Virus "Spooler" ou "Trz.tmp"

bonjour,
Cela fait quelque temps que j'ai un virus nommé "Spooler" il est logé sur le disque C dans le dossier Program Files lorsque je le supprime, il se transforme en fichier Trz.tmp et lorsque je supprime Trz.tmp il se transforme en Trz01.tmp... trz02... trz03... ainsi de suite.
J'ai mon anti virus AVAST qui le détecte, je le supprime, ou met en qurantaine, mais a chaque fois il reapparait. Que faut-il faire? Merci pour votre aide.

Bonsoir,
Tu peux essayer la méthode décrite sur la page suivante:
http://www.commentcamarche.net/forum/affich-3575528-plusieurs-virus-trz-tmp-ont-infecte-mon-pc
Tiens nous au courant.
Bonne soirée
Ursel

Bonjour Ursel,
Donc, ce matin de bonne heure, j'ai fais une analyse avec SDFix suite au lien que tu m'a donné.
Voici le rapport:


SDFix: Version 1.240
Run by CM on 01/03/2009 at 07:46
Microsoft Windows XP [version 5.1.2600]
Running From: C:\Documents and Settings\CM\Bureau\SDFix
Checking Services :

Restoring Default Security Values
Restoring Default Hosts File
Rebooting

Checking Files :
No Trojan Files Found



Removing Temp Files
ADS Check :


Final Check :
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-01 07:56:22
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :


Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\vdp\\vdp.exe"="C:\\Program Files\\vdp\\vdp.exe:*:Enabled:Video surveillance PRO 2008"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\Program Files\\Easy Web Cam\\easywebcam.exe"="C:\\Program Files\\Easy Web Cam\\easywebcam.exe:*:Disabled:easywebcam.exe"
"C:\\vdp\\vdp.exe"="C:\\vdp\\vdp.exe:*:Enabled:Video surveillance PRO 2008"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Active WebCam\\WebCam.exe"="C:\\Program Files\\Active WebCam\\WebCam.exe:*:Enabled:Active WebCam"
"C:\\Program Files\\neuf Talk\\neuf Talk.exe"="C:\\Program Files\\neuf Talk\\neuf Talk.exe:*:Enabled:neuf Talk"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImApp.exe"="C:\\Program Files\\IncrediMail\\bin\\ImApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Disabled:Messenger"
"C:\\Program Files\\Ivicam\\ivicam.exe"="C:\\Program Files\\Ivicam\\ivicam.exe:*:Enabled:Ivisible_Ivicam"
"C:\\Program Files\\Ivicam\\backsurvey.exe"="C:\\Program Files\\Ivicam\\backsurvey.exe:*:Enabled:Ivisible_BackSurvey"
"C:\\Program Files\\wLite\\wLite.exe"="C:\\Program Files\\wLite\\wLite.exe:*:Enabled:webcamXP"
"C:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"="C:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe:*:Enabled:Application de pilotage … distance TeamViewer"
"D:\\SpyWebcamLight\\HTTPServer.exe"="D:\\SpyWebcamLight\\HTTPServer.exe:*:Enabled:HTTPServer"
"D:\\Program Files\\webcamXP\\webcamXP.exe"="D:\\Program Files\\webcamXP\\webcamXP.exe:*:Enabled:webcamXP 2008"
"C:\\Program Files\\spooler.exe"="C:\\Program Files\\spooler.exe:*:Enabled:otmspr"
"D:\\Program Files\\CamPSA\\camPSA.exe"="D:\\Program Files\\CamPSA\\camPSA.exe:*:Enabled:camPSA"
"C:\\WINDOWS\\system32\\LEXPPS.EXE"="C:\\WINDOWS\\system32\\LEXPPS.EXE:*:Enabled:LEXPPS"
"C:\\Program Files\\CamPSA\\camPSA.exe"="C:\\Program Files\\CamPSA\\camPSA.exe:*:Enabled:camPSA"
"C:\\TYPSoft FTP Server\\ftpserv.exe"="C:\\TYPSoft FTP Server\\ftpserv.exe:*:Enabled:TYPSoft FTP Server"
"C:\\Program Files\\Imaveo\\LynxCamera\\LynxCamera Serveur\\LynxCameraServer.exe"="C:\\Program Files\\Imaveo\\LynxCamera\\LynxCamera Serveur\\LynxCameraServer.exe:*:Enabled:LynxCameraServer"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA"
"D:\\BitTorrent\\bittorrent.exe"="D:\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"D:\\DC++\\DCPlusPlus.exe"="D:\\DC++\\DCPlusPlus.exe:*:Enabled:DC++"
"D:\\Program Files\\LimeWire\\LimeWire.exe"="D:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files :

Files with Hidden Attributes :
Wed 21 Jan 2009 77,824 ...H. --- "C:\Program Files\MSN\msnupdate!@#@.exe"
Finished!

Et, SPOOLER est toujours là! Grrrrrrrrrrrr!