CasinoClient.1

Description:	Adware
Risk Level:	Medium
Date of First Occurence:	Monday, April 28, 2008
Software Developer:	(unknown)
Brief Info:	Adaware Software that is displaying pop-up/pop-under windows containing advertisements when the primary user interface is not visible or displayed advertisements are not related to the product.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "CasinoClient.1"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\system files\uninstall.exe MD5: 3E4F7637C49B92DF7108C9DADAF9EDC6 Size:33619 MD5: 1602B4419FCB7DBB10EEA3957A30F965 Size:33625 %PROGRAMFILES%\system files\system.exe MD5: 96EBADD0B8E5CD1C0E95493527D93C22 Size:290816 MD5: 6263A7C227651000F80FF39D20076236 Size:294912 %PROGRAMFILES%\system files\plugin.dll MD5: D3963D0D8EB32C6F97DC5F0CDF480AA9 Size:98304 %PROGRAMFILES%\Cas\Client\Uninstall.exe MD5: 38FD34B0D0744D9488D3807A2BAB56C7 Size:33647 %TEMP%\cassetup.exe MD5: 1B6716C33634BEBBAEFC0F016D70106C Size:218121 MD5: A12909C0887FEB3C6457EB132C998CF5 Size:218030 MD5: B936404E2AEFE5F85329A48C28904A72 Size:218061 %TEMP%\cas2setup.exe MD5: C50B56DAB7C34E8B792F66C046B16994 Size:222298 %PROGRAMFILES%\Cas\Client\casclient.exe MD5: 5BB5D912B26C69E8CD3ABA9831B81162 Size:286720 MD5: 29A3565F65DFB524F8069C8FECD71671 Size:286720 %PROGRAMFILES%\Cas\Client\casmf.dll MD5: 19A2F2201C0140DA63030C8BA47FDAA7 Size:90112 MD5: 535907136AB415F969BD6EBAC677C4B5 Size:94208 %PROGRAMFILES%\Cas2Stub\cas2stub.exe MD5: 20C704F723A21452752D8EED0C628D2F Size:27648 MD5: B323C1FB530D32BD923210B6FCF6BE42 Size:27648 %PROGRAMFILES%\CasStub\casstub.exe MD5: 613F11F615D21184B1F85D00344FEDB4 Size:34496
Detected Files with variable Filenames:

Detecting items list:

Files by Name %ProgramFiles%\Cas\Client\86.ico %ProgramFiles%\Cas\Client\casclient.exe %ProgramFiles%\Cas\Client\casmf.dll %ProgramFiles%\Cas\Client\hf.txt %ProgramFiles%\Cas\Client\sf.txt %ProgramFiles%\Cas\Client\Uninstall.exe %ProgramFiles%\CasStub\casstub.exe %ProgramFiles%\Cas2Stub\casstub.exe %DESKTOP%\Free Plasma TV.lnk %DESKTOP%\Weather.lnk %DESKTOP%\Poker Shortcut.lnk %DESKTOP%\chat now.lnk %DESKTOP%\Play Poker Online.lnk %FAVORITES%\Play Poker Online.lnk %ProgramFiles%\System Files\kwdata.cdb %ProgramFiles%\System Files\hldata.cdb %ProgramFiles%\System Files\System.exe %ProgramFiles%\System Files\plugin.dll %ProgramFiles%\System Files\Uninstall.exe %TEMP%\cassetup.exe %TEMP%\cas2setup.exe
Files by Directories %ProgramFiles%\System Icons %ProgramFiles%\Cas\Client %ProgramFiles%\CasStub %ProgramFiles%\Cas2Stub
Files by CLSID or Name CLSID=8293D547-38DD-4325-B35A-F1817EDFA5FC CLSID=8253D547-38DD-4325-B35A-F1817EDFA5F5
Registry Keys HKLM\SOFTWARE\Classes\Main.MimeFilter HKLM\SOFTWARE\Classes\Main.MimeFilter.1 HKCU\Software\CAS
Registry Values HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=CAS Client HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=CAS2

« Go to Software Database

Pesquise na nossa Base de Dados de Software

A base de dados Software

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias antigas de malware »