Script ZHPFix [MD5.7ECC6CED261022C4C059C0619AF80135] - (...) -- C:\Users\Cob Mac Crisoul\AppData\Roaming\cacaoweb\cacaoweb.exe [510256] [PID.1656] G2 - GCE: Preference [User Data\Default] [janmfndmohbaaoocpcgfbghioojoakjg] rtplugin v.0.7 (Désactivé) G2 - EXT: C:\Users\Cob Mac Crisoul\AppData\Local\Google\Chrome\User Data\Default\Extensions\janmfndmohbaaoocpcgfbghioojoakjg [rtplugin] M2 - MFEP: prefs.js [Cob Mac Crisoul - x1a8bxbz.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.34 (..) O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\Cob Mac Crisoul\AppData\Roaming\cacaoweb\cacaoweb.exe O4 - HKUS\S-1-5-21-3942824714-2387839520-1032066724-1001\..\Run: [cacaoweb] . (...) -- C:\Users\Cob Mac Crisoul\AppData\Roaming\cacaoweb\cacaoweb.exe O4 - GS\Program [Public]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) O4 - GS\QuickLaunch [Cob Mac Crisoul]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [Go for FilesUpdate] (...) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{7AD45075-7885-4019-AAF0-D46DD94624A8}] (...) -- C:\Users\Cob Mac Crisoul\Downloads\dotnetfx.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{BE0F8407-0E58-45FA-A75A-B620075C826A}] (...) -- C:\Program Files (x86)\Farming Simulator 2013\FarmingSimulator2013.exe (.not file.) [0] [HKCU\Software\Azureus] [HKCU\Software\MCAFEE] [HKLM\Software\McAfee] [HKCU\Software\USyndication] [HKCU\Software\cacaoweb] [HKCU\Software\usyndication.com] [HKLM\Software\Wow6432Node\Azureus] [HKLM\Software\Wow6432Node\IncrediMail] O43 - CFD: 22/08/2013 - 17:54:16 - [] ----D C:\Users\Cob Mac Crisoul\AppData\Roaming\Azureus O43 - CFD: 17/07/2014 - 23:29:31 - [] ----D C:\Users\Cob Mac Crisoul\AppData\Roaming\cacaoweb O45 - LFCP:[MD5.AEC405EAB7CE2AFB77BF8292F15BF676] - 17/07/2014 - 21:14:13 ---A- - C:\Windows\Prefetch\CACAOWEB.EXE-608D48EA.pf O45 - LFCP:[MD5.05B9F971C3DD49660FBD3BAECBBC3927] - 17/07/2014 - 21:14:03 ---A- - C:\Windows\Prefetch\CACAOWEB.EXE-BD63BD08.pf O47 - AAKE:Key Export SP - "C:\Users\Cob Mac Crisoul\AppData\Roaming\cacaoweb\cacaoweb.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Users\Cob Mac Crisoul\AppData\Roaming\cacaoweb\cacaoweb.exe O53 - SMSR:HKLM\...\startupreg\cacaoweb [Key] . (...) -- C:\Users\Cob Mac Crisoul\AppData\Roaming\cacaoweb\cacaoweb.exe O53 - SMSR:HKLM\...\startupreg\DriverScanner [Key] . (...) -- C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\vspdfprsrv.exe [Key] . (.Visagesoft - PDF Pro 10 Creator.) -- C:\Program Files (x86)\PDF Pro Software\PDF Pro 10\vspdfprsrv.exe O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O61 - LFC: 17/07/2014 - 23:43:12 ---A- . (...) -- C:\Users\Cob Mac Crisoul\AppData\Roaming\cacaoweb\cacaoweb.exe [510256] O61 - LFC: 17/07/2014 - 23:43:15 ---A- . (...) -- C:\Users\Cob Mac Crisoul\Desktop\cacaoweb.exe [510256] O61 - LFC: 17/07/2014 - 23:43:15 ---A- . (...) -- C:\Users\Cob Mac Crisoul\Downloads\cacaoweb.exe [510256] O69 - SBI: SearchScopes [HKCU] {7A399F60-4F9E-4008-8CBD-A22360C9651C} - (FindWide) - http://search.findwide.com [MD5.7ECC6CED261022C4C059C0619AF80135] [SPRF][17/07/2014] (...) -- C:\Users\Cob Mac Crisoul\Desktop\cacaoweb.exe [510256] HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASAPI32 HKLM\SOFTWARE\Microsoft\Tracing\DomaIQ10_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Azureus_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Azureus_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_kreapixel_14650_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_kreapixel_14650_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\LollipopInstaller_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mysearchdial_712013_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\mysearchdial_712013_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Supreme Savings-codedownloader_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Supreme Savings-codedownloader_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VuzeBittorrentClientInstaller_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\VuzeBittorrentClientInstaller_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Vuze_Installer_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\Vuze_Installer_RASMANCS HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-1DC8_RASAPI32 HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\yontoo-C4-1DC8_RASMANCS [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb] [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:cacaoweb C:\Users\Cob Mac Crisoul\AppData\Roaming\Mozilla\Firefox\Profiles\x1a8bxbz.default\extensions\cacaoweb@cacaoweb.org C:\Users\Cob Mac Crisoul\AppData\Roaming\Azureus C:\Users\Cob Mac Crisoul\AppData\Roaming\cacaoweb C:\Users\Cob Mac Crisoul\AppData\Roaming\cacaoweb\cacaoweb.exe C:\Users\Cob Mac Crisoul\Desktop\cacaoweb.exe C:\Users\Cob Mac Crisoul\Downloads\cacaoweb.exe OPT:O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe OPT:O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe OPT:SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe EmptyCLSID ShortCutFix FirewallRAZ EmptyTemp SysRestore