Congoo

Description:	Adware
Risk Level:	High
Date of First Occurence:	Monday, April 14, 2008
Software Developer:	(unknown)
Brief Info:	Congoo-Software that is displaying pop-up/pop-under windows containing advertisements when the primary user interface is not visible or displayed advertisements are not related to the product.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "Congoo"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\Congoo NetPass\_Setupx.dll MD5: F6255970E811824D5E57729EEC42F50B Size:25600 MD5: 0E976DA6DC32F05E6EB5429AE15253C9 Size:25600 %PROGRAMFILES%\Congoo NetPass\Setup.exe MD5: C691C5E8801E6374E2D7E3ABF9CDA608 Size:72704 MD5: 323DDCA3A434762A6BB84E0100AD4655 Size:72704 %PROGRAMFILES%\Congoo NetPass\congoo.dll MD5: A5832B38FE20B5ABB4BE15934479AEC6 Size:598016 MD5: 94B0BF6A62248A10D6FC7DBD5D5CCD2F Size:598016 MD5: 13A6355395FE085F0ED34FC28456F8B3 Size:589824 MD5: C9D9B2ACFB9F5ECFBAE8C6ED09860E56 Size:598016 MD5: ABF112E1F5353958AB8D8D4E1F1C6CCF Size:598016 %PROGRAMFILES%\Congoo NetPass\whitelist_plugin.dll MD5: 38E7D1A54F33537410722B160CA5EEEF Size:49152 MD5: 146809B5C962A7D9561ED3CE14DEF7A7 Size:49152 %PROGRAMFILES%\Congoo NetPass\msvcrt.dll MD5: E054EDAFDB3997D84201275A743488AD Size:290869 %PROGRAMFILES%\Congoo NetPass\msvcp60.dll MD5: CB21D826D9C39AED19DD431C1880F5DE Size:401462 %PROGRAMFILES%\Congoo NetPass\autofill_plugin.dll MD5: E31639927A3D03CAFF3E676A35D7BDF8 Size:176206 MD5: F498455E948201E8A2063EA138640FC3 Size:159744 MD5: 3ABB7C37327BE9E8F9B7C62EFD85B572 Size:155648 %PROGRAMFILES%\Congoo Netpass\congootb.dll MD5: AD5F1F92C3D9D9C857373DFA8787E125 Size:915160
Detected Files with variable Filenames: MD5: 86F1895AE8C5E8B17D99ECE768A70732 Size: 348160 %PROGRAMFILES%\Congoo NetPass\MSVCR71.DLL %PROGRAMFILES%\Congoo NetPass\MSVCR71.DLL.ren MD5: 561FA2ABB31DFA8FAB762145F81667C2 Size: 499712 %PROGRAMFILES%\Congoo NetPass\MSVCP71.DLL %PROGRAMFILES%\Congoo NetPass\MSVCP71.DLL.ren MD5: ABD56BF2914FA90D43E92491BC521E37 Size: 915160 %PROGRAMFILES%\Congoo NetPass\congootb.dll %PROGRAMFILES%\Congoo NetPass\congootb.dll.ren MD5: 94B0BF6A62248A10D6FC7DBD5D5CCD2F Size: 598016 %PROGRAMFILES%\Congoo NetPass\congoo.dll %PROGRAMFILES%\Congoo NetPass\congoo.dl_

Detecting items list:

Files by Name %programfiles%\Congoo NetPass\congoo.dll %programfiles%\Congoo NetPass\autofill_plugin.dll %programfiles%\Congoo NetPass\msvcp60.dll %programfiles%\Congoo NetPass\msvcrt.dll %programfiles%\Congoo NetPass\whitelist_plugin.dll
Files by MD5 MD5: DA2412CD7B09C77434F2C009E5757230 Size: 623984 MD5: 13A6355395FE085F0ED34FC28456F8B3 Size: 589824
Files by Directories %programfiles%\Congoo NetPass
Files by CLSID or Name CLSID=645FCD0C-EADE-4B52-8CDB-EF33692A2E75 CLSID=6FAD227D-47FE-4923-AF04-36F3FCED2CBB
Registry Keys HKCR\Congoo.Congoo HKCR\Congoo.Congoo.1 HKCU\Software\Congoo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Congoo.CongooNetPass HKLM\SOFTWARE\Classes\Congoo.Congoo
Registry Values HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform ValueName=Congoo NetPass

« Go to Software Database

Pesquise na nossa Base de Dados de Software

A base de dados Software

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias antigas de malware »