Farbar Recovery Scan Tool (x86) Version: 11-03-2015 Ran by user at 2015-03-11 21:22:10 Running from C:\Users\user\Desktop Boot Mode: Normal ================== Search Registry: "cacaoweb" =========== [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "TCP Query User{4841E66E-5909-464C-9D95-B175C6A6C2A9}C:\program files\cacaoweb\cacaoweb.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\cacaoweb\cacaoweb.exe|Name=cacaoweb|Desc=cacaoweb|Defer=User|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "TCP Query User{4841E66E-5909-464C-9D95-B175C6A6C2A9}C:\program files\cacaoweb\cacaoweb.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\cacaoweb\cacaoweb.exe|Name=cacaoweb|Desc=cacaoweb|Defer=User|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "UDP Query User{8CC62D5F-17B8-4C94-A0DA-0A3C09F2B1BF}C:\program files\cacaoweb\cacaoweb.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\cacaoweb\cacaoweb.exe|Name=cacaoweb|Desc=cacaoweb|Defer=User|" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "UDP Query User{8CC62D5F-17B8-4C94-A0DA-0A3C09F2B1BF}C:\program files\cacaoweb\cacaoweb.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\cacaoweb\cacaoweb.exe|Name=cacaoweb|Desc=cacaoweb|Defer=User|" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "TCP Query User{4841E66E-5909-464C-9D95-B175C6A6C2A9}C:\program files\cacaoweb\cacaoweb.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\cacaoweb\cacaoweb.exe|Name=cacaoweb|Desc=cacaoweb|Defer=User|" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "TCP Query User{4841E66E-5909-464C-9D95-B175C6A6C2A9}C:\program files\cacaoweb\cacaoweb.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\program files\cacaoweb\cacaoweb.exe|Name=cacaoweb|Desc=cacaoweb|Defer=User|" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "UDP Query User{8CC62D5F-17B8-4C94-A0DA-0A3C09F2B1BF}C:\program files\cacaoweb\cacaoweb.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\cacaoweb\cacaoweb.exe|Name=cacaoweb|Desc=cacaoweb|Defer=User|" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "UDP Query User{8CC62D5F-17B8-4C94-A0DA-0A3C09F2B1BF}C:\program files\cacaoweb\cacaoweb.exe"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\program files\cacaoweb\cacaoweb.exe|Name=cacaoweb|Desc=cacaoweb|Defer=User|" [HKEY_USERS\S-1-5-21-8605231-3056671493-1948616188-1001\Software\cacaoweb] [HKEY_USERS\S-1-5-21-8605231-3056671493-1948616188-1001\Software\cacaoweb] ""="C:\Program Files\cacaoweb\cacaoweb.exe" [HKEY_USERS\S-1-5-21-8605231-3056671493-1948616188-1001\Software\Microsoft\Windows\CurrentVersion\Run] "cacaoweb"=""C:\Program Files\cacaoweb\cacaoweb.exe" -noplayer" [HKEY_USERS\S-1-5-21-8605231-3056671493-1948616188-1001\Software\Microsoft\Windows\CurrentVersion\Run] "cacaoweb"=""C:\Program Files\cacaoweb\cacaoweb.exe" -noplayer" [HKEY_USERS\S-1-5-21-8605231-3056671493-1948616188-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\program files\cacaoweb\cacaoweb.exe"="cacaoweb.exe" [HKEY_USERS\S-1-5-21-8605231-3056671493-1948616188-1001\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\program files\cacaoweb\cacaoweb.exe"="cacaoweb.exe" [HKEY_USERS\S-1-5-21-8605231-3056671493-1948616188-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\program files\cacaoweb\cacaoweb.exe"="cacaoweb.exe" [HKEY_USERS\S-1-5-21-8605231-3056671493-1948616188-1001_Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache] "C:\program files\cacaoweb\cacaoweb.exe"="cacaoweb.exe" ====== End Of Search ======