Rapport de ZHPFix 2013.5.24.2 par Nicolas Coolman, Update du 24/05/2013 Fichier d'export Registre : Run by seb at 01/06/2013 19:15:17 High Elevated Privileges : OK Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Corbeille vidée ========== Processus mémoire ========== SUPPRIME Memory Process: C:\Users\seb\AppData\Local\Updater21810\Updater21810.exe SUPPRIME Reboot Memory Process: C:\Program Files (x86)\GigaTribe\gigatribe.exe ========== Module(s) mémoire ========== SUPPRIME Memory Module: C:\Users\seb\AppData\Local\Temp\CheckLang.dll SUPPRIME Memory Module: C:\Users\seb\AppData\Local\Temp\CtRunApp.dll ========== Clé(s) du Registre ========== SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} ABSENT Key: Service: McComponentHostService SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F} ========== Valeur(s) du Registre ========== SUPPRIME {1FC982F2-1764-4FDE-BDB2-509276625939} SUPPRIME {FDDC1ACE-DD0E-4D16-A21D-1FD9020752BA} ABSENT TCP Query User{5CF2A195-25A3-45FA-9EDF-3FB22C310390}C:/program files (x86)/gigatribe/gigatribe.exe ABSENT UDP Query User{5BC6743A-7871-4C03-B26D-400079EFEBD1}C:/program files (x86)/gigatribe/gigatribe.exe ABSENT TCP Query User{E3F52AD6-4840-412B-ACD7-93441B4C683C}C:/program files (x86)/gigatribe/gigatribe.exe ABSENT UDP Query User{0958FA60-DEC7-45C0-974E-F299271CCBF5}C:/program files (x86)/gigatribe/gigatribe.exe ABSENT Valeur Standard Profile: FirewallRaz : ABSENT Valeur Domain Profile: FirewallRaz : SUPPRIME FirewallRaz (None) : {DEF1793B-741C-4C52-BF31-7EC845F35AA0} ProxyFix : Configuration proxy supprimée avec succès SUPPRIME ProxyServer Value SUPPRIME ProxyEnable Value SUPPRIME EnableHttp1_1 Value SUPPRIME ProxyHttp1.1 Value SUPPRIME ProxyOverride Value ========== Préférences navigateur ========== SUPPRIME Mozilla Pref: user_pref("extensions.crossrider.bic", "13efc0c195c54ea4127ef0c75593ebcd"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.InstallationThankYouPage", false); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.InstallationTime", 1370028251); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.active", true); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.addressbar", ""); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.addressbarenhanced", ""); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.backgroundjs", "\n\n//\n"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.backgroundver", 38); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.can_run_bg_code", true); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.certdomaininstaller", ""); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.changeprevious", false); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie.InstallationTime.value", "1370028251"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_aoi.value", "1370028251"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_arbitrary_code.expiration", "Fri May 31 2013 22:51:20 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_arbitrary_code.value", "%22var%20start_time%3D1368590400%3C%3DMath.floo[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_blocklist.value", "%22nonexistantdomain.com%22"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_country_code.expiration", "Fri Jun 07 2013 21:24:18 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_country_code.value", "%22FR%22"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_crr.value", "1370028259"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_currenttime.value", "%221368543844%22"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_hotfix20111102645.value", "%221%22"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_installtime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_installtime.value", "%221368543868%22"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_parent_zoneid.value", "%2214019%22"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_pc_20120828.value", "1370028268100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_product_id.value", "%221171%22"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie._GPL_zoneid.value", "%22215939%22"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.cookie.dbtest.value", "1370028258107"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.description", "Save big with Giant Savings! Coupons display instantly while you're [...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.domain", ""); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.enablesearch", false); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.homepage", ""); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.iframe", false); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3Anull%2C%22install[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.Resources_appVer.value", "56"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.Resources_lastVersion.value", "1"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.Resources_meta.value", "%7B%7D"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.Resources_nextCheck.expiration", "Sat Jun 01 2013 03:24:16 GMT+0200"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.Resources_nextCheck.value", "true"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.Resources_queue.value", "%7B%7D"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%2[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.st[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.manifesturl", ""); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.name", "Giant Savings Extension"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.newtab", ""); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.opensearch", ""); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;i[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_1.ver", 6); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=fu[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_1000014.name", "GPL Plugin (Loader)"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_1000014.ver", 15); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{}[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_1000015.ver", 38); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_13.ver", 3); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIs[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_14.ver", 3); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==t[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_16.name", "FFAppAPIWrapper"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_16.ver", 7); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaSc[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_17.ver", 4); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appA[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_21.name", "debug"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_21.ver", 4); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:funct[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_22.ver", 4); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_28.name", "initializer"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_28.ver", 3); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_4.code", "var jQuery SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_4.name", "jquery_1_7_1"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_4.ver", 4); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isR[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_47.ver", 3); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPTY_CHANNEL__\";var d=function[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_64.name", "appApiMessage"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_64.ver", 2); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(functio[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_72.ver", 3); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof naviga[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_78.name", "CrossriderInfo"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_78.ver", 3); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_98.code", "(function(){var b=\"cr_\"+appAPI.appID+\"internalMessage\[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_98.name", "omniCommands"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins.plugin_98.ver", 2); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,1000015"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,1000014,28"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plugin/apps/21810/plugins/091/ff/plugi[...] SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.pluginsversion", 50); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.publisher", "Innovative Apps"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.searchstatus", 0); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.setnewtab", false); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.thankyou", ""); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.updateinterval", 360); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.21810.ver", 56); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.apps", "21810"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.bic", "13efc0c195c54ea4127ef0c75593ebcd"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.cid", 21810); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.firstrun", false); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.hadappinstalled", true); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.installationdate", 1370028252); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.lastcheck", 22833804); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.lastcheckitem", 22833888); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.modetype", "production"); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.reportInstall", true); SUPPRIME Mozilla Pref: user_pref("extensions.crossriderapp21810.statsDailyCounter", 1); ========== Dossier(s) ========== Aucun dossiers CLSID Local utilisateur vide ========== Fichier(s) ========== SUPPRIME File*: c:\users\seb\appdata\local\updater21810\updater21810.exe ABSENT Folder/File: c:\users\seb\appdata\roaming\mozilla\firefox\profiles\f0svfy7m.default\extensions\extension21810@extension21810.com SUPPRIME File: c:\windows\deleteonreboot.bat SUPPRIME File: c:\windows\prefetch\ezscrsvr.scr-f0dd1ccc.pf ABSENT File: c:\windows\prefetch\localizer.exe-3ff15560.pf ABSENT File: c:\windows\prefetch\lxdimon.exe-a700fa51.pf ABSENT File: c:\windows\prefetch\lxdiamon.exe-256fe0e6.pf ABSENT File: c:\windows\prefetch\jrt.exe-63a2454e.pf ABSENT File: c:\windows\prefetch\find.exe-9aadda11.pf ABSENT File: c:\windows\prefetch\fc.exe-f6221e79.pf ABSENT File: c:\windows\prefetch\cut.dat-691e5d62.pf ABSENT File: c:\windows\prefetch\shortcut.dat-9ece987a.pf ABSENT File: c:\windows\prefetch\sed.dat-ec949492.pf ABSENT File: c:\windows\prefetch\nircmd.dat-ed1fbd0f.pf ABSENT File: c:\windows\prefetch\ccuac.exe-3a725dba.pf SUPPRIME File: c:\users\seb\appdata\local\temp\checklang.dll SUPPRIME File: c:\users\seb\appdata\local\temp\ctrunapp.dll ABSENT File: c:\program files (x86)\mcafee security scan\3.0.318\mcchsvc.exe SUPPRIME File: c:\users\seb\appdata\roaming\microsoft\internet explorer\quick launch\gigatribe.lnk SUPPRIME Reboot c:\program files (x86)\gigatribe\gigatribe.exe SUPPRIME File: c:\users\seb\desktop\gigatribe.lnk SUPPRIME Flash Cookies SUPPRIME Temporaires Windows ========== Tache planifiée ========== SUPPRIME Task: Updater21810.exe ========== Restauration Système ========== Point de restauration du système créé avec succès ========== Autre ========== NON TRAITE McAfee Security Scan Plus v3.0.318.3 ========== Récapitulatif ========== 2 : Processus mémoire 2 : Module(s) mémoire 5 : Clé(s) du Registre 15 : Valeur(s) du Registre 1 : Dossier(s) 23 : Fichier(s) 126 : Préférences navigateur 1 : Tache planifiée 1 : Restauration Système 1 : Autre End of clean in 02mn 06s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 01/06/2013 19:15:17 [19377]