allentech.net

Home > Browser Parasites > Parasite Database > GogoTools

About Us

Online Stores

TQ Support

Web Services

Database Help

Tech Links

Projects

Online Manual

Browser Parasites

Privacy Policy

Contact us

Send Page

Limited Time!
Totally FREE Web Design!
Click here!

Blue Host

Parasite: GogoTools

This record last updated Tue Sep 20 2005 00:34:15

PLEASE NOTE: Due to the overwhelming extent of this problem and the unbelievable volume of email we have received, we regret that we cannot respond to questions about browser parasites at this time. If you have attempted to contact us about this parasite please accept our apology for not responding. "Thank you's" are always appreciated ;-)

Description

GogoTools is an Internet Explorer Browser Helper Object (BHO) and bundle of related software from Specific Media Inc. (specificmedia.com, formerly advertisementbanners.com).

Variants

GogoTools/Launch: initial bundle, including the BHO, advert displayer and updater components.

GogoTools/SearchGogo: adds an IE search toolbar with built-in display for results fetched from at www.getfound.com.

GogoTools/FileShare: adds some buttons in Outlook Express used to transfer files over the filepc.com web service.

Distribution

Bundled with the Kazaamate/Kazaa-Pal software from ActualNames and silently installed by the FavoriteMan/ATPartners and ILookup/Waeb parasites.

What it does

Advertising

Yes. Opens advertising windows at the back of the desktop when browsing with Internet Explorer.

Privacy violation

Yes. Passes the full URL (including any query string data) of every page visited back to its controlling server www.gogotools.com, with a unique ID that can be used to track a user’s complete browsing habits.

Security issues

Yes. Can silently download and execute arbitrary unsigned code as directed by its controlling server www.gogotools.com. This is used as an update feature to install the newest variant of GogoTools is installed. The software’s terms of use (not that it is likely the user will even have seen them) also threatens that it may install other third-party software.

Stability problems

None known.

Removal

There should be an entry for ‘GogoTools version (some number)’ in the Add/Remove Programs tool in the Control Panel, which can remove the software.

Manual removal

Open a DOS command prompt window (from Start->Programs->Accessories) and enter the following commands:

cd "%WinDir%\System"
regsvr32 /u "\Program Files\GogoTools\Gogoware\HTMLEdit.dll"

For the SearchGogo variant, continue with the command:

regsvr32 /u "\Program Files\GogoTools\SearchGogo\SearchGogo.dll"

Next, open the registry (click ‘Start’, choose ‘Run’, enter ‘regedit’) and find the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. On the right, delete the entry ‘RUNGogoTools’ pointing to GogoLaunch.exe, and, for the FileShare variant, the entry ‘RUNFilePC’ pointing to gogoFileShare.exe.

Restart the computer and you should be able to delete the entire GogoTools folder in the Program Files folder.

You can also delete the file SEARCH~1.INI in the Windows folder (for the SearchGogo variant), and the registry keys HKEY_CURRENT_USER\Software\SpecificMEDIA and HKEY_CURRENT_USER\Software\SpecificMEDIA to clean up if you like, along with the following class keys not removed by the above commands:

HKEY_CLASSES_ROOT\Adware.IETrackerIF
HKEY_CLASSES_ROOT\Adware.IETrackerIF.1
HKEY_CLASSES_ROOT\CLSID\{3BEC9062-7625-4DE8-8ABE-B96AE461DC78}
HKEY_CLASSES_ROOT\Interface\{09964F9E-E1D4-47C3-9697-28258DBCBB77}
HKEY_CLASSES_ROOT\TypeLib\{8EF07273-3C9F-4BA6-A748-FAD0E7FAF1FD}

* Parasite information and detection script by Andrew Clover - www.doxdesk.com, used with permission.

For more information about Scumware, Spyware and Parasites, their sources and their cure, visit our About Parasites page and related Tech Links.

Visit our new services portal at Allen One for a completely new parasite database format, comming November 2005!

webmaster@allentech.net
Tech Bench
Web Analytics by My-OLAP!

Top