Aide virus trojan

Bonjour,
Je suis infectée d'un virus Trojan Small depuis un ou deux mois, qui est devenu un Trojan Agent et un Trojan Fraudload.
pourriez vous m'aider pour la lecture du rapport de Clamwin et trojan remover qui m'ont detectés de nombreux problemes, mais n'a pas pu renommer ou detruire certains fichiers suspects.D’autres part, certains ne sont pas ouvrables et supprimables.

Que faut il faire pour s'en debarasser?
J'ai sur mon PC Spybot Search and Destroy mais il ne detecte plus rien. Meme chose pour AVG antispyware.

Je vous fournit les rapports Clamwin, (que j’ai depuis plus longtemps que Trojan remover, car c’est mon anti virus de base) par ordre antéchronologique:


Scan Started Sun Nov 09 18:15:09 2008
-------------------------------------------------------------------------------

C:\Documents and Settings\Célia Ukkola\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat: Permission denied
C:\Documents and Settings\Célia Ukkola\NTUSER.DAT: Permission denied
C:\Documents and Settings\Jorma Ukkola\Mes documents\desktop.ini: Permission denied
C:\Documents and Settings\Jorma Ukkola\ntuser.ini: Permission denied
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat: Permission denied
C:\Documents and Settings\LocalService\NTUSER.DAT: Permission denied
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat: Permission denied
C:\Documents and Settings\NetworkService\NTUSER.DAT: Permission denied
C:\hiberfil.sys: Permission denied
C:\pagefile.sys: Permission denied
C:\WINDOWS\system32\config\DEFAULT: Permission denied
C:\WINDOWS\system32\config\SAM: Permission denied
C:\WINDOWS\system32\config\SECURITY: Permission denied
C:\WINDOWS\system32\config\SOFTWARE: Permission denied
C:\WINDOWS\system32\config\SYSTEM: Permission denied
C:\WINDOWS\system32\tdssmain.dll.vir: Removed
C:\WINDOWS\system32\tdssserf.dll: Removed

C:\WINDOWS\system32\tdssmain.dll.vir: Trojan.Agent-55447 FOUND
C:\WINDOWS\system32\tdssserf.dll: Trojan.Fraudload-1386 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 456271
Engine version: 0.94
Scanned directories: 6009
Scanned files: 55119
Infected files: 2

Data scanned: 23462.77 MB
Time: 11609.005 sec (193 m 29 s)
--------------------------------------
Completed
--------------------------------------

Scan Started Wed Oct 01 20:11:10 2008

-------------------------------------------------------------------------------



C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~DF20AC.tmp: Permission denied

C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~DFDD97.tmp: Permission denied

C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~DFDDA7.tmp: Permission denied

C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~WRS0001.tmp: Permission denied

C:\Documents and Settings\Jorma Ukkola\Mes documents\desktop.ini: Permission denied

C:\Documents and Settings\Jorma Ukkola\ntuser.ini: Permission denied

C:\hiberfil.sys: Permission denied

C:\pagefile.sys: Permission denied

C:\WINDOWS\system32\config\DEFAULT: Permission denied

C:\WINDOWS\system32\config\SAM: Permission denied

C:\WINDOWS\system32\config\SECURITY: Permission denied

C:\WINDOWS\system32\config\SOFTWARE: Permission denied

C:\WINDOWS\system32\config\SYSTEM: Permission denied



----------- SCAN SUMMARY -----------

Known viruses: 432342

Engine version: 0.94

Scan Started Sun Sep 28 22:52:57 2008
------------------------------------------------------------------------------- C:\Documents and Settings\Célia Ukkola\Local Settings\Temporary Internet Files\Content.IE5\EXPV91R3\pipo[1]: Trojan.Small-8579 FOUND
C:\Documents and Settings\Célia Ukkola\Mes documents\Mes images\codecs+lecteurs\BsPlayer.1.32.Build.820.Incl.KeyMaker[www.ToroBT.Com.Ar]\Keygen.by.Again.exe: Trojan.OnlineGames-1517 FOUND
C:\WINDOWS\AdobeR.exe: Worm.Rjump-1 FOUND
C:\WINDOWS\system32\drivers\svchost.exe: Trojan.Small-8579 FOUND
----------- SCAN SUMMARY -----------
Known viruses: 432322
Engine version: 0.93.1
Scanned directories: 5284
Scanned files: 50309
Infected files: 4



Scan Started Mon Jul 28 10:32:55 2008

-------------------------------------------------------------------------------



WARNING: Can't open file \\?\C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~DF2DCA.tmp, Permission denied

WARNING: Can't open file \\?\C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~DF3A70.tmp, Permission denied

WARNING: Can't open file \\?\C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~DF598F.tmp, Permission denied

WARNING: Can't open file \\?\C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~DF5ECB.tmp, Permission denied

WARNING: Can't open file \\?\C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~DF6418.tmp, Permission denied

WARNING: Can't open file \\?\C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~DF642B.tmp, Permission denied

WARNING: Can't open file \\?\C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~WRS0010.tmp, Permission denied

WARNING: Can't open file \\?\C:\Documents and Settings\Célia Ukkola\Local Settings\Temp\~WRS3785.tmp, Permission denied

WARNING: Can't open file \\?\C:\hiberfil.sys, Permission denied

WARNING: Can't open file \\?\C:\pagefile.sys, Permission denied



----------- SCAN SUMMARY -----------

Known viruses: 346238

Engine version: 0.92

Scanned directories: 4780

Scanned files: 42647

Skipped non-executable files: 2038



VOICI UNE PARTIE DU RAPPORT DE TROJAN REMOVER, JE L’AI ABREGE PARCE QU IL NE FAISAIT PAS MOINS DE 100 PAGES SOUS WORD !!!

j’espere que quelqu’un aura le courage et la bonne ame de m’aider car je n’ai personne susceptible de m’aider dans mon entourage ;


***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.3.2550. For information, email support@simplysup1.com
[Unregistered version]
Scan started at: 11:35:49 05 nov. 2008
Using Database v7178
Operating System: Windows XP SP2 [Windows XP Professional Service Pack 2 (Build 2600)]
File System: NTFS
Data directory: C:\Documents and Settings\Célia Ukkola\Application Data\Simply Super Software\Trojan Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: C:\Documents and Settings\Célia Ukkola\Mes documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges

************************************************************

************************************************************
11:35:50: Scanning ----------WIN.INI-----------
WIN.INI found in C:\WINDOWS

************************************************************
11:35:50: Scanning --------SYSTEM.INI---------
SYSTEM.INI found in C:\WINDOWS

************************************************************
11:35:50: ----- SCANNING FOR ROOTKIT SERVICES -----
Hidden Service Keyname: TDSSserv
C:\WINDOWS\system32\drivers\TDSSserv.sys appears to contain: ROOTKIT.AGENT
Entry has been scheduled for deletion when the PC is restarted
C:\WINDOWS\system32\drivers\TDSSserv.sys - no action requested on file
"SafeBoot\Minimal" registry entry for [TDSSserv.sys] removed
"SafeBoot\Network" registry entry for [TDSSserv.sys] removed
----------
----------

************************************************************
11:36:41: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
File: Explorer.exe
C:\WINDOWS\Explorer.exe
1037312 bytes
Created: 01/01/1980
Modified: 13/06/2007
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
File: C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\system32\userinit.exe
25088 bytes
11:36:44: Scanning -----HIDDEN REGISTRY ENTRIES-----
T
11:36:44: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found


J ai coupe ici un bon nombre de pages
PE386 rootkit checks completed
----------
Winlogon registry rootkit checks completed
----------
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Checking for specific malicious files:
C:\WINDOWS\system32\drivers\TDSSserv.sys - Backdoor.Agent
C:\WINDOWS\system32\drivers\TDSSserv.sys - file ownership assigned to: PC_DE_CÉLIA\Célia Ukkola
[kill file error: C:\WINDOWS\system32\drivers\TDSSserv.sys, Le processus ne peut pas accéder au fichier car un autre processus en a verrouillé une partie.
]
C:\WINDOWS\system32\drivers\TDSSserv.sys - file backed up to C:\WINDOWS\system32\drivers\TDSSserv.sys.vir
C:\WINDOWS\system32\drivers\TDSSserv.sys - marked for renaming when the PC is restarted
C:\WINDOWS\system32\tdssadw.dll - Rootkit.Agent
C:\WINDOWS\system32\tdssadw.dll - file renamed to: C:\WINDOWS\system32\tdssadw.dll.vir
C:\WINDOWS\system32\tdssinit.dll - Rootkit.Agent
C:\WINDOWS\system32\tdssinit.dll - file renamed to: C:\WINDOWS\system32\tdssinit.dll.vir
C:\WINDOWS\system32\tdssl.dll - Rootkit.Agent
C:\WINDOWS\system32\tdssl.dll - file ownership assigned to: PC_DE_CÉLIA\Célia Ukkola
[kill file error: C:\WINDOWS\system32\tdssl.dll, Le processus ne peut pas accéder au fichier car un autre processus en a verrouillé une partie.
]
C:\WINDOWS\system32\tdssl.dll - file backed up to C:\WINDOWS\system32\tdssl.dll.vir
C:\WINDOWS\system32\tdssl.dll - marked for renaming when the PC is restarted
C:\WINDOWS\system32\tdsslog.dll - Rootkit.Agent
C:\WINDOWS\system32\tdsslog.dll - file renamed to: C:\WINDOWS\system32\tdsslog.dll.vir
C:\WINDOWS\system32\tdssmain.dll - Rootkit.Agent
C:\WINDOWS\system32\tdssmain.dll - file renamed to: C:\WINDOWS\system32\tdssmain.dll.vir
C:\WINDOWS\system32\tdssserf1.dll - Trojan.FakeAlert
C:\WINDOWS\system32\tdssserf1.dll - file renamed to: C:\WINDOWS\system32\tdssserf1.dll.vir
----------
Desktop Wallpaper: C:\Documents and Settings\Célia Ukkola\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
C:\Documents and Settings\Célia Ukkola\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
1440054 bytes
Created: 07/08/2005
Modified: 19/10/2008
Company:
----------
Web Desktop Wallpaper: %USERPROFILE%\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
C:\Documents and Settings\Célia Ukkola\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
1440054 bytes
Created: 07/08/2005
Modified: 19/10/2008
Company:
----------
Additional checks completed

************************************************************
11:37:31: Scanning ----- RUNNING PROCESSES -----

C:\WINDOWS\System32\smss.exe
[1 loaded module]
--------------------
C:\WINDOWS\system32\csrss.exe
[15 loaded modules in total]
--------------------
C:\WINDOWS\system32\winlogon.exe
[67 loaded modules in total]
--------------------
C:\WINDOWS\system32\services.exe
[36 loaded modules in total]
--------------------
C:\WINDOWS\system32\lsass.exe
[63 loaded modules in total]
--------------------
C:\WINDOWS\System32\ibmpmsvc.exe - file already scanned
[21 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe
[54 loaded modules in total]
--------------------
C:\WINDOWS\system32\svchost.exe - file already scanned
[42 loaded modules in total]
--------------------
C:\WINDOWS\System32\svchost.exe - file already scanned
[156 loaded modules in total]
--------------------
C:\WINDOWS\system32\S24EvMon.exe - file already scanned
[23 loaded modules in total]
--------------------
C:\WINDOWS\System32\svchost.exe - file already scanned
[30 loaded modules in total]
--------------------
C:\WINDOWS\System32\svchost.exe - file already scanned
[42 loaded modules in total]
--------------------
C:\WINDOWS\system32\spoolsv.exe
[61 loaded modules in total]
--------------------
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe - file already scanned
[31 loaded modules in total]
--------------------
C:\WINDOWS\Explorer.EXE - file already scanned
[127 loaded modules in total]
--------------------
C:\Program Files\IBM\IBM Rapid Restore Ultra\rrpcsb.exe - file already scanned
[35 loaded modules in total]
--------------------
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE - file already scanned
[30 loaded modules in total]
--------------------
C:\WINDOWS\System32\svchost.exe - file already scanned
[41 loaded modules in total]
--------------------
C:\WINDOWS\system32\TpKmpSVC.exe - file already scanned
[21 loaded modules in total]
--------------------
C:\WINDOWS\system32\igfxtray.exe - file already scanned
[33 loaded modules in total]
--------------------
C:\WINDOWS\system32\hkcmd.exe - file already scanned
[33 loaded modules in total]
--------------------
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe - file already scanned
[51 loaded modules in total]
--------------------
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe - file already scanned
[29 loaded modules in total]
--------------------
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
[26 loaded modules in total]
--------------------
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
[27 loaded modules in total]
--------------------
C:\Program Files\IBM\Messages By IBM\ibmmessages.exe - file already scanned
[49 loaded modules in total]
--------------------
C:\IBMTOOLS\UTILS\ibmprc.exe - file already scanned
[23 loaded modules in total]
--------------------
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE - file already scanned
[70 loaded modules in total]
--------------------
C:\WINDOWS\system32\RunDll32.exe
[38 loaded modules in total]
--------------------
C:\WINDOWS\system32\rundll32.exe
[38 loaded modules in total]
--------------------
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe - file already scanned
[28 loaded modules in total]
--------------------
C:\PROGRA~1\ThinkPad\CONNEC~1\QCTray.exe - file already scanned
[79 loaded modules in total]
--------------------
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe - file already scanned
[23 loaded modules in total]
--------------------
C:\WINDOWS\system32\ctfmon.exe - file already scanned
[32 loaded modules in total]
--------------------
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe - file already scanned
[37 loaded modules in total]
--------------------
C:\Program Files\Digital Line Detect\DLG.exe
[28 loaded modules in total]
--------------------
C:\Program Files\Canon\CAL\CALMAIN.exe - file already scanned
[35 loaded modules in total]
--------------------
C:\WINDOWS\System32\alg.exe
[38 loaded modules in total]
--------------------
C:\WINDOWS\system32\1XConfig.exe
[39 loaded modules in total]
--------------------
C:\WINDOWS\system32\wuauclt.exe
[38 loaded modules in total]
--------------------
D:\trsetup.exe
[26 loaded modules in total]
--------------------
C:\DOCUME~1\CLIAUK~1\LOCALS~1\Temp\is-7EFN1.tmp\trsetup.tmp
[47 loaded modules in total]
--------------------
C:\Program Files\Trojan Remover\trupd.exe
[52 loaded modules in total]
--------------------
C:\Documents and Settings\Célia Ukkola\Application Data\Simply Super Software\Trojan Remover\thr5.exe
FileSize: 2618232
[This is a Trojan Remover component]
[32 loaded modules in total]
--------------------

************************************************************
11:38:18: Checking AUTOEXEC.BAT file
AUTOEXEC.BAT found in C:\
No malicious entries were found in the AUTOEXEC.BAT file

************************************************************
11:38:18: Checking AUTOEXEC.NT file
AUTOEXEC.NT found in C:\WINDOWS\system32
No malicious entries were found in the AUTOEXEC.NT file

************************************************************
11:38:18: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
11:38:18: Scanning ------ %TEMP% DIRECTORY ------
************************************************************
11:38:19: Scanning ------ C:\WINDOWS\Temp DIRECTORY ------
No files found to scan
************************************************************
11:38:19: Scanning ------ ROOT DIRECTORY ------

************************************************************
11:38:19: ------ Scan for other files to remove ------
C:\WINDOWS\system32\tdssservers.dat has been deleted
----------
1 malware-related files deleted (or marked for deletion)

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
http://www.microsoft.com/isapi/red [...] R}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://www.microsoft.com/isapi/red [...] r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
http://www.microsoft.com/isapi/red [...] ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
http://www.microsoft.com/isapi/red [...] r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
http://ie.search.msn.com/{SUB_RFC1 [...] chcust.htm
HKLM\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
http://www.google.com/ie
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
WWW.GOOGLE.FR
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\WINDOWS\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://www.google.com

************************************************************
=== CHANGES WERE MADE TO THE WINDOWS REGISTRY ===
=== ONE OR MORE FILES WERE RENAMED OR REMOVED ===
Scan completed at: 11:38:20 05 nov. 2008
Total Scan time: 00:02:30
-------------------------------------------------------------------------
One or more files could not be moved or renamed as requested.
They may be in use by Windows, so Trojan Remover needs
to restart the system in order to deal with these files.
05/11/2008 11:38:56: restart commenced
************************************************************