Hao123 by Baidu
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 561 |
| Threat Level: | 10 % (Normal) |
| Infected Computers: | 256,375 |
| First Seen: | April 9, 2013 |
| Last Seen: | March 13, 2024 |
| OS(es) Affected: | Windows |
Hao123 by Baidu is an advertisement and add-on that may load with the popular Baidu Chinese search engine service. Through Hao123 by Baidu computer users may be presented with unwanted advertisements or website redirects. In some cases the Hao123 by Baidu page may load as the default home page setting within popular web browsers. There are different variations of Hao123 by Baidu in English and other languages. Even though Hao123 by Baidu is not a computer virus it can be more of an unwanted plugin or add-on for your web browser causing your home page to load a site that you do not want to utilize. There are files associated with Hao123 by Baidu that may be loaded onto your computer through the download and install of bundled software. Removal of those files will then rid your system of Hao123 by Baidu, which can be done through using an antispyware tool.
Table of Contents
SpyHunter Detects & Remove Hao123 by Baidu
File System Details
Hao123 by Baidu may create the following file(s):
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | hao123inst-brazil.exe | 1fe05fae1c86c3380c8170b96926129e | 98 |
| 2. | hao123inst.exe | ffd46e8471313a30b9f5c6bedec6afb2 | 11 |
| 3. | hao123.1.0.0.1111.exe | 204f29a1611f18f0eab6b54048e5377b | 4 |
| 4. | hao123.1.0.0.1111.exe | 5c2b1869033a9a8989fbed54109b3839 | 4 |
| 5. | Hao123SysPop.exe | 5e428c42fd57f72aa5fc23d7c5eda775 | 4 |
| 6. | Hao123_demo021214.exe | b08764dc151ac29ea9dae02c86a6387a | 4 |
| 7. | hao123_setup.exe | 138c344aac2f13497af504d81517ccec | 2 |
| 8. | hao123.1.0.0.1108.exe | 6ef2095decd7e3d360c494b740578ee6 | 2 |
| 9. | hao123.1.0.0.1101.exe | 93366ca5b233420c9005d7a2614764db | 2 |
| 10. | hao123browserdownloader_tn-45045059_14.exe | 9eb7e3bc3c063395bef68b447bf4b9f2 | 2 |
| 11. | hao123.1.0.0.1108.exe | 17d28637b6af825f3b1e10387cef1825 | 2 |
| 12. | hao123Inst.exe | 9ba85a66f0900b143e8538db141e5a08 | 0 |
Registry Details
Hao123 by Baidu may create the following registry entry or registry entries:
CLSID
{66C90826-4384-4020-AA28-D3A4FA5FD31F}
{F552F265-6686-4422-84E5-C695E35D863A}
File name without path
ar.hao123[1].xml
br.hao123[1].xml
Cliponyu.lnk
Hao123.lnk
hao123[1].htm
http_ar.hao123.com_0.localstorage
http_ar.hao123.com_0.localstorage-journal
http_br.hao123.com_0.localstorage
http_br.hao123.com_0.localstorage-journal
http_id.hao123.com_0.localstorage
http_id.hao123.com_0.localstorage-journal
http_jp.hao123.com_0.localstorage
http_jp.hao123.com_0.localstorage-journal
http_tw.hao123.com_0.localstorage
http_tw.hao123.com_0.localstorage-journal
http_www.7654.com_0.localstorage
http_www.9973.com_0.localstorage
http_www.9973.com_0.localstorage-journal
http_www.hao123.com_0.localstorage
http_www.hao123.com_0.localstorage-journal
https_ar.hao123.com_0.localstorage
https_ar.hao123.com_0.localstorage-journal
https_www.hao123.com_0.localstorage
https_www.hao123.com_0.localstorage-journal
Internet Hao123.lnk
Internet Hao 123 .lnk
jp.hao123[1].xml
nphao123DPS.dll
nphao123DPS_x64.dll
npJuziPlugin.dll
npJuziPlugin_x64.dll
soft.123juzi[1].xml
soft.hao123[1].xml
th.hao123[1].xml
tw.hao123[1].xml
www.hao123.com.ico
www.hao123[1].xml
Regexp file mask
%ALLUSERSPROFILE%\Microsoft\Windows\Start Menu\hao123[RANDOM CHARACTERS].lnk
%ALLUSERSPROFILE%\Start Menu\hao123[RANDOM CHARACTERS].lnk
%APPDATA%\Microsoft\Windows\Start Menu\hao123[RANDOM CHARACTERS].lnk
%TEMP%\Hao123.ini
%Temp%\hao123Config.xml
%TEMP%\hao123inst[RANDOM CHARACTERS].exe
%temp%\Toylocalize.ini
%UserProfile%\Desktop\hao123[RANDOM CHARACTERS].lnk
%WINDIR%\System32\drivers\LcScience64.sys
SOFTWARE\Baidu\BaiduProtect\LockIEStartPage
SOFTWARE\Baidu\Hao123
Software\Baidu\Hao123-ae
Software\Baidu\Hao123-ar
SOFTWARE\Baidu\Hao123-armeitu
Software\Baidu\Hao123-br
SOFTWARE\Baidu\Hao123-brgames
Software\Baidu\Hao123-brmovie
Software\Baidu\Hao123-id
Software\Baidu\Hao123-international
Software\Baidu\Hao123-jp
Software\Baidu\Hao123-sa
Software\Baidu\Hao123-th
Software\Baidu\Hao123-tw
SOFTWARE\Baidu\Hao123-vn
SOFTWARE\Classes\hao123chprogid
Software\Classes\hao123DPS.Agent
Software\Classes\JuziAgent.Agent
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\ar.hao123.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\br.hao123.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hao123.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\ar.hao123.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\br.hao123.com
SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hao123.com
SOFTWARE\Clients\StartMenuInternet\hao123Juzi.exe
SOFTWARE\Clients\StartMenuInternet\hao123JuziBrowser.exe
SOFTWARE\Hao123
Software\hao123JuziBrowser
Software\hao123link
Software\HDwnld
SOFTWARE\JuziPlugin
Software\Microsoft\Internet Explorer\DOMStorage\123juzi.com
SOFTWARE\Microsoft\Internet Explorer\DOMStorage\7654.com
Software\Microsoft\Internet Explorer\DOMStorage\br.hao123.com
Software\Microsoft\Internet Explorer\DOMStorage\cn.hao123.com
Software\Microsoft\Internet Explorer\DOMStorage\hao123.com
Software\Microsoft\Internet Explorer\DOMStorage\jp.hao123.com
Software\Microsoft\Internet Explorer\DOMStorage\sa.hao123.com
Software\Microsoft\Internet Explorer\DOMStorage\soft.123juzi.com
Software\Microsoft\Internet Explorer\DOMStorage\th.hao123.com
Software\Microsoft\Internet Explorer\DOMStorage\v.hao123.com
Software\Microsoft\Internet Explorer\DOMStorage\www.hao123.com
SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66C90826-4384-4020-AA28-D3A4FA5FD31F}
Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F552F265-6686-4422-84E5-C695E35D863A}
SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ar.hao123.com
SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\br.hao123.com
SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\cn.hao123.com
SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hao123.com
SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\jp.hao123.com
SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sa.hao123.com
Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\th.hao123.com
SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\tw.hao123.com
SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.hao123.com
Software\Microsoft\Windows\CurrentVersion\App Paths\hao123JuziBrowser.exe
SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Jzbstall.exe
Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts\hao123chprogid_.HTM
Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts\hao123chprogid_.HTML
Software\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts\hao123chprogid_.MHTML
SOFTWARE\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts\hao123chprogid_http
SOFTWARE\Microsoft\Windows\CurrentVersion\ApplicationAssociationToasts\hao123chprogid_https
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\OpenWithProgids\hao123chprogid
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\OpenWithProgids\hao123chprogid
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mht\OpenWithProgids\hao123chprogid
Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mhtml\OpenWithProgids\hao123chprogid
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F552F265-6686-4422-84E5-C695E35D863A}
SOFTWARE\Microsoft\Windows\CurrentVersion\FileAssociations\ProgIds\hao123chprogid_.htm
SOFTWARE\Microsoft\Windows\CurrentVersion\FileAssociations\ProgIds\hao123chprogid_.html
SOFTWARE\Microsoft\Windows\CurrentVersion\FileAssociations\ProgIds\hao123chprogid_http
Software\Microsoft\Windows\CurrentVersion\RunOnce\hao123Setting
SOFTWARE\Microsoft\Windows\Windows Error Reporting\ExcludedApplications\hao123Juzi.exe
Software\MozillaPlugins\@123juzi.com/nphao123DPS
Software\MozillaPlugins\@123juzi.com/npJuziAgent
SOFTWARE\RegisteredApplications\hao123JuziBrowser
Software\tsKdx
SOFTWARE\Wow6432Node\Baidu\BaiduProtect\LockIEStartPage
SOFTWARE\WOW6432Node\Clients\StartMenuInternet\hao123Juzi.exe
SOFTWARE\Wow6432Node\Clients\StartMenuInternet\hao123JuziBrowser.exe
SOFTWARE\Wow6432Node\hao123JuziBrowser
SOFTWARE\Wow6432Node\Microsoft\Tracing\hao123_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\hao123_RASMANCS
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\App Paths\Jzbstall.exe
Software\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce\hao123Setting
SOFTWARE\Wow6432Node\RegisteredApplications\hao123JuziBrowser
SYSTEM\ControlSet001\Services\HSoftDoloEx
SYSTEM\ControlSet001\services\LcScience
SYSTEM\ControlSet001\services\WaNdFilter
SYSTEM\ControlSet002\Services\HSoftDoloEx
SYSTEM\ControlSet002\services\LcScience
SYSTEM\ControlSet002\services\WaNdFilter
SYSTEM\CurrentControlSet\Services\HSoftDoloEx
SYSTEM\CurrentControlSet\services\LcScience
SYSTEM\CurrentControlSet\services\WaNdFilter
hao123desk
hao123desk-ae
hao123desk-ar
hao123desk-br
hao123desk-brgames
hao123desk-id
hao123desk-international
hao123desk-jp
hao123desk-sa
hao123desk-th
hao123desk-vn
{C5E2255C-66FA-4187-8EB6-5176247C4723}
Directories
Hao123 by Baidu may create the following directory or directories:
| %ALLUSERSPROFILE%\Application Data\Hao123 |
| %ALLUSERSPROFILE%\Hao123 |
| %APPDATA%\HSoftDoloEx |
| %APPDATA%\Hao123 |
| %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#br.hao123.com |
| %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#s1.hao123img.com |
| %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#sa.hao123.com |
| %APPDATA%\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.hao123.com |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\Cliponyu-Indonesia |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\Hao123-Brazil |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\Hao123-Egypt |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\Hao123-Saudi |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\Hao123-Thailand |
| %APPDATA%\Microsoft\Windows\Start Menu\Programs\Hao123-br |
| %APPDATA%\baidu\Cliponyu |
| %APPDATA%\baidu\hao123 |
| %APPDATA%\baidu\hao123-br |
| %APPDATA%\baidu\hao123-brgames |
| %APPDATA%\baidu\hao123-sa |
| %AppData%\baidu\hao123-ar |
| %AppData%\baidu\hao123-jp |
| %AppData%\baidu\hao123-th |
| %LOCALAPPDATA%\Hao123 |
| %ProgramFiles%\baidu\Hao123Desk |
| %ProgramFiles(x86)%\baidu\Hao123Desk |
| %ProgramFiles(x86)%\tbkset |
| %TEMP%\hao123desksetup |
| %TEMP%\hao123deskskinres |
| %USERPROFILE%\AppData\LocalLow\JuziPlugin |
| %USERPROFILE%\AppData\LocalLow\Microsoft\Windows\Start Menu\Programs\Hao123-br |
| %USERPROFILE%\AppData\LocalLow\hao123DPS |
| %USERPROFILE%\Application Data\JuziPlugin |
| %UserProfile%\Local Settings\Application Data\Hao123 |
| %appdata%\hao123JuziBrowser |
URLs
Hao123 by Baidu may call the following URLs:
| hao.169x.cn/ |
| hao.qquu8.com/ |
| hao643.com/ |
| http://br.hao123.com/ |
| http://hao.7654.com/ |
| http://hao.qq.com/ |
| http://id.hao123.com/ |
| http://jp.hao123.com/ |
| http://th.hao123.com/ |
| http://tw.hao123.com/ |
| http://us.hao123.com/ |
| http://vn.hao123.com/ |
| https://1111.tmall.com/ |
| https://ar.hao123.com/hao123 |
| www.9973.com/ |
| zhidaota.cn/ |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.