CasinoClient.1
|
Description:
|
Adware
|
|
Risk Level:
|
Medium
|
|
Date of First Occurence:
|
Monday, April 28, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Adaware
Software that is displaying pop-up/pop-under windows containing advertisements when the primary user interface is not visible or displayed advertisements are not related to the product.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
RIMUOVI SPYWARE »
Geographical Distribution of Threat "CasinoClient.1"
Threat Info
View All
Detected Items
- Detected Files:
%PROGRAMFILES%\system files\uninstall.exe
MD5: 3E4F7637C49B92DF7108C9DADAF9EDC6 Size:33619
MD5: 1602B4419FCB7DBB10EEA3957A30F965 Size:33625
%PROGRAMFILES%\system files\system.exe
MD5: 96EBADD0B8E5CD1C0E95493527D93C22 Size:290816
MD5: 6263A7C227651000F80FF39D20076236 Size:294912
%PROGRAMFILES%\system files\plugin.dll
MD5: D3963D0D8EB32C6F97DC5F0CDF480AA9 Size:98304
%PROGRAMFILES%\Cas\Client\Uninstall.exe
MD5: 38FD34B0D0744D9488D3807A2BAB56C7 Size:33647
%TEMP%\cassetup.exe
MD5: 1B6716C33634BEBBAEFC0F016D70106C Size:218121
MD5: A12909C0887FEB3C6457EB132C998CF5 Size:218030
MD5: B936404E2AEFE5F85329A48C28904A72 Size:218061
%TEMP%\cas2setup.exe
MD5: C50B56DAB7C34E8B792F66C046B16994 Size:222298
%PROGRAMFILES%\Cas\Client\casclient.exe
MD5: 5BB5D912B26C69E8CD3ABA9831B81162 Size:286720
MD5: 29A3565F65DFB524F8069C8FECD71671 Size:286720
%PROGRAMFILES%\Cas\Client\casmf.dll
MD5: 19A2F2201C0140DA63030C8BA47FDAA7 Size:90112
MD5: 535907136AB415F969BD6EBAC677C4B5 Size:94208
%PROGRAMFILES%\Cas2Stub\cas2stub.exe
MD5: 20C704F723A21452752D8EED0C628D2F Size:27648
MD5: B323C1FB530D32BD923210B6FCF6BE42 Size:27648
%PROGRAMFILES%\CasStub\casstub.exe
MD5: 613F11F615D21184B1F85D00344FEDB4 Size:34496
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%ProgramFiles%\Cas\Client\86.ico
%ProgramFiles%\Cas\Client\casclient.exe
%ProgramFiles%\Cas\Client\casmf.dll
%ProgramFiles%\Cas\Client\hf.txt
%ProgramFiles%\Cas\Client\sf.txt
%ProgramFiles%\Cas\Client\Uninstall.exe
%ProgramFiles%\CasStub\casstub.exe
%ProgramFiles%\Cas2Stub\casstub.exe
%DESKTOP%\Free Plasma TV.lnk
%DESKTOP%\Weather.lnk
%DESKTOP%\Poker Shortcut.lnk
%DESKTOP%\chat now.lnk
%DESKTOP%\Play Poker Online.lnk
%FAVORITES%\Play Poker Online.lnk
%ProgramFiles%\System Files\kwdata.cdb
%ProgramFiles%\System Files\hldata.cdb
%ProgramFiles%\System Files\System.exe
%ProgramFiles%\System Files\plugin.dll
%ProgramFiles%\System Files\Uninstall.exe
%TEMP%\cassetup.exe
%TEMP%\cas2setup.exe
- Files by Directories
%ProgramFiles%\System Icons
%ProgramFiles%\Cas\Client
%ProgramFiles%\CasStub
%ProgramFiles%\Cas2Stub
- Files by CLSID or Name
CLSID=8293D547-38DD-4325-B35A-F1817EDFA5FC
CLSID=8253D547-38DD-4325-B35A-F1817EDFA5F5
- Registry Keys
HKLM\SOFTWARE\Classes\Main.MimeFilter
HKLM\SOFTWARE\Classes\Main.MimeFilter.1
HKCU\Software\CAS
- Registry Values
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=CAS Client
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=CAS2
«
Go to Software Database
