RÃ©sultats de correction de Farbar Recovery Scan Tool (x64) Version: 12-11-2017 03
ExÃ©cutÃ© par Damien (15-11-2017 17:13:34) Run:1
ExÃ©cutÃ© depuis C:\Users\Damien\Downloads
Profils chargÃ©s: Damien (Profils disponibles: defaultuser0 & defaultuser2 & Damien)
Mode d'amorÃ§age: Normal
==============================================

fixlist contenu:
*****************
CreateRestorePoint:
CloseProcesses:
HKLM-x32\...\Run: [MalTray] => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe /autorun
BootExecute: autocheck autochk *
C:\Windows\System32\Tasks\GMHSkipUAC
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BC56822-0845-4118-8EFF-4F7B4777DB39} 
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7BC56822-0845-4118-8EFF-4F7B4777DB39} 
C:\Windows\System32\Tasks\GlaryInitialize 5
C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk
C:\Users\Damien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk
C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk
C:\Users\defaultuser1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk
C:\Users\defaultuser2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk
C:\Users\Public\Desktop\ASUS HiPost.lnk
C:\Users\Public\Desktop\Evernote.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malware Hunter.lnk
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter
DeleteKey: HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0}
DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\BackupContextMenuExtension
DeleteKey: HKLM\Software\Classes\CLSID\{b1b96b20-da1d-4a3c-92c1-7229b32f2326}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter
DeleteKey: HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0}
DeleteKey: HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Glarysoft MalwareHunter
DeleteKey: HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui
DeleteKey: HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4}
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter
DeleteKey: HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0}
DeleteKey: HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0}
DeleteKey: HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA}
DeleteKey: HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\BackupContextMenuExtension
DeleteKey: HKLM\Software\Classes\CLSID\{b1b96b20-da1d-4a3c-92c1-7229b32f2326}
DeleteKey: HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter
DeleteKey: HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
DeleteKey: HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\Glarysoft MalwareHunter
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
S3 GUMHFilters; \??\C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys [X]
ContextMenuHandlers1: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll -> Pas de fichier
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Pas de fichier
Task: {DED192E5-8E6E-4DED-A94A-21EBAEB74967} - System32\Tasks\{ECB17B16-24AF-41E2-864C-34FE5427FF37}
Task: {EA9E2B62-7F11-4CC2-B8FE-C08843B1E34B} - System32\Tasks\{2C932742-413C-4B70-82C9-252094ED4C3C}
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.5247\wtoolex\wpsupdate.exe
EmptyTemp:

*****************

Le Point de restauration a Ã©tÃ© crÃ©Ã© avec succÃ¨s.
Processus fermÃ© avec succÃ¨s.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\MalTray => valeur supprimÃ©(es) avec succÃ¨s
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => valeur restaurÃ©(es) avec succÃ¨s
C:\Windows\System32\Tasks\GMHSkipUAC => dÃ©placÃ©(es) avec succÃ¨s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BC56822-0845-4118-8EFF-4F7B4777DB39} => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{7BC56822-0845-4118-8EFF-4F7B4777DB39} => clÃ© non trouvÃ©(e). 
C:\Windows\System32\Tasks\GlaryInitialize 5 => dÃ©placÃ©(es) avec succÃ¨s
"C:\Users\Administrateur\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk" => non trouvÃ©(e).
C:\Users\Damien\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk => dÃ©placÃ©(es) avec succÃ¨s
"C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk" => non trouvÃ©(e).
"C:\Users\defaultuser1\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk" => non trouvÃ©(e).
"C:\Users\defaultuser2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malware Hunter.lnk" => non trouvÃ©(e).
C:\Users\Public\Desktop\ASUS HiPost.lnk => dÃ©placÃ©(es) avec succÃ¨s
C:\Users\Public\Desktop\Evernote.lnk => dÃ©placÃ©(es) avec succÃ¨s
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malware Hunter.lnk => dÃ©placÃ©(es) avec succÃ¨s
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0} => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\BackupContextMenuExtension => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\Software\Classes\CLSID\{b1b96b20-da1d-4a3c-92c1-7229b32f2326} => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0} => clÃ© non trouvÃ©(e). 
HKLM\SOFTWARE\Classes\Drive\shellex\ContextMenuHandlers\Glarysoft MalwareHunter => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0} => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0} => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0} => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\BackupContextMenuExtension => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\CLSID\{b1b96b20-da1d-4a3c-92c1-7229b32f2326} => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\Drive\shellex\ContextMenuHandlers\Glarysoft MalwareHunter => clÃ© non trouvÃ©(e). 
HKLM\System\CurrentControlSet\Services\ibtsiva => clÃ© supprimÃ©(es) avec succÃ¨s
ibtsiva => service supprimÃ©(es) avec succÃ¨s
HKLM\System\CurrentControlSet\Services\GUMHFilters => clÃ© supprimÃ©(es) avec succÃ¨s
GUMHFilters => service supprimÃ©(es) avec succÃ¨s
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Glarysoft MalwareHunter => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\CLSID\{EA847F47-97F1-4D78-AB99-C63CA1C327F0} => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => clÃ© non trouvÃ©(e). 
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => clÃ© non trouvÃ©(e). 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DED192E5-8E6E-4DED-A94A-21EBAEB74967} => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DED192E5-8E6E-4DED-A94A-21EBAEB74967} => clÃ© supprimÃ©(es) avec succÃ¨s
C:\WINDOWS\System32\Tasks\{ECB17B16-24AF-41E2-864C-34FE5427FF37} => dÃ©placÃ©(es) avec succÃ¨s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{ECB17B16-24AF-41E2-864C-34FE5427FF37} => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EA9E2B62-7F11-4CC2-B8FE-C08843B1E34B} => clÃ© supprimÃ©(es) avec succÃ¨s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EA9E2B62-7F11-4CC2-B8FE-C08843B1E34B} => clÃ© supprimÃ©(es) avec succÃ¨s
C:\WINDOWS\System32\Tasks\{2C932742-413C-4B70-82C9-252094ED4C3C} => dÃ©placÃ©(es) avec succÃ¨s
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2C932742-413C-4B70-82C9-252094ED4C3C} => clÃ© supprimÃ©(es) avec succÃ¨s
C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => dÃ©placÃ©(es) avec succÃ¨s
C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => dÃ©placÃ©(es) avec succÃ¨s

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24385614 B
Java, Flash, Steam htmlcache => 25175461 B
Windows/system/drivers => 10761079 B
Edge => 65980099 B
Chrome => 408901304 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 771792 B
systemprofile32 => 128 B
LocalService => 85636 B
NetworkService => 266712 B
defaultuser0 => 7168 B
defaultuser2 => 0 B
Damien => 354379575 B

RecycleBin => 0 B
EmptyTemp: => 857.2 MB donnÃ©es temporaires supprimÃ©es.

================================


Le systÃ¨me a dÃ» redÃ©marrer.

==== Fin de Fixlog 17:14:30 ====