Win32/Caphaw

Win32/Caphaw is detection by Microsoft Security Software products for Trojans that has sole intention of gaining remote access on the compromised computer. To complete this, this threat will make certain changes on the system.

It also opens a backdoor by modifying registry and firewall settings. Win32/Caphaw was also built to steal sensitive data from the infected PC. Collected data are stored on predefined section of the hard drive and was configured to be sent to remove attacker at a given time.

Threat behavior

Installation

Normally, malicious code of Win32/Caphaw is embedded on attached file to spam email messages. Opening it runs the malware without getting user’s attention. Another means utilized by malware authors to spread Win32/Caphaw are malicious links from blog site’s comment area, social networking sites, and cracked programs. Virus infection can also lead to this attack, particularly downloader trojan.

Payload

Once Win32/Caphaw is run on the computer, it will modify set of files. Furthermore, it will drop additional files that are likely malicious. Registry entries are also created to run the trojan each time Windows starts.

During the presence of Win32/Caphaw, anti-virus programs and other security-related software may be disabled. The threat normally ends running processes that are relevant to anti-virus, firewall, and other computer protection program.

Win32/Caphaw occasionally connects to a remote server using HTTP or FTP ports to upload information gathered from the PC.

Symptoms

Alerts from Microsoft Security Software security products are one sign that will surface during the presence of Win32/Caphaw.

How can you remove Win32/Caphaw?

To totally remove Win32/Caphaw from the computer and get rid of relevant virus and trojan, please execute the procedures as stated on this page. Make sure that you have completely scan the system with suggested malware removal tools and virus scanners.

Windows XP, Windows Vista, and Windows 7 Instructions:

1. Open Microsoft Security Essentials by going to Windows Start > All Programs. If the tool is not yet installed on the computer, please download Microsoft Security Essentials from the link below. Save the file on your hard drive.

Complete installation guide and usage are also provided on the same link. It is essential in removing Win32/Caphaw effectively. If Microsoft Security Essentials is already installed on the PC, please proceed with the steps below.

2. On Microsoft Security Essentials Home screen, please choose Full under Scan Options.

MSE Full Scan

3. Click on Scan Now button to start detecting Win32/Caphaw items, viruses, and malware on the PC. Scan may take a while, please be patient and wait for the process to end.

Windows 8 / 10 Instructions:

Windows Defender is a free tool that was built to help you remove Win32/Caphaw, viruses, and other malicious items from Windows 8 system. Follow these procedures to scan your computer with Windows Defender:

1. Tap or click the Search charm, search for defender, and then open Windows Defender.

If Windows Defender is not yet installed on the computer, please proceed to download page using the link below. It also contains detailed instruction to install and use the program effectively. Proper usage is required to totally remove Win32/Caphaw.

WD-charm

2. On the Home tab, click Full under Scan Options. Click Scan now to start scanning for presence of Win32/Caphaw. The process may take a while to complete.

WD-fullscan

3. After the scan, delete/quarantine identified threats wether it is relevant to Win32/Caphaw or not. You may now restart Windows to complete the virus removal process.

Double Check with Malwarebytes Anti-Malware

1. Download Malwarebytes Anti-Malware from the link below. Save the file on your hard drive.

2. Once the download completes, double-click on the file MBSetup.exe to run the program.

3. Select desired installation package whether for Personal Computer or Work Computer.

4. On next window, click Install button to proceed.

MBAM Default Install

5. Just proceed with the succeeding prompts until it start to execute the installation procedure.

6. Installation process will take less than a minute. It should run automatically after completing the setup.

7. When Malwarebytes Anti-Malware interface appears, please select Scan on the menu. The program will check for any available update before proceeding. Do not skip this step. Virus scan may take a while, please wait for the process to finish.

MBAM-threatscan

8. When scanning is done, Malwarebytes Anti-Malware will display the list of identified threats. Remove all and restart the computer to finalized the scan process.

About the author

5 thoughts on “Win32/Caphaw”

  1. I have run Microsoft Security Essential numerous times and still I am getting the Win32/Caphaw pop ups. The same with Malwarebytes anti-malware. Funnily enough the Security Alerts pop up during the scan and I have screen shots of it sitting over the completed scan where it says PC protected. Does anyone know anyway to get rid of this ?

  2. I ran MSE, And malware, I ran pretty much every anti-malware I can find, but its still not going away. I still see the popups!!!

  3. My computer is Mac. Bootcamp on my computer. Full mode scan. Nothing happened. Absolutely both of my Systems(OSX and win7) all in this scanning.

  4. I’m getting same thing. I’ve done went everywhere and computer keeps saying PC is fine an no threats found during my scans it gives a 1-800-935 – 0716 to call immediately or they will suspend me from going to websites!

  5. If this continues, your best bet would be to completely restart your computer, and start over

Leave a Comment

Your email address will not be published. Required fields are marked *