Script Zhpfix
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\Emma\AppData\Roaming\cacaoweb\cacaoweb.exe
O4 - HKUS\S-1-5-21-348334686-3020488083-2491218762-1001\..\Run: [cacaoweb] . (...) -- C:\Users\Emma\AppData\Roaming\cacaoweb\cacaoweb.exe
HKU\S-1-5-21-348334686-3020488083-2491218762-1001\Software\AppDataLow\Software\Smartbar
HKCU\Software\WEBAPP
HKCU\Software\TeleCharger
HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-348334686-3020488083-2491218762-1001\Software\SweetIM
HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update
HKLM\SOFTWARE\WOW6432Node\53ed6debc3cbe44
HKLM\SOFTWARE\WOW6432Node\DataMngr
HKLM\SOFTWARE\WOW6432Node\Iminent
HKCU\SOFTWARE\53ed6debc3cbe44
HKCU\SOFTWARE\BabylonToolbar
HKCU\SOFTWARE\cacaoweb
HKCU\SOFTWARE\Conduit
HKCU\SOFTWARE\DataMngr
HKCU\SOFTWARE\DataMngr_Toolbar
HKCU\SOFTWARE\AppDataLow\Software\Smartbar
HKU\S-1-5-21-348334686-3020488083-2491218762-1001\SOFTWARE\53ed6debc3cbe44
HKU\S-1-5-21-348334686-3020488083-2491218762-1001\SOFTWARE\BabylonToolbar
HKU\S-1-5-21-348334686-3020488083-2491218762-1001\SOFTWARE\cacaoweb
HKU\S-1-5-21-348334686-3020488083-2491218762-1001\SOFTWARE\Conduit
HKU\S-1-5-21-348334686-3020488083-2491218762-1001\SOFTWARE\DataMngr
HKU\S-1-5-21-348334686-3020488083-2491218762-1001\SOFTWARE\DataMngr_Toolbar
HKU\S-1-5-21-348334686-3020488083-2491218762-1001\SOFTWARE\TeleCharger
HKU\S-1-5-21-348334686-3020488083-2491218762-1001\SOFTWARE\WebApp
O108 - CMH1: PDFArchitect3_PDFManagerExt [64Bits] - {7519DD38-AA6F-4250-8E81-F1576DA1A05E} . (.Orphan.)
O108 - CMH1: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH4: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O108 - CMH6: WinRAR32 [64Bits] - {B41DB860-8EE4-11D2-9906-E49FADC173CA} . (.Orphan.)
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.id", "888780b500000000000094dbc99953f0");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.instlDay", "15790");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.vrsnTs", "1.8.10.015:39:06");
O69 - SBI: prefs.js [Emma - b7r0asz5.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
O90 - PUC: "4EA42A62D9304AC4784BF2381208130F" [HKLM] . (.Java 8 Update 31.)
O90 - PUC: "5A812990327ACD34D85B163756A6E149" [HKLM] . (.Dropbox Update Helper.)
O90 - PUC: "7E0BA6F1DDC839B4A832AAE92BEFCF4E" [HKLM] . (.Junk Mail filter update.)
O90 - PUC: "93BAD29AC2E44034A96BCB446EB8552E" [HKLM] . (.Google Update Helper.)
O90 - PUC: "A089CE062ADB6BC44A720BA745894BAC" [HKLM] . (.Google Update Helper.)
O90 - PUC: "AA74CE6531856FF4E857450462BFAE38" [HKLM] . (.Apple Software Update.) -- C:\Windows\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\Installer.ico
O90 - PUC: "F60730A4A66673047777F5728467D401" [HKLM] . (.Java Auto Updater.)
HKLM\SOFTWARE\Microsoft\Tracing\AsusWSUpdater_RASAPI32
HKLM\SOFTWARE\Microsoft\Tracing\AsusWSUpdater_RASMANCS
C:\Users\Emma\AppData\Roaming\Mozilla\Firefox\Profiles\b7r0asz5.default\extensions\cacaoweb@cacaoweb.org
C:\Program Files (x86)\PriceMinnus
C:\Users\Emma\AppData\Roaming\cacaoweb
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\PDFArchitect3_PDFManagerExt
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Products\4EA42A62D9304AC4784BF2381208130F
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Features\4EA42A62D9304AC4784BF2381208130F
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Products\5A812990327ACD34D85B163756A6E149
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Features\5A812990327ACD34D85B163756A6E149
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Features\7E0BA6F1DDC839B4A832AAE92BEFCF4E
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Products\A089CE062ADB6BC44A720BA745894BAC
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Features\A089CE062ADB6BC44A720BA745894BAC
C:\Windows\Installer\{56EC47AA-5813-4FF6-8E75-544026FBEA83}\Installer.ico
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Products\AA74CE6531856FF4E857450462BFAE38
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Features\AA74CE6531856FF4E857450462BFAE38
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Products\F60730A4A66673047777F5728467D401
HKLM\SOFTWARE\Wow6432Node\Classes\Installer\Features\F60730A4A66673047777F5728467D401
C:\Windows\Installer\103d3080.msp
C:\Windows\Installer\118d0cb0.msp
C:\Windows\Installer\28d8d491.msp
C:\Windows\Installer\4381e3.msp
C:\Windows\Installer\4890e910.msp
C:\Windows\Installer\55e446c.msp
C:\Windows\Installer\5821e87.msp
C:\Windows\Installer\c15d845.msp
C:\Windows\Installer\c482a.msp
C:\Windows\Installer\ca470.msp
C:\Windows\Installer\ea38c78.msp
C:\Windows\Installer\fa6951.msp
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AsusWSUpdater_RASAPI32
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\AsusWSUpdater_RASMANCS
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID]:{58124A0B-DC32-4180-9BFF-E0E21AE34026}
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID]:{977AE9CC-AF83-45E8-9E03-E2798216E2D5}
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID]:{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\Folders]:C:\Program Files (x86)\Iminent\inst\Bootstrapper\
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\Folders]:C:\Program Files (x86)\Iminent\inst\
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Installer\Folders]:C:\Program Files (x86)\Iminent\
HKU\S-1-5-21-348334686-3020488083-2491218762-1001\Software\AppDataLow\Software\Smartbar
HKCU\Software\WEBAPP
HKCU\Software\TeleCharger
HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-348334686-3020488083-2491218762-1001\Software\SweetIM
HKLM\SOFTWARE\Wow6432Node\Policies\Google\Update
EmptyPrefetch
Emptytemp
EmptyClsid