Caishow
|
Description:
|
Adware
|
|
Risk Level:
|
Low
|
|
Date of First Occurence:
|
Tuesday, July 10, 2007
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Adware
Software that is displaying pop-up/pop-under windows containing advertisements when the primary user interface is not visible or displayed advertisements are not related to the product.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SUPPRIMER SPYWARE »
Geographical Distribution of Threat "Caishow"
Threat Info
View All
Detecting items list:
- Files by Name
%ProgramFiles%\CaiShow Tech\CaiShow\BrowerHelper.dll
%ProgramFiles%\CaiShow Tech\CaiShow\CaiShow.exe
%ProgramFiles%\CaiShow Tech\CaiShow\MMSFactory.dll
%ProgramFiles%\CaiShow Tech\CaiShow\MMSSend.dll
%ProgramFiles%\CaiShow Tech\CaiShow\SendShell.exe
%ProgramFiles%\CaiShow Tech\CaiShow\Update.exe
%ProgramFiles%\CaiShow Tech\CaiShow\UpdateManager.exe
- Files by Directories
%ProgramFiles%\CaiShow Tech
- Files by CLSID or Name
CLSID=3AF40CB8-B3BA-4E2D-8968-4BF8DB172997
CLSID=5673A7C0-95CC-4646-BB07-3BD71234CEF9
CLSID=DD6C4862-4BF9-48CE-BD27-9838E30D3DD5
CLSID=0E6E0B51-0300-4AE2-B6C4-F4EFE33A33B2
CLSID=32F64094-A155-4554-8753-E5E267A8C002
CLSID=6ABB6C58-FEB7-43AE-946A-AF05D074F493
- Registry Keys
HKCR\AppID\BrowerHelperMFC.DLL
HKCR\AppID\ssoaddionalindical.DLL
HKCR\Interface\{315420B2-E5C8-4E7B-B812-6676BA4F30CE}
HKCR\Interface\{6CA6DE10-8705-4E1B-9117-BCFA5BECE14B}
HKCR\Interface\{CE98AD53-16F1-48D3-9208-1203AA19F77E}
HKCR\Interface\{D32D8A55-A21A-4237-B8BB-5A5EBEE6746D}
HKCR\Interface\{DBD14208-5F2F-40B8-8D97-6DE44C1D2E3D}
HKCR\Interface\{DC616C5A-3BD6-4774-9823-F20802655811}
HKCR\Interface\{F6CE85C8-99E7-49F5-A1A2-03FFC4FF09A5}
HKCR\TypeLib\{1F805A43-0E95-4245-8EAF-9271D520722A}
HKCR\TypeLib\{73D53D7B-66DF-419B-9B44-CF3F42ADF5C9}
HKCR\TypeLib\{864F198D-6568-4686-B4F5-4A970B85E58B}
HKCR\TypeLib\{89A99589-82B0-4983-A882-E8D8DB3DA5C7}
HKCR\TypeLib\{CEBE027D-5423-41B8-AF51-9F1C22557CC6}
HKCR\TypeLib\{D0581D47-E3CB-402D-B8A6-5F8561B2A36C}
HKCR\BrowerHelperMFC.CaiShowBH
HKCR\BrowerHelperMFC.CaiShowBH.1
HKCR\My.NetAccelerate
HKCR\My.NetAccelerate.1
HKCR\ssoaddionalindical.Identify
HKCR\ssoaddionalindical.Identify.1
HKLM\SOFTWARE\CaiShow
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3AF40CB8-B3BA-4E2D-8968-4BF8DB172997}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5673A7C0-95CC-4646-BB07-3BD71234CEF9}
HKCU\Software\Classes\AppID\MMSFactory.DLL
HKCU\Software\Classes\AppID\MMSSend.DLL
HKCU\Software\Classes\Interface\{315420B2-E5C8-4E7B-B812-6676BA4F30CE}
HKCU\Software\Classes\Interface\{DBD14208-5F2F-40B8-8D97-6DE44C1D2E3D}
HKCU\Software\Classes\Interface\{DC616C5A-3BD6-4774-9823-F20802655811}
HKCU\Software\Classes\Interface\{F6CE85C8-99E7-49F5-A1A2-03FFC4FF09A5}
HKCU\Software\Classes\MMSFactory.Send
HKCU\Software\Classes\MMSFactory.Send.1
HKCU\Software\Classes\MMSSend.Send
HKCU\Software\Classes\MMSSend.Send.1
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3AF40CB8-B3BA-4E2D-8968-4BF8DB172997}
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5673A7C0-95CC-4646-BB07-3BD71234CEF9}
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders ValueName=%ProgramFiles%\CaiShow Tech\CaiShow HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders ValueName=%ProgramFiles%\CaiShow Tech HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs ValueName=%sysdir%\MicrosoftNet.dll
«
Go to Software Database
