GOUGOUCLOUD.EXE is Fake AntiVirus

September 20, 2011 by NightWatcher
Filed under: FakeAV 
: Solved!

You should Download Removal Tool here...

The file GOUGOUCLOUD.EXE is a part of Fake Antiviral software.
You must delete the file GOUGOUCLOUD.EXE immediately!
Delete the file GOUGOUCLOUD.EXE without delay!
Kill the process GOUGOUCLOUD.EXE and remove GOUGOUCLOUD.EXE from the Windows startup.

Malware Analysis of GOUGOUCLOUD.EXE
Full path on a computer: %ProgramFiles%\Common Files\mybvavigouyu\gougoucloud.exe

Detected by UnHackMe:

GOUGOUCLOUD.EXE
Default location: %ProgramFiles%\Common Files\mybvavigouyu\gougoucloud.exe

Removal Results: Success
Number of reboot: 1

GOUGOUCLOUD.EXE is known as:

Fake AntiVirus

GOUGOUCLOUD.EXE hash:

  • MD5: 39aecd443d87c3e6a578cba31189478b
  • SHA1: a852e644c316bf9c3d73efe59cfe45e41d5056db
How to quickly detect GOUGOUCLOUD.EXE presence? 

Folders:
  • %ProgramFiles%\gkpuadimr
  • %ProgramFiles%\Common
  • %ProgramFiles%\Common Files\mybvavigouyu
  • %System%\VBox
Files:
  • %ProgramFiles%\Common\ppscode.dat
  • %ProgramFiles%\Common Files\mybvavigouyu\autonews.exe
  • %ProgramFiles%\Common Files\mybvavigouyu\config-s.xml
  • %ProgramFiles%\Common Files\mybvavigouyu\config-pac.xml
  • %ProgramFiles%\Common Files\mybvavigouyu\gougoucloud.exe
  • %ProgramFiles%\Common Files\mybvavigouyu\sqlite3.dll
  • %ProgramFiles%\Common Files\mybvavigouyu\suject.db
  • %ProgramFiles%\Common Files\mybvavigouyu\vison.txt
  • %ProgramFiles%\Common Files\mybvavigouyu\wget.exe
  • %ProgramFiles%\Common Files\mybvavigouyu\ypac.txt
  • %ProgramFiles%\gkpuadimr\ydilquyei.pac


Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.

Tags: Fake AntiVirus, GOUGOUCLOUD.EXE

Comments

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.