Data\WinAntiSpyware 2006
c:\documents and settings\penfeunteun\Application Data\WinAntiSpyware 2006\Logs\update.log
C:\install.exe
C:\MS32DLL.dll.vbs
c:\program files\Fichiers communs\drivecleaner free
c:\windows\Fonts\acrsecB.fon
c:\windows\Fonts\acrsecI.fon
c:\windows\MS32DLL.dll.vbs
c:\windows\smdat32a.sys
c:\windows\smdat32m.sys
c:\windows\system32\aneukfrf.ini
c:\windows\system32\bhptaukw.ini
c:\windows\system32\crnqpnyp.ini
c:\windows\system32\dcrckexf.ini
c:\windows\system32\drivers\fad.sys
c:\windows\system32\dtermkem.ini
c:\windows\system32\emnaljbr.ini
c:\windows\system32\eohwuawl.ini
c:\windows\system32\fugghtff.ini
c:\windows\system32\gplbrmsx.ini
c:\windows\system32\hdutskik.ini
c:\windows\system32\ieqlwhwc.ini
c:\windows\system32\iwwwruco.ini
c:\windows\system32\kkarhcte.ini
c:\windows\system32\ktkmmubb.ini
c:\windows\system32\lbrdfldb.ini
c:\windows\system32\lmmppbqr.ini
c:\windows\system32\mcerbpdk.ini
c:\windows\system32\mkkvdwwd.ini
c:\windows\system32\oksblusa.ini
c:\windows\system32\onyrtluy.ini
c:\windows\system32\pfshwrbx.ini
c:\windows\system32\plelxoaj.ini
c:\windows\system32\pqtss.ini
c:\windows\system32\pqtss.ini2
c:\windows\SYSTEM32\pqtss.tmp
c:\windows\system32\pxmuhdqf.ini
c:\windows\system32\qhvbltma.ini
c:\windows\system32\qowfghns.ini
c:\windows\system32\rjrhjspp.ini
c:\windows\system32\tavxknxv.ini
c:\windows\system32\tonvvlmt.ini
c:\windows\system32\trpidbjh.ini
c:\windows\system32\ubwxwfnk.ini
c:\windows\system32\vdffmbqx.ini
c:\windows\system32\vrgitofb.ini
c:\windows\system32\vsbbfhbx.ini
c:\windows\system32\vspcyeub.ini
c:\windows\system32\wpepkvli.ini
c:\windows\system32\wqqaqxtc.ini
c:\windows\system32\xxpwpmjf.ini
c:\windows\system32\xytrtqdm.ini

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DOMAINSERVICE


((((((((((((((((((((((((((((( Fichiers créés du 2008-12-18 au 2009-01-18 ))))))))))))))))))))))))))))))))))))
.

2009-01-16 00:36 . 2009-01-16 00:36 <REP> d-------- c:\documents and settings\penfeunteun\Application Data\DAEMON Tools Pro
2009-01-16 00:36 . 2009-01-17 00:17 <REP> d-------- c:\documents and settings\penfeunteun\Application Data\DAEMON Tools
2009-01-16 00:35 . 2009-01-16 00:35 <REP> d-------- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-01-16 00:31 . 2009-01-16 00:31 <REP> d-------- c:\documents and settings\penfeunteun\Application Data\DAEMON Tools Lite
2009-01-16 00:31 . 2009-01-16 00:31 717,296 --a------ c:\windows\SYSTEM32\DRIVERS\sptd.sys
2009-01-13 22:21 . 2009-01-13 22:32 <REP> d-------- c:\windows\SYSTEM32\NtmsData
2009-01-10 16:08 . 2009-01-10 16:08 <REP> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2009-01-05 09:22 . 2009-01-05 09:23 <REP> d-------- c:\windows\SYSTEM32\Adobe
2008-12-28 00:28 . 2008-12-28 00:28 <REP> d-------- c:\program files\SystemRequirementsLab
2008-12-20 18:20 . 2008-12-20 18:20 <REP> d--hs---- c:\documents and settings\penfeunteun\UserData

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-01-16 00:32 --------- d-----w c:\program files\adslTV
2009-01-16 00:24 --------- d-----w c:\documents and settings\penfeunteun\Application Data\vlc
2009-01-11 14:58 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-12-22 13:45 --------- d-----w c:\program files\WC3Banlist
2008-12-11 11:57 333,184 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-04 20:48 --------- d-----w c:\documents and settings\penfeunteun\Application Data\dvdcss
2008-11-30 23:04 --------- d-----w c:\program files\BitComet
2008-11-22 16:42 --------- d-----w c:\program files\Eidos
2008-11-18 13:01 --------- d-----w c:\program files\Fichiers communs\SolidWorks Shared
2008-11-18 12:58 --------- d-----w c:\program files\SolidWorks
2008-11-18 12:50 --------- d-----w c:\program files\Fichiers communs\eDrawings2008
2008-11-18 12:50 --------- d-----w c:\program files\AGEIA Technologies
2005-09-10 06:34 624 -c--a-w c:\documents and settings\penfeunteun\install.cmd
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-20 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2004-08-20 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.CJPG"= ctwbjpg.dll
"vidc.mpng"= c:\program files\t@b\0.946\686\tabdec.dll
"vidc.mvjp"= c:\program files\t@b\0.946\686\tabdec.dll
"vidc.444p"= c:\program files\t@b\0.946\686\tabdec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WmdmPmSN"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\ccapp.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Documents and Settings\\penfeunteun\\Mes documents\\Warcraft III\\Warcraft III\\Frozen Throne.exe"=
"c:\\Documents and Settings\\penfeunteun\\Mes documents\\Warcraft III\\Warcraft III\\Warcraft III.exe"=
"c:\\Program Files\\Warcraft III\\ftinst.tmp\\War3.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\adslTV\\adsltv.exe"=
"c:\\Program Files\\adslTV\\vlc.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23117:TCP"= 23117:TCP:BitComet 23117 TCP
"23117:UDP"= 23117:UDP:BitComet 23117 UDP
"6113:TCP"= 6113:TCPw3

S3 0e90af35-13f2-467c-9743-c259d11ec5f7;0e90af35-13f2-467c-9743-c259d11ec5f7;\??\d:\player\cds300.dll --> d:\player\cds300.dll [?]
S3 krdpdre;krdpdre;\??\c:\docume~1\PENFEU~1\LOCALS~1\Temp\krdpdre.sys --> c:\docume~1\PENFEU~1\LOCALS~1\Temp\krdpdre.sys [?]
S3 NPF;NetGroup Packet Filter Driver;c:\windows\SYSTEM32\DRIVERS\npf.sys [2005-08-02 32512]
S3 WBCGOHAL;WBCGOHAL;c:\windows\SYSTEM32\DRIVERS\wbcgohal.sys [2005-02-19 6592]
S3 WBCGOVID;Video Blaster WebCam Go (WDM);c:\windows\SYSTEM32\DRIVERS\wbcgovid.sys [2005-02-19 86656]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'

2008-12-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

2009-01-18 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2008\OneClickStarter.exe [2008-04-22 13:17]

2004-02-21 c:\windows\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job
- c:\windows\System32\OOBE\OOBEBALN.EXE [2004-08-20 00:09]

2004-05-08 c:\windows\Tasks\Symantec NetDetect.job
- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2002-08-19 17:07]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-StartupFaster - c:\program files\Startup Faster\startuploader.exe


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-18 02:56:00
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OOCC06.00.00.01WSSV"="665AA414DEF73A9EBFB72278C8E0C39209E2ACE2EDC51B6DFA87B59A1FB58E493DDCA0E0D2A1D948E5956CF88E18F328D1622A38268A335CC88847B3C92C3BBEF07B27F1DEDC3D4C929B85B3AE218B762E6DB948E22DF57F62F2337750FEFE679B0B5BF3FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933BA7FD869164D67948EDD5E5BE2F6E6675D575E7D6A3B9808FE1611E25E3543E06168429F70F97937DDD7A821595DC21C1958C938F8C5CD55DE33B46F93BFED84F0A730F606DD74A4A08F3A29CA28D786BC1DD911CDA4B2F0D0A4C2908FE582C2ABF5BE089E2EC6A8BE4BF49A56A1E8E44EBC7578F50A732767521DC006281870B016456C8B978F8B854644508ABE3810E30E3BA960531801264BB9BBE06D9E68136D2F0251A8BF16B462A86A2AD6DC638C8761A429C1FC090AC023043B0154865A09FBEA2B569C1801A0374A2BA7C03EC948302D267B51D1800B78DEE58FCD2E8017BE8E85F641E391AA961838D024048E1087CC5E0A99EEE9A06A54E42C7643F6E89D1581C49B5102CC8440B057989C45C3564F0CD8ACF91E224031724D89B11E77556E76E16BB86476D0EF26228573CAEAA244213BB70E674FD387F94E96E54EDCB4CCEACF47F9BAB9DF9A5FFE2478F03506003FE6B84D0190932D1BEB045152581FA420F59A787DD12978569E869F7B72AD9BBDF284DC20ED823AACC98AE9E9CB0CB184A021991A18B9053B140C5FA396D9F12ADF4363E994B58C356D3629C63F06F0BF7E6D496E8CB17DEED96E3596BB60A2420DEE0E76D8D745F1C2E70D905DACA5A9A4E675CFD4C56589C9369FF51EAC93793FD98F562FA748D3965596E17433D45187C31085383E0653A542A2D59E396CF82226190AB1763FFE1B064CCA77614976049410CCA1F6684D91C6C5404317981B41CB67099E2C184B6857B74DFE921210D93AF0D4A15F5C28174914B033ED49EE0F17B3BAD64104C5F77A65E1C33500482D6BB1426CFCF44B20261E1B3C75713860A6BF01614577AF28F2E7F025CDA8F9033053ACD8670951000A76E0CFFA4AEFEEEFD02A67D92C7C3B9BD4DBA7F1E7394967DD1FE4CB3487687836DD81E04FBFD7B9AF7E38361E56D71F4675EFCD5B4B4DC1DA1B2E6A56727349F75D0C1B41099C9FA737C3A21018887FD8034A2064A744C75A14799591479C27DCA04B3424DD23120B02A00086523C112FC1263EAA7DC4CF6EF1AF374D70C50F06DCBEC7BF06B3D4AC820A3E4A4A43FCEE5F140D97AE4A0AAC115ACB340D32D41D3C8D89A0FC7D7F66CCDBE46878D5BE417F4D8858503377B0C12C63366F0A204D5B003C16F210FC94EB998EB2098EA9D2B8ABC0DF2B44ED1A4776A2071E5AEAC5C9823AB5CA610E18DD68E73E5C6A60D616AE5864"
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\SYSTEM32\CTSVCCDA.EXE
c:\windows\wanmpsvc.exe
c:\windows\SYSTEM32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-01-18 3:02:50 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-01-18 02:02:40

Avant-CF: 4 883 329 024 octets libres
Après-CF: 5,030,981,632 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn

194 --- E O F --- 2009-01-14 20:25:56

Voici le nouveau log :

Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1665
Windows 5.1.2600 Service Pack 2

18/01/2009 18:55:53
mbam-log-2009-01-18 (18-55-53).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 129658
Temps écoulé: 3 hour(s), 4 minute(s), 45 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 2
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0} (Adware.NetOptimizer) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\SYSTEM32\ustart.exe (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\SYSTEM32\osconfig.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.

Logfile of HijackThis v1.99.1
Scan saved at 21:06:45, on 18/01/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\penfeunteun\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.srtest.com/srl_bin/sysreqlab_srl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/control [...] oader3.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V0 [...] /CTPID.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Fichiers communs\SolidWorks Shared\Service\SolidWorksLicensing.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Tu as connecté un périphérique externe entre temps ? Et tu vas te décider à installer un antivirus quand ?

Sinon à propos du pare feu windows il est désactivé et je ne peux pas le réactivé, une fenetre m'en empeche à chaque fois "En raison d'un probleme non identifié, windows ne peut pas afficher les parametres du pare-feu windows.