CACAOWEB, POTENTIALLY SUPERFLUENT SOFTWARE.
CacaoWeb is multimedia software that can be installed without your knowledge via the software Unlimited which is supposed to remove MegaVideo's limitations. It allows you to listen to music and watch streaming videos.
This program is classified as Potentially Unnecessary Software (LPS). It installs as a program and/or as a browser extension. It can start automatically from the Registry via a "Run" key, a service or a scheduled task. It may launch when you start your browser after changing its settings. Sometimes the launch is done silently, that is to say it works in the background. The virus analysis of this software does not show any malware detection.
These are mostly legitimate programs that may not be necessary for your system to function properly. The multiplication of programs launched at system startup can cause delays in the execution of ordinary system tasks but also when browsing the Internet. Note that some programs come from downloads with repackaging, a technique which consists of offering other software during installation. These additional programs are obviously superfluous, they can even be installed without your knowledge. It is recommended to read the EULA before installing packaged software. Before clicking, check the relevance of the pre-checked boxes offered to you.
TECHNICAL ELEMENTS
Features
– It installs as a process launched at system startup (RP),
– It installs an extension program for the Google Chrome (G2) browser,
– It installs an extension program for the Mozilla Firefox (M2) browser,
– It is installed in the Registry Base in order to be launched each time the system is started (O4),
– It creates “Software” registry keys,
– It creates an additional folder in “Application Data” (O43),
– It is installed in the Windows prefetcher folder (O45),
– It is installed in export of authorized application key (ECAA) (O47)
– It creates a ShareTools MSconfig StartupReg registry key (O53),
– It creates multiple user files (O61),
– It is installed in specific folders of the user (O84),
– It creates an active inbound connection in Windows Firewall Application Exceptions (O87),
– It creates Tracing (O100) registry keys
Preview in reports
[MD5.1031DD8EC39721EA17B4220DE68DE6CB] – (…) — C:\Program Files\cacaoweb\cacaoweb.exe [389872]
[MD5.20606D3A237E8907128A18E4BA080F19] – (…) — C:\Users\Coolman\AppData\Roaming\cacaoweb\cacaoweb.exe [452608] [PID.520]
G2 – GCE: Preference [User Data\Default] [gebbadcnkcgcfgpbmcdleckpejgopimf] cacaoweb v.1.19 (Enabled)
G2 – EXT: C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbadcnkcgcfgpbmcdleckpejgopimf [cacaoweb]
M2 – MFEP: prefs.js [Coolman – eqbdq60c.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.15 (.https://www.cacaoweb.org/.)
O4 – HKCU\..\Run: [cacaoweb] . (…) — C:\Program Files\cacaoweb\cacaoweb.exe
O4 – HKUS\S-1-5-21-1390067357-2139871995-1801674531-1003\..\Run: [cacaoweb] . (…) — C:\Program Files\cacaoweb\cacaoweb.exe
[HKCU\Software\cacaoweb]
O43 – CFD: 21/12/2010 – 19:29:34 – [356080] —-D- C:\Program Files\cacaoweb
O43 – CFD: 11/02/2011 – 04:40:04 – [65] —-D- C:\Documents and Settings\Coolman\Application Data\cacaoweb
O43 – CFD: 28/06/2013 – 16:55:23 – [0,432] —-D C:\Users\Coolman\AppData\Roaming\cacaoweb
O45 – LFCP:[MD5.DA4F8FE8FD8C091C5DDF23FD8875D7AF] – 28/06/2013 – 13:47:19 —A- – C:\WINDOWS\Prefetch\CACAONEW76D34D.EXE-D2263CE7.pf
O45 – LFCP:[MD5.3FF4F19A71C6599A89A80D5996C8D371] – 28/06/2013 – 13:47:29 —A- – C:\WINDOWS\Prefetch\CACAOWEB.EXE-2B8D9D27.pf
O47 – AAKE:Key Export SP – “C:\Program Files\cacaoweb\cacaoweb.exe” [Enabled].(…) — C:\Program Files\cacaoweb\cacaoweb.exe
O53 – SMSR:HKLM\…\startupreg\cacaoweb [Key] . (…) — C:\Users\Coolman\AppData\Roaming\cacaoweb\cacaoweb.exe
O61 – LFC: 28/06/2013 – 12:45:25 —A- C:\Users\Coolman\Downloads\cacaoweb.exe [452608]
O61 – LFC: 28/06/2013 – 13:47:18 p.m. —A- C:\Users\Coolman\AppData\Roaming\cacaoweb\cacaoweb.exe [452608]
O61 – LFC: 28/06/2013 – 13:47:23 —A- C:\Users\Coolman\AppData\Roaming\cacaoweb\npdfile.dat [55]
O61 – LFC: 28/06/2013 – 15:55:23 —A- C:\Users\Coolman\AppData\Roaming\cacaoweb\storage.db [25]
[MD5.1031DD8EC39721EA17B4220DE68DE6CB] [SPRF] (…) — C:\Users\Coolman\AppData\Local\Temp\cacaonewa23b8d.exe [389872]
[MD5.1031DD8EC39721EA17B4220DE68DE6CB] [SPRF] (…) — C:\Users\Coolman\Desktop\cacaoweb.exe [389872]
[MD5.2F6EF62FA20ABC73E3E4577CEDDB6FC6] [SPRF][11/12/2010] (…) — C:\Users\Coolman\AppData\Local\Temp\cacaonew06380c.exe [306416]
[MD5.EEB19CBFC3B8C8C1892AE6F726A4BB49] [SPRF][16/04/2011] (…) — C:\Users\Coolman\AppData\Local\Temp\cacaonew068e59.exe [370416]
[MD5.C70FC30A144ED25F742F45519A51F7A6] [SPRF][21/07/2011] (…) — C:\Users\Coolman\AppData\Local\Temp\cacaonew09f584.exe [398064]
[MD5.AC9F307C9BA9E9CFC079DB533F792FCF] [SPRF][19/11/2011] (…) — C:\Users\Coolman\AppData\Local\Temp\cacaonew1052b4.exe [395776]
[MD5.2CD5BEC4DA44F6B44C35A3A6C732145A] [SPRF][22/08/2011] (…) — C:\Users\Coolman\AppData\Local\Temp\cacaonew1521d2.exe [399088]
[MD5.2F6EF62FA20ABC73E3E4577CEDDB6FC6] [SPRF][09/12/2010] (…) — C:\Users\Coolman\AppData\Local\Temp\cacaonew152572.exe [306416]
[MD5.E824DDBDAC2F35BE16D60908F4D134E8] [SPRF][03/08/2011] (…) — C:\Users\Coolman\AppData\Local\Temp\cacaonew1b3175.exe [398576]
[MD5.20606D3A237E8907128A18E4BA080F19] [SPRF][28/06/2013] (…) — C:\Users\Coolman\Desktop\cacaoweb.exe [452608]
O87 – FAEL: “TCP Query User{7FAA4B8C-229B-48AB-BD9B-B515955D22C6}C:\users\fabish\appdata\roaming\cacaoweb\cacaoweb.exe” |In – Public – P6 – TRUE | .(…) — C:\users\Coolman\appdata\roaming\cacaoweb\cacaoweb.exe
O87 – FAEL: “UDP Query User{9B223C52-B447-49C5-90F6-647848AFC1A2}C:\users\fabish\appdata\roaming\cacaoweb\cacaoweb.exe” |In – Public – P17 – TRUE | .(…) — C:\users\Coolman\appdata\roaming\cacaoweb\cacaoweb.exe
O87 – FAEL: “TCP Query User{0D615400-B847-4DCC-87AB-C752DF1FE2E8}C:\users\fabish\appdata\roaming\cacaoweb\cacaoweb.exe” |In – Private – P6 – TRUE | .(…) — C:\users\Coolman\appdata\roaming\cacaoweb\cacaoweb.exe
O87 – FAEL: “UDP Query User{43CBE7DE-BE7B-4BD8-9476-09F8F20A795C}C:\users\fabish\appdata\roaming\cacaoweb\cacaoweb.exe” |In – Private – P17 – TRUE | .(…) — C:\users\Coolman\appdata\roaming\cacaoweb\cacaoweb.exe
[HKLM\Software\Google\Chrome\Extensions\gebbadcnkcgcfgpbmcdleckpejgopimf]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:cacaoweb
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cacaoweb]
[HKCU\Software\cacaoweb]
C:\Program Files\cacaoweb
C:\Documents and Settings\Coolman\Application Data\cacaoweb
C:\Users\Coolman\AppData\Roaming\cacaoweb
C:\Users\Coolman\AppData\Roaming\cacaoweb\cacaoweb.exe
C:\Users\Coolman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebbadcnkcgcfgpbmcdleckpejgopimf
[HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_cacaoweb_RASAPI32]
[HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_cacaoweb_RASMANCS]
[HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_universal-extractor_RASAPI32]
[HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_pour_universal-extractor_RASMANCS]
Alias
Streaming.Cacaoweb
HOW TO DELETE CACAOWEB?
