Baigoo
|
Description:
|
Spyware
|
|
Risk Level:
|
Low
|
|
Date of First Occurence:
|
Wednesday, April 23, 2008
|
|
Software Developer:
|
(unknown)
|
|
Brief Info:
|
Spyware is computer software that is installed surreptitiously on a personal computer to intercept or take partial control over the user's interaction with the computer, without the user's informed consent.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SUPPRIMER SPYWARE »
Geographical Distribution of Threat "Baigoo"
Threat Info
View All
Detected Items
- Detected Files:
%PROGRAMFILES%\baigoo\bgook.dll
MD5: 59FFB8779127D99F2B53F497DA59FAA6 Size:4294967295
MD5: 4A3497F50FF592E7E7779996B1966E00 Size:106496
%PROGRAMFILES%\baigoo\plugin\bgoobar\bgoobar.dll
MD5: 3938DDDB2BFAAEAD448038572FA882D8 Size:253952
%PROGRAMFILES%\baigoo\uninst.exe
MD5: EB0B1F6CB367AED8078AB086FDA60BEA Size:22459
%PROGRAMFILES%\baigoo\bgooex.dll
MD5: FADF83E527A35E67FBFD4887597A0822 Size:90112
%PROGRAMFILES%\baigoo\bgoomain.exe
MD5: A6E1AB31C9C840382BAC8C0C8431DF7E Size:20480
%PROGRAMFILES%\baigoo\BGooBHO.dll
MD5: 60F946FF6ED0F376E0F2B2E253E57799 Size:28672
%PROGRAMFILES%\baigoo\BGooHK.dll
MD5: B02DD06D4ED94CC8A14CCE297199E2AC Size:28672
- Detected Files with variable Filenames:
Detecting items list:
- Files by Name
%PROGRAMFILES%\baigoo\baigoo.exe
%PROGRAMFILES%\baigoo\BaigooBH.dll
%PROGRAMFILES%\baigoo\baigoohk.dll
%PROGRAMFILES%\baigoo\baigoosv.exe
%PROGRAMFILES%\baigoo\bgooball.dll
%PROGRAMFILES%\baigoo\bgooex.dll
%PROGRAMFILES%\baigoo\bgook.dll
%PROGRAMFILES%\baigoo\uninst.exe
%PROGRAMFILES%\baigoo\plugin\bgoobar\bgoobar.dll
%PROGRAMFILES%\baigoo\plugin\bgoobar\bres1033.dll
%PROGRAMFILES%\baigoo\plugin\bgoobar\bres2052.dll
%PROGRAMFILES%\baigoo\plugin\bgoocos\bgoocos.dll
%PROGRAMFILES%\baigoo\plugin\bgoolink\bgoolink.dll
- Files by Directories
%PROGRAMFILES%\baigoo
- Files by CLSID or Name
CLSID=0F2FB0E8-3E37-4910-8DFA-F9010E4F3ABC
CLSID=8816EA7A-5944-4277-B98E-2C0A46FB36E9
CLSID=7BDAF75A-0D6F-4F50-AFE9-333D08DF4005
CLSID=8465D755-AFE0-40ef-BC5E-2290D2C1F31F
CLSID=18439A22-67A7-4A82-ABB6-82977555AC9B
CLSID=7905958A-18C2-4139-9957-AE6F2B754818
CLSID=808EAF87-61B8-4EEA-8B85-27480D1BDBEE
- Registry Keys
HKCR\AppID\BaigooSv.EXE
HKCR\BaiGooEx.Update
HKCR\BaiGooEx.Update.1
HKCR\BaiGooPM.BHOhelper
HKCR\BaiGooPM.BHOhelper.1
HKCR\BaiGooPM.BrowserObject
HKCR\BaiGooPM.BrowserObject.1
HKLM\SOFTWARE\baigoo
HKLM\SOFTWARE\baigoo\Config
HKLM\SOFTWARE\baigoo\Coop
HKLM\SOFTWARE\baigoo\Update
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6C893032-1E26-4409-BA26-ED6C6007DCA6}
HKLM\SOFTWARE\Classes\Interface\{0BFD5815-6072-41D8-BCA5-7768ED97A079}
HKLM\SOFTWARE\Classes\Interface\{0EA4B97F-2F07-4895-B397-A75D660E142F}
HKLM\SOFTWARE\Classes\Interface\{32CFA498-08BE-4BB7-B362-85EE3BED4617}
HKLM\SOFTWARE\Classes\Interface\{427263C1-FE45-4EF7-8765-318395F7D795}
HKLM\SOFTWARE\Classes\Interface\{5CD25F44-7F74-432D-AA30-4031FE28C326}
HKLM\SOFTWARE\Classes\Interface\{73D898CC-32AE-4C08-A4BA-2142FCCDB9CE}
HKLM\SOFTWARE\Classes\Interface\{A20B50FB-D4B9-4637-83DB-72253A2E3D53}
HKLM\SOFTWARE\Classes\TypeLib\{4626F8A3-DED7-4A56-A73E-D624E6DF8803}
HKLM\SOFTWARE\Classes\TypeLib\{4A8976FE-144E-4742-8E49-D6CD3B140FD1}
HKLM\SOFTWARE\Classes\TypeLib\{690E010B-042A-4973-87A8-485DEB8BDF68}
HKLM\SOFTWARE\Classes\TypeLib\{6B01A4AF-1AB1-47FE-BF1B-1D1583D2B2C0}
HKLM\SOFTWARE\Classes\TypeLib\{9DC44A38-B772-47F8-A406-054F842EC7C5}
- Registry Values
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=baigoo.exe
«
Go to Software Database
