Analyse rapport HijackThis

Bonjour,

Mon PC semble sérieusement infecté, voici le rapport HijackThis effectué en mode sans échec.
Si quelqu'un peut m'aider car je galère sec. Merci d'avance.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:41:45, on 25/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Safe mode

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\yhqcw.dll/sp.html#93256
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\yhqcw.dll/sp.html#93256
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\yhqcw.dll/sp.html#93256
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: etlrlws - {576A0968-A5A3-4772-81B8-171E9F2032D9} - C:\WINDOWS\etlrlws.dll
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [PrevxOne] "C:\Program Files\Prevx1\PXConsole.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [hkfidore] rundll32.exe "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\ritsretobit.sys" WLEntryPoint
O4 - HKLM\..\Run: [autoload] C:\Documents and Settings\LocalService\Local Settings\Application Data\windowsupdate.exe
O4 - HKLM\..\Run: [ntuser] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKLM\..\Run: [tfgdn] rundll32.exe "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\ritsretobit.sys" WLEntryPoint
O4 - HKLM\..\Run: [BMbf24dfa1] Rundll32.exe "C:\WINDOWS\system32\dpwtjtpf.dll",s
O4 - HKLM\..\Run: [btlohk] rundll32.exe "C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\ritsretobit.sys" WLEntryPoint
O4 - HKLM\..\Run: [antiviirus] C:\Program Files\antiviirus.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [itkfmpoj] rundll32.exe "C:\WINDOWS\system32\sjalcbilcf.dll" WLEntryPoint
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [ntuser] C:\WINDOWS\system32\drivers\svchost.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O4 - .DEFAULT User Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: mod_sm.lnk = C:\hp\bin\cloaker.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\rmtsfmlk.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\rmtsfmlk.dll
O16 - DPF: {1D6E056F-D1BB-40F6-88E4-11EE98056FD2} (Oberon ActiveX Game Host) - http://jeuxenligne.orange.fr/Gameshell/GameHost/1.0/OberonGameHost.cab
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} - http://www.20x2p.com/69d6e04d/enter.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/yinst0401.cab
O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/20d623ae82101d55ab16/netzip/RdxIE601_fr.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.mypix.com/importer/ImageUploader4.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} - http://www.gagne-un-max.com/acces/WebInstall.dll
O16 - DPF: {C9E17F58-564C-41C6-989F-AB0FE0D2C9D1} (PopcapLoader Object) - http://jeuxenligne.orange.fr/orange2.0/OnlineHSS/zuma/Popcap.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/layout/default01/activex/IPSUploader.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - file://C:\Documents and Settings\Propriétaire\Local Settings\Application Data\Oberon Media\Oberon Games Host\popcaploader_v6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{10DA328E-5A7F-4BA0-A7AB-9E14BEDEB3A5}: NameServer = 85.255.115.3,85.255.112.127
O17 - HKLM\System\CCS\Services\Tcpip\..\{44933F89-86AC-4819-96F9-C5B115FCEA53}: NameServer = 85.255.115.3,85.255.112.127
O17 - HKLM\System\CCS\Services\Tcpip\..\{63F99311-BDAF-4A15-A0C7-26828D4FA1A6}: NameServer = 85.255.115.3,85.255.112.127
O17 - HKLM\System\CCS\Services\Tcpip\..\{77B818FE-4141-4600-9522-67001E131381}: NameServer = 85.255.115.3,85.255.112.127
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.115.3 85.255.112.127
O17 - HKLM\System\CS1\Services\Tcpip\..\{10DA328E-5A7F-4BA0-A7AB-9E14BEDEB3A5}: NameServer = 85.255.115.3,85.255.112.127
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.3 85.255.112.127
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O21 - SSODL: EcPFoIr - {BC17EC93-16BD-4639-049B-3696A7A1F91B} - (no file)
O21 - SSODL: VolumeVolume - {19015f33-a331-48e5-99c3-7c3d987e561a} - C:\WINDOWS\Installer\{19015f33-a331-48e5-99c3-7c3d987e561a}\VolumeVolume.dll
O21 - SSODL: zip - {117f2fda-38dc-4aa6-a9e0-21ac51a75d5e} - C:\WINDOWS\Installer\{117f2fda-38dc-4aa6-a9e0-21ac51a75d5e}\zip.dll
O21 - SSODL: bokpkov - {450C1EE0-4A97-4A5B-9087-8789752C0779} - (no file)
O21 - SSODL: altvxvm - {22B08EBF-6C2C-405B-886C-EB65B15F44EC} - C:\WINDOWS\altvxvm.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft security update service (msupdate) - Unknown owner - c:\windows\system32\mssrv32.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Prevx Agent (PREVXAgent) - Prevx - C:\Program Files\Prevx1\PXAgent.exe
O23 - Service: Planificateur de tâches (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\svchost.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe