You must download trial version of "Exterminate-It" antivirus software,to check your computer instantly.
CaiShow is dangerous virus:
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits
[Kaspersky]AdWare.Win32.Dm.e;
[Other]Adware.CaishowCaiShow Symptoms:
Files:
[%PROFILE_TEMP%]\caishow.exe
[%PROGRAM_FILES%]\Internet Explorer\PLUGINS\caishow.exe
[%SYSTEM%]\caishow.exe
[%PROFILE_TEMP%]\caishow.exe
[%PROGRAM_FILES%]\Internet Explorer\PLUGINS\caishow.exe
[%SYSTEM%]\caishow.exe
Folders:
[%PROGRAM_FILES%]\CaiShow Tech
Registry Keys:
HKEY_CLASSES_ROOT\appid\browerhelpermfc.dll
HKEY_CLASSES_ROOT\appid\my.dll
HKEY_CLASSES_ROOT\appid\ssoaddionalindical.dll
HKEY_CLASSES_ROOT\appid\{18e8c855-ff2e-4beb-b9d2-e7b25af92a48}
HKEY_CLASSES_ROOT\appid\{37bc804e-e26b-4d09-836f-ac15fc0c253e}
HKEY_CLASSES_ROOT\appid\{fbb4d7ba-ccd3-457d-beff-f3b1757bd6b1}
HKEY_CLASSES_ROOT\browerhelpermfc.caishowbh
HKEY_CLASSES_ROOT\browerhelpermfc.caishowbh.1
HKEY_CLASSES_ROOT\clsid\{dd6c4862-4bf9-48ce-bd27-9838e30d3dd5}
HKEY_CLASSES_ROOT\interface\{315420b2-e5c8-4e7b-b812-6676ba4f30ce}
HKEY_CLASSES_ROOT\interface\{6ca6de10-8705-4e1b-9117-bcfa5bece14b}
HKEY_CLASSES_ROOT\interface\{ce98ad53-16f1-48d3-9208-1203aa19f77e}
HKEY_CLASSES_ROOT\interface\{d32d8a55-a21a-4237-b8bb-5a5ebee6746d}
HKEY_CLASSES_ROOT\interface\{dbd14208-5f2f-40b8-8d97-6de44c1d2e3d}
HKEY_CLASSES_ROOT\interface\{dc616c5a-3bd6-4774-9823-f20802655811}
HKEY_CLASSES_ROOT\interface\{f6ce85c8-99e7-49f5-a1a2-03ffc4ff09a5}
HKEY_CLASSES_ROOT\my.netaccelerate
HKEY_CLASSES_ROOT\my.netaccelerate.1
HKEY_CLASSES_ROOT\ssoaddionalindical.identify
HKEY_CLASSES_ROOT\ssoaddionalindical.identify.1
HKEY_CLASSES_ROOT\typelib\{1f805a43-0e95-4245-8eaf-9271d520722a}
HKEY_CLASSES_ROOT\typelib\{73d53d7b-66df-419b-9b44-cf3f42adf5c9}
HKEY_CLASSES_ROOT\typelib\{864f198d-6568-4686-b4f5-4a970b85e58b}
HKEY_CLASSES_ROOT\typelib\{89a99589-82b0-4983-a882-e8d8db3da5c7}
HKEY_CLASSES_ROOT\typelib\{cebe027d-5423-41b8-af51-9f1c22557cc6}
HKEY_CLASSES_ROOT\typelib\{d0581d47-e3cb-402d-b8a6-5f8561b2a36c}
HKEY_CURRENT_USER\software\classes\download.download
HKEY_CURRENT_USER\software\classes\download.download.1
HKEY_CURRENT_USER\software\microsoft\installer\upgradecodes\51d767ec8af379d43b3e631a28e7def7
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\ext\stats\{3af40cb8-b3ba-4e2d-8968-4bf8db172997}
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\ext\stats\{5673a7c0-95cc-4646-bb07-3bd71234cef9}
HKEY_LOCAL_MACHINE\software\caishow
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\upgradecodes\51d767ec8af379d43b3e631a28e7def7
HKEY_CLASSES_ROOT\clsid\{3af40cb8-b3ba-4e2d-8968-4bf8db172997}
HKEY_CLASSES_ROOT\clsid\{5673a7c0-95cc-4646-bb07-3bd71234cef9}
HKEY_CURRENT_USER\software\classes\appid\download.dll
HKEY_CURRENT_USER\software\classes\appid\mmsfactory.dll
HKEY_CURRENT_USER\software\classes\appid\mmssend.dll
HKEY_CURRENT_USER\software\classes\appid\{22a36e6e-07cb-4851-aa84-5fc1ca73a1de}
HKEY_CURRENT_USER\software\classes\appid\{88abd365-12ae-44e7-8450-da5c3653325b}
HKEY_CURRENT_USER\software\classes\appid\{f375f726-23d3-4179-9ca2-54fe6e490879}
HKEY_CURRENT_USER\software\classes\clsid\{0e6e0b51-0300-4ae2-b6c4-f4efe33a33b2}
HKEY_CURRENT_USER\software\classes\clsid\{32f64094-a155-4554-8753-e5e267a8c002}
HKEY_CURRENT_USER\software\classes\clsid\{6abb6c58-feb7-43ae-946a-af05d074f493}
HKEY_CURRENT_USER\software\classes\interface\{315420b2-e5c8-4e7b-b812-6676ba4f30ce}
HKEY_CURRENT_USER\software\classes\interface\{dbd14208-5f2f-40b8-8d97-6de44c1d2e3d}
HKEY_CURRENT_USER\software\classes\interface\{dc616c5a-3bd6-4774-9823-f20802655811}
HKEY_CURRENT_USER\software\classes\interface\{f6ce85c8-99e7-49f5-a1a2-03ffc4ff09a5}
HKEY_CURRENT_USER\software\classes\mmsfactory.send
HKEY_CURRENT_USER\software\classes\mmsfactory.send.1
HKEY_CURRENT_USER\software\classes\mmssend.send
HKEY_CURRENT_USER\software\classes\mmssend.send.1
HKEY_CURRENT_USER\software\microsoft\installer\features\8d15efaff3f76694e8331e3d97fe51d7
HKEY_CURRENT_USER\software\microsoft\installer\products\8d15efaff3f76694e8331e3d97fe51d7
HKEY_CURRENT_USER\software\microsoft\internet explorer\menuext\[chinese characters]
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3af40cb8-b3ba-4e2d-8968-4bf8db172997}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5673a7c0-95cc-4646-bb07-3bd71234cef9}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\userdata\s-1-5-18\components\14aa5729dada23d2f57c1c2297718ac2
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\userdata\[user sid]\products\8d15efaff3f76694e8331e3d97fe51d7
Registry Values:
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\installer\folders
HKEY_CLASSES_ROOT\appid\download.dll
HKEY_CLASSES_ROOT\appid\mmsfactory.dll
HKEY_CLASSES_ROOT\appid\mmssend.dll
HKEY_CURRENT_USER\appid\download.dll
HKEY_CURRENT_USER\appid\mmsfactory.dll
HKEY_CURRENT_USER\appid\mmssend.dll
HKEY_CURRENT_USER\clsid\{0e6e0b51-0300-4ae2-b6c4-f4efe33a33b2}\inprocserver32
HKEY_CURRENT_USER\clsid\{32f64094-a155-4554-8753-e5e267a8c002}\inprocserver32
HKEY_CURRENT_USER\clsid\{6abb6c58-feb7-43ae-946a-af05d074f493}\inprocserver32
HKEY_CURRENT_USER\interface\{315420b2-e5c8-4e7b-b812-6676ba4f30ce}\typelib
HKEY_CURRENT_USER\interface\{dbd14208-5f2f-40b8-8d97-6de44c1d2e3d}\typelib
HKEY_CURRENT_USER\interface\{dc616c5a-3bd6-4774-9823-f20802655811}\typelib
HKEY_CURRENT_USER\interface\{f6ce85c8-99e7-49f5-a1a2-03ffc4ff09a5}\typelib
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
You must clean you computer ASAP !!!
Download Free Trial Version of antivirus software here, to check your computer instantly.
Also Be Aware of the Following Threats:
TrojanDownloader.Win32.Agent.au Trojan Symptoms
Justas Trojan Removal instruction
Remove Bancos.GJB Trojan
Removing Systemdo Trojan
Nerte.Server.family Trojan Cleaner
No comments:
Post a Comment