Threat Information for "Pave Blue Consumer Alert System"

Removal Top

StopSign will automatically remove this infection with a paid membership.

Summary Top
  • Name: Pave Blue Consumer Alert System
  • Aliases:ADSPY/CASClient.A.3, Win32:Adware-gen, Dropped:Adware.Casclient.A, AdWare.Win32.CASClient.a, ICanNews.Casclient (threat-c), Malware.BUW
  • Date Discovered: 2006-09-07
  • Protection Added: 2006-09-13
Description Top 
-- Ease of Removal

1: Creates new registry entries with consistent data
2: Consistently named
3: Consistent file contents
4: Uses running processes

-- Damage/Intrusion/Annoyance

1: Displays targeted popup advertisements
2: Creates new files
3: Autoruns at startup without an option to be disabled
4: Creates user-visible icons
5: Creates third-party icons on desktop

-- Propagation/Saturation

1: Installed by other infections
Technical Details Top
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\???.ico
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\System Icons
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Play Poker Online!.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Independence Day.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Spyware.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Online Auctions.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\CasStub\casstub.exe
  • Added Directory/File:
    FilePath: %TEMPDIR%\cas2setup.exe
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Energy Drink.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Musical Ringtone.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Free Desktop.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\???.ico
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\System Files\Uninstall.exe
  • Added Directory/File:
    FilePath: %CACHE%\install*.exe
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Hot Ringtone.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Screensaver Gallery.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Money at Home Shortcut.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\CasStub\casstub.exe
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\Uninstall.exe
  • Added Directory/File:
    FilePath: %TEMPDIR%\cassetup.exe
  • Added Directory/File:
    FilePath: %USERDESKTOP%\DVD Camcorder.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Live.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Xbox 360.lnk
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\redist1.dll*
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\System Files\plugin.dll
  • Added Directory/File:
    FilePath: %CACHE%\*.ico
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Handheld PSP.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Poker.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Meet Me.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\Uninstall.exe
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\hf.txt
  • Added Directory/File:
    FilePath: %USERFAVORITES%\Blackjack.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Coke vs Pepsi.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Ringtones Shortcut.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\True Love.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Win 100k Airline Miles.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\System Files\hldata.cdb
  • Added Directory/File:
    FilePath: %CACHE%\tpa0003*.exe
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Fun.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Online Credit.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Chat NOW.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\hf.txt
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\casclient.exe
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas2Stub\cas2stub.exe
  • Added Directory/File:
    FilePath: %USERDESKTOP%\50Cent.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Ipod.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Starbucks.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Poker Shortcut.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\CasStub
  • Added Directory/File:
    FilePath: %TEMPDIR%\install.exe
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Free Candy.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\New Laptop.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Shortcut to Friends.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\casclient.exe
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\System Files
  • Added Directory/File:
    FilePath: %CACHE%\redistribute*.exe
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Ice Cream.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Shopping.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Nike vs Adidas.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\CasStub
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client
  • Added Directory/File:
    FilePath: %TEMPDIR%\tpa0003.exe
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Ebay.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Love.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\25 Dollars.lnk
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\redistributor.exe*
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\System Files\System.exe
  • Added Directory/File:
    FilePath: %CACHE%\cas2setup*.exe
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Home Depot.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Say What.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Mobile.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\sf.txt
  • Added Directory/File:
    FilePath: %USERFAVORITES%\Play Poker Online!.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Cupid.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\list.txt
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Wasssssup!.lnk
  • Added Directory/File:
    FilePath: %SYSTEMDIR%\redist.dll*
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\System Files\kwdata.cdb
  • Added Directory/File:
    FilePath: %CACHE%\cassetup*.exe
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Gift.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\oreo.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Ipod Nano.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\sf.txt
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\casmf.dll
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas2Stub
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Be Happy.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Laptop Preferences.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Telecommute.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\The New Black Razr.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas
  • Added Directory/File:
    FilePath: %TEMPDIR%\redistribute.exe
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Fun Cards.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\New Ringtone.lnk
  • Added Directory/File:
    FilePath: %USERDESKTOP%\Top 10.lnk
  • Added Directory/File:
    FilePath: %PROGRAMFILESDIR%\Cas\Client\casmf.dll
  • Added Registry Key:
    Key: HKCR\CLSID\{8253D547-38DD-4325-B35A-F1817EDFA5F5}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Main.MimeFilter
  • Added Registry Key:
    Key: HKCU\Software\CAS2
  • Added Registry Key:
    Key: HKCR\PROTOCOLS\Filter\text/html
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\TypeLib\{D4C89C18-B4F3-46A9-8800-E9E7A55AFBD9}
  • Added Registry Key:
    Key: HKCR\Main.MimeFilter.1
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\AppID\{E0DC5CC4-25A5-4BC7-A3AA-3525733DC796}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{8253D547-38DD-4325-B35A-F1817EDFA5F5}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{8253D547-38DD-4325-B35A-F1817EDFA5F5}
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\Main.MimeFilter.1
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\logons
  • Added Registry Key:
    Key: HKCU\Software\CAS
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\CLSID\{8293D547-38DD-4325-B35A-F1817EDFA5FC}
  • Added Registry Key:
    Key: HKCR\AppID\Main.DLL
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/html
  • Added Registry Key:
    Key: HKCR\Main.MimeFilter
  • Added Registry Key:
    Key: HKLM\SOFTWARE\Classes\AppID\Main.DLL
  • Added Registry Value:
    Key: HKLM\%CURRENTVERSIONREG%\Run Value: NwCplMonitor
  • Added Registry Value:
    Key: HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow Value: www.dailynewsjunky.com
  • Added Registry Data:
    Key: HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/html Value: [RANDOM VALUE] Data: {8253D547-38DD-4325-B35A-F1817EDFA5F5}
  • Added Registry Data:
    Key: HKCU\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %PROGRAMFILESDIR%\System Files\System.exe
  • Added Registry Data:
    Key: HKLM\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %SYSTEMDIR%\redistributor.exe
  • Added Registry Data:
    Key: HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\text/html Value: [RANDOM VALUE] Data: CasEngine.MimeFilter
  • Added Registry Data:
    Key: HKCU\%CURRENTVERSIONREG%\Run Value: [RANDOM VALUE] Data: %PROGRAMFILESDIR%\Cas\Client\casclient.exe