Merci Thor pour cette réponse rapide et claire, je te joins les différents rapport.
Rapport MalwarBytes du 22/10/2014 :
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 22/10/2015
Heure de l'analyse: 22:28
Fichier journal:
Administrateur: Oui
Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.10.22.05
Base de données de rootkits: v2015.10.16.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Timothy
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 448043
Temps écoulé: 43 min, 42 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 2
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\ScreenShotServ.exe, 5660, , [619c0554ee9dbc7afea98a0821e21be5]
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\ihpmServer.exe, 3868, , [c03d6aef8b00eb4b1b260c8ac43f39c7]
Modules: 3
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPDR.dll, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPNet.dll, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPTask.dll, , [619c0554ee9dbc7afea98a0821e21be5],
Clés du registre: 16
PUP.Optional.WinManger, HKLM\SOFTWARE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, , [48b576e39fec2214525d51d5ff031de3],
PUP.Optional.WinManger, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, , [48b576e39fec2214525d51d5ff031de3],
PUP.Optional.WinManger, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}, , [48b576e39fec2214525d51d5ff031de3],
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{61FFE1F9-137D-4c31-A181-3415FCAA5946}, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TheScreenSnapshotService, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{8DD92279-9B04-4C6F-A862-EF3C24603804}, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ihpmServer, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.SoftwareUpdate, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SoftwareUpdateTaskMachineCore, , [37c669f00f7c0f27a51a126e2cd7ad53],
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\SCREENSNAPSHOTTOOL, , [ac5107522f5cfd3915e35640d82bc23e],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\ihpmserver, , [69944019890245f1340ecec85ba844bc],
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\oursurfingSoftware, , [22db471204871620e9e51856837fda26],
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [29d40d4cd3b851e5260b82bff60dfc04],
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\RAYDLD, , [d12cd8812764043251fa72fa8c7647b9],
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\oursurfing, , [916cc594395282b4e7f4d06dd0322dd3],
Valeurs du registre: 5
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{61FFE1F9-137D-4c31-A181-3415FCAA5946}|DisplayIcon, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\ScreenSnapshot.exe, , [5ca1e475b4d7ed49e6c6eda59d66c13f]
PUP.Optional.ScreenSnapShotTool, HKLM\SOFTWARE\SCREENSNAPSHOTTOOL|PartnerID, Amonetize|fr|IBD|Bundle, , [ac5107522f5cfd3915e35640d82bc23e]
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, oursurfing, , [29d40d4cd3b851e5260b82bff60dfc04]
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}, , [2ecfe673e2a93ef83100ee53946f7c84]
PUP.Optional.Elex, HKLM\SOFTWARE\WOW6432NODE\RAYDLD|dir, C:\Program Files (x86)\RayDld, , [d12cd8812764043251fa72fa8c7647b9]
Données du registre: 13
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}),,[ad505cfd3e4d9d992151161821e3847c]
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210),,[906da5b4a2e9d3636b07d15d5da7748c]
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210),,[35c8d68312790b2ba2d0121cc83cf709]
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}),,[e815fa5fb8d374c26a08e74712f21ee2]
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}),,[21dc2c2d3b5012247df575b984806c94]
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210),,[cf2edb7edfac93a30c667faf62a2fa06]
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210),,[85783e1b0b8065d188eac06e53b1847c]
PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}),,[7489fa5f6e1ddc5a93df83ab90744eb2]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Bon : ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Mauvais : ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[d82507528a0183b30cad4be2689ccc34]
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-3995368289-2998070391-2299520930-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}),,[09f48bce0f7c39fda0cbfe3037cd649c]
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-3995368289-2998070391-2299520930-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210),,[0af3aaafe0ab65d1eb80c06e15ef3ec2]
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-3995368289-2998070391-2299520930-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210),,[dd208acf7e0dd4627eed012d53b13dc3]
PUP.Optional.OurSurfing.ShrtCln, HKU\S-1-5-21-3995368289-2998070391-2299520930-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}, Bon : (www.google.com), Mauvais : (http://www.oursurfing.com/web/?type=ds&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210&q={searchTerms}),,[738a83d6662571c5ea81939b9d67a55b]
Dossiers: 10
PUP.Optional.ScreenSnapShotTool, C:\Users\Timothy\AppData\Roaming\ScreenSnapshotTool\dump, , [19e486d36d1e21155a4c048e8f749f61],
PUP.Optional.ScreenSnapShotTool, C:\Users\Timothy\AppData\Roaming\ScreenSnapshotTool, , [19e486d36d1e21155a4c048e8f749f61],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPData, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.ScreenSnapShotTool, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\ScreenSnapshotTool\dump, , [e21b08511d6e072f17b8b401da295aa6],
PUP.Optional.ScreenSnapShotTool, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\ScreenSnapshotTool, , [e21b08511d6e072f17b8b401da295aa6],
PUP.Optional.OurSurfing.ShrtCln, C:\Users\Timothy\AppData\Roaming\oursurfing, , [916cc594395282b4e7f4d06dd0322dd3],
Fichiers: 70
PUP.Optional.BubbleDock, C:\Users\Timothy\AppData\Local\Temp\awh221.tmp, , [2dd094c55b30e3536486a7a147ba41bf],
PUP.Optional.SoftwareUpdate, C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore, , [bb42db7eb0db290d308d5d23dc27e61a],
PUP.Optional.SoftwareUpdate, C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job, , [c23bd287b1da979fcaf4dfa1f80bc937],
PUP.Optional.ScreenSnapShotTool, C:\Users\Timothy\AppData\Roaming\ScreenSnapshotTool\dump\BugReportConfig.ini, , [19e486d36d1e21155a4c048e8f749f61],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\CrashReportModuleConf.ini, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\CrashReport.exe, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\CrashUL.exe, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPConfig.ini, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPDR.dll, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPHelp.dll, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPKernel.dll, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPNet.dll, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\EVPTask.dll, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\InstallHelper.exe, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\Language.json, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\Report.exe, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\ScreenShotServ.exe, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.ScreenSnapShotTool, C:\Program Files (x86)\ScreenSnapshotTool\1.1.0.10921\ScreenSnapshot.exe, , [619c0554ee9dbc7afea98a0821e21be5],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\uninstall.exe, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\ihpmServer.exe, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\ihpmServer.ini, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\Raydld.exe, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\main.xml, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\About.xml, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\about_banner.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\animate_history.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\animate_portal.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\animate_recent.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\big_button_down.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\bk_shadow.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\bottom_toolbar_bk.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\brower_back.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\brower_refresh.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\btn.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\btn_browser_dir.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\ck_box.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\ck_check.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\close.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\create.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\delete.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\drag_flag.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\exclamation.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\list_header_bk.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\logo_16.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\logo_small.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\Menu.xml, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\MenuItem.xml, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\menu_bk.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\menu_bk_seperator.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\MessageBox.xml, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\min.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\open_position.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\pause.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\progress_bk.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\progress_fore.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\scrollbar.bmp, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\Start.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\sysmenu.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\TaskListItem.xml, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\TaskListItemHistory.xml, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\TaskNew.xml, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\task_completed.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\task_failed.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\task_pause.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\toolbar_separator.png, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.Elex, C:\Program Files (x86)\RayDld\skin\WebPortal.xml, , [c03d6aef8b00eb4b1b260c8ac43f39c7],
PUP.Optional.ScreenSnapShotTool, C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\ScreenSnapshotTool\dump\BugReportConfig.ini, , [e21b08511d6e072f17b8b401da295aa6],
PUP.Optional.OurSurfing.ShrtCln, C:\Users\Timothy\AppData\Roaming\oursurfing\inst1.dat, , [916cc594395282b4e7f4d06dd0322dd3],
PUP.Optional.OurSurfing.ShrtCln, C:\Users\Timothy\AppData\Roaming\oursurfing\Uninstall.exe, , [916cc594395282b4e7f4d06dd0322dd3],
PUP.Optional.OurSurfing.ShrtCln, C:\Users\Timothy\AppData\Roaming\oursurfing\unipc.dat, , [916cc594395282b4e7f4d06dd0322dd3],
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
Ensuite Celui du 23/10/2015 :
Malwarebytes Anti-Malware
www.malwarebytes.org
Date de l'analyse: 23/10/2015
Heure de l'analyse: 19:57
Fichier journal: MalwareBytes 23.10.2015.txt
Administrateur: Oui
Version: 2.1.8.1057
Base de données de programmes malveillants: v2015.10.23.05
Base de données de rootkits: v2015.10.16.01
Licence: Gratuit
Protection contre les programmes malveillants: Désactivé
Protection contre les sites Web malveillants: Désactivé
Autoprotection: Désactivé
Système d'exploitation: Windows 7 Service Pack 1
Processeur: x64
Système de fichiers: NTFS
Utilisateur: Timothy
Type d'analyse: Analyse des menaces
Résultat: Terminé
Objets analysés: 449311
Temps écoulé: 25 min, 34 s
Mémoire: Activé
Démarrage: Activé
Système de fichiers: Activé
Archives: Activé
Rootkits: Désactivé
Heuristique: Activé
PUP: Activé
PUM: Activé
Processus: 0
(Aucun élément malveillant détecté)
Modules: 0
(Aucun élément malveillant détecté)
Clés du registre: 0
(Aucun élément malveillant détecté)
Valeurs du registre: 0
(Aucun élément malveillant détecté)
Données du registre: 0
(Aucun élément malveillant détecté)
Dossiers: 0
(Aucun élément malveillant détecté)
Fichiers: 0
(Aucun élément malveillant détecté)
Secteurs physiques: 0
(Aucun élément malveillant détecté)
(end)
J'enchaîne sur AdwCleaner du 22/10/2015 :
# AdwCleaner v5.014 - Rapport créé le 22/10/2015 à 23:18:42
# Mis à jour le 18/10/2015 par Xplode
# Base de données : 2015-10-18.5 [Serveur]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (x64)
# Nom d'utilisateur : Timothy - TIMOTHY-PC
# Exécuté depuis : C:\Users\Timothy\Downloads\AdwCleaner-5.014.exe
# Option : Nettoyer
# Support :
Vous devez être
connecté pour voir les liens.
***** [ Services ] *****
[-] Service Supprimé : Software_update
[-] Service Supprimé : Software_update_m
[-] Service Supprimé : ihpmServer
[-] Service Supprimé : TheScreenSnapshotService
***** [ Dossiers ] *****
[-] Dossier Supprimé : C:\Program Files (x86)\RayDld
[-] Dossier Supprimé : C:\Program Files (x86)\ScreenSnapshotTool
[!] Dossier Non Supprimé : C:\Users\Timothy\AppData\Roaming\oursurfing
[!] Dossier Non Supprimé : C:\Users\Timothy\AppData\Roaming\ScreenSnapshotTool
[!] Dossier Non Supprimé : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\ScreenSnapshotTool
***** [ Fichiers ] *****
[-] Fichier Supprimé : C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hpdbfhoobgcmiffaheiedgepeipfcjpb_0.localstorage
[-] Fichier Supprimé : C:\Users\Timothy\AppData\Local\Temp\task.vbs
***** [ DLLs ] *****
***** [ Raccourcis ] *****
***** [ Tâches planifiées ] *****
[-] Tâche Supprimée : SoftwareUpdateTaskMachineCore
[-] Tâche Supprimée : SoftwareUpdateTaskMachineUA
***** [ Registre ] *****
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc.1.0
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.Update3WebSvc
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc.1.0
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassSvc
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Clé Supprimée : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Valeur Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Clé Supprimée : HKU\.DEFAULT\Software\ImInstaller
[-] Clé Supprimée : HKLM\SOFTWARE\SupDp
[!] Clé Non Supprimée : HKLM\SOFTWARE\oursurfingSoftware
[!] Clé Non Supprimée : HKLM\SOFTWARE\RayDld
[!] Clé Non Supprimée : HKLM\SOFTWARE\ihpmserver
[!] Clé Non Supprimée : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\oursurfing
[!] Clé Non Supprimée : [x64] HKLM\SOFTWARE\ScreenSnapshotTool
[!] Clé Non Supprimée : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{61FFE1F9-137D-4c31-A181-3415FCAA5946}
[-] Clé Supprimée : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\softwareupdate.exe
[-] Donnée Restaurée : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Donnée Restaurée : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée Restaurée : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée Restaurée : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Donnée Restaurée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Donnée Restaurée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée Restaurée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée Restaurée : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Donnée Restaurée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Donnée Restaurée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée Restaurée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée Restaurée : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Donnée Restaurée : HKU\S-1-5-21-3995368289-2998070391-2299520930-1001\Software\Microsoft\Internet Explorer\Main [Search Page]
[-] Donnée Restaurée : HKU\S-1-5-21-3995368289-2998070391-2299520930-1001\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Donnée Restaurée : HKU\S-1-5-21-3995368289-2998070391-2299520930-1001\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Donnée Restaurée : HKU\S-1-5-21-3995368289-2998070391-2299520930-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[!] Donnée Non Restaurée : HKU\S-1-5-21-3995368289-2998070391-2299520930-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Search Page]
[!] Donnée Non Restaurée : HKU\S-1-5-21-3995368289-2998070391-2299520930-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Start Page]
[!] Donnée Non Restaurée : HKU\S-1-5-21-3995368289-2998070391-2299520930-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
[!] Donnée Non Restaurée : HKU\S-1-5-21-3995368289-2998070391-2299520930-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
[!] Clé Non Supprimée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Donnée Restaurée : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
***** [ Navigateurs ] *****
[-] [C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Supprimé : hxxp://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210
[-] [C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Supprimé : hxxp://www.istartsurf.com/webfavicon.ico
*************************
:: Paramètres Winsock réinitialisés
########## EOF - C:\AdwCleaner\AdwCleaner[C15].txt - [6378 octets] ##########
Et celui du 23/10/2015 : [s
/1kp4]
# AdwCleaner v5.014 - Rapport créé le 23/10/2015 à 23:38:17
# Mis à jour le 18/10/2015 par Xplode
# Base de données : 2015-10-18.5 [Serveur]
# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (x64)
# Nom d'utilisateur : Timothy - TIMOTHY-PC
# Exécuté depuis : C:\Users\Timothy\Desktop\AdwCleaner-5.014.exe
# Option : Nettoyer
# Support :
Vous devez être
connecté pour voir les liens.
***** [ Services ] *****
***** [ Dossiers ] *****
***** [ Fichiers ] *****
***** [ DLLs ] *****
***** [ Raccourcis ] *****
***** [ Tâches planifiées ] *****
***** [ Registre ] *****
***** [ Navigateurs ] *****
[-] [C:\Users\Timothy\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Supprimé : hxxp://www.oursurfing.com/?type=hp&ts=1445541318&z=248a09965749ba4defbf3fcg2z4zfwfwaz2g2c3g5b&from=amt&uid=st1000lm024xhn-m101mbb_s2ttj9cc506210
*************************
:: Paramètres Winsock réinitialisés
########## EOF - C:\AdwCleaner\AdwCleaner[C16].txt - [964 octets] ##########
Et pour finir le rapport JRT du 24/10/2015 et te remercient encore :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Home Premium x64
Ran by Timothy on 24/10/2015 at 10:01:00.07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\Users\Timothy\AppData\Roaming\sp_data.sys
~~~ Folders
Successfully deleted: [Folder] C:\users\Public\Documents\guid
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
~~~ Chrome
[C:\Users\Timothy\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Timothy\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Timothy\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Timothy\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24/10/2015 at 10:06:00.64
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Je ne sais pas encore très bien interprété tous les rapports mais je pense que c'est bon.
Merci à toi