Zango
|
Description:
|
Adware
|
|
Risk Level:
|
High
|
|
Date of First Occurence:
|
Wednesday, April 16, 2008
|
|
Software Developer:
|
180solutions, Inc.
|
|
Brief Info:
|
Zango is an adware program that monitors the contents of Internet browser windows. It opens the Web pages of partner sites when certain keywords are detected in Internet search or shopping browser windows.
|
|
Removal:
|
This threat can be removed using "Spyware
Terminator"
|
SCAN & REMOVE NOW »
Geographical Distribution of Threat "Zango"
Threat Info
View All
Detected Items
- Detected Files:
%PROGRAMFILES%\zango\bin\10.3.74.0\ZangoUninstaller.exe
MD5: 8565F2FA6DD62E6D55AFCFA650674BA2 Size:331848
%PROGRAMFILES%\zango\bin\10.3.74.0\ZangoSADF.exe
MD5: 9DF7278B71862C119558F4FA913F207C Size:386312
%PROGRAMFILES%\zango\bin\10.3.74.0\ZangoSAAX.dll
MD5: A4542D17265231158EA70234A57D5ECF Size:316680
%PROGRAMFILES%\zango\bin\10.3.74.0\HostOL.dll
MD5: E30C2575CCA1FA977FE93FBBCCE4B1A8 Size:849160
%PROGRAMFILES%\zango\bin\10.3.74.0\CoreSrv.dll
MD5: 4A27FF7C2E7D707B11102A3EEAEC007F Size:972040
%PROGRAMFILES%\zango\bin\10.3.74.0\zangosahook.dll
MD5: B93DFD257B038DA4578E76A42CCEBF01 Size:173320
%PROGRAMFILES%\Zango\bin\10.3.70.0\HostIE.dll
MD5: 239E9CA5664CAAF635F8F5A1FD97DCE6 Size:554248
%PROGRAMFILES%\Zango\bin\10.3.70.0\HostOE.dll
MD5: A705DCFCEDBBCC3DF04DA1306DDDD0B9 Size:140552
%PROGRAMFILES%\zango\bin\10.3.65.0\zangosahook.dll
MD5: 936AD719481927DA9D6F4E7939C38EC5 Size:173320
%PROGRAMFILES%\Zango\bin\10.3.65.0\OEAddOn.exe
MD5: 873FEB864C58A5DECC7E599C2C88D69B Size:91400
%PROGRAMFILES%\zango\bin\10.3.65.0\firefox\extensions\plugins\npclntax_ZangoSA.dll
MD5: 1B01830831D8E1463D76B2A6DDDCF129 Size:70408
%PROGRAMFILES%\zango\bin\10.3.65.0\ZangoSADF.exe
MD5: 3F4B470A3C322F68659CC5753D183A36 Size:386312
%TEMP%\1804c.exe
MD5: 8ACEBB5AC330AEFD9BAB1A40EFB347D3 Size:608368
%PROGRAMFILES%\zango\bin\10.3.75.0\firefox\extensions\plugins\npclntax_ZangoSA.dll
MD5: DE950F2868EE3FD88A55D4CA89FFFEBB Size:70408
%PROGRAMFILES%\zango\bin\10.3.75.0\ZangoSAAX.dll
MD5: 0B8073CA99C727B8E12ECB98214A5456 Size:316680
%PROGRAMFILES%\zango\bin\10.3.75.0\Wallpaper.dll
MD5: 359E31DBD4D7891F1F8C22B1982900F0 Size:341256
%PROGRAMFILES%\zango\bin\10.3.75.0\HostOL.dll
MD5: 8ADD5388449C7CA29B6B399CBC567E84 Size:849160
%PROGRAMFILES%\zango\bin\10.3.75.0\CntntCntr.dll
MD5: A871DABBEA25B6DDB4D62FD13D243F85 Size:623880
%TEMP%\180sainstallernusac.exe
MD5: D1C54ED9BCF4D21FD697EAF8124CEC55 Size:419976
%TEMP%\180sainstaller.exe
MD5: 08FE41005B2730636831B7ACFBC5C775 Size:370824
MD5: 1020D0797FF337D24D59B6EE58019262 Size:292640
%TEMP%\180CF.exe
MD5: 7736C39BED30D9AB7F9323CA932F25EB Size:190187
%TEMP%\180C9.exe
MD5: FA03C39EBB7563A5A19663EC3FEF4E14 Size:123991
%TEMP%\1803E.exe
MD5: 04C4E8A5B0105B2E90FBD281F3B04820 Size:185315
%TEMP%\18038.exe
MD5: 5C8F175389D896FA9436158E7C993C1A Size:123988
MD5: E0A6BF2E6BD2E89B0A12BE05EBE2CC13 Size:123985
%PROGRAMFILES%\Zango Programs\David vs Goliath\ZangoLib.dll
MD5: 897852D53540B23EE9CBDA62FB873451 Size:114688
%PROGRAMFILES%\Zango Programs\David vs Goliath\david.exe
MD5: AC7C57B6C7B591FE5BA4CA11BB389239 Size:712704
%PROGRAMFILES%\Zango\bin\10.3.37.0\WeSkin.dll
MD5: 615AD760E9298BF870EA6F79C69645FD Size:439560
%PROGRAMFILES%\Zango\bin\10.3.37.0\Weather.exe
MD5: 3A6B3A4B604BAFEF1D9202DBC557AB4F Size:501000
%PROGRAMFILES%\Zango\bin\10.3.37.0\ZangoSA.exe
MD5: 434B4DA29BF927942176D7FB8034521C Size:762632
%PROGRAMFILES%\Zango\bin\10.3.37.0\Toolbar.dll
MD5: AAC1D7A887EA071878734D3762401017 Size:1066248
%PROGRAMFILES%\zango\bin\10.3.37.0\zangosahook.dll
MD5: 783ABCAEE63111A5E64D261A6D8F5BBA Size:173320
%PROGRAMFILES%\Zango\bin\10.3.37.0\CoreSrv.dll
MD5: D8051D4085738C4D0510C58E824414B4 Size:972040
%PROGRAMFILES%\Zango\bin\10.3.37.0\HostIE.dll
MD5: DAA60AB4B5719B47237D0EE40DE8CF90 Size:554248
%PROGRAMFILES%\Zango\bin\10.3.37.0\OEAddOn.exe
MD5: 9D186D5F81A6F3CCCD3EC6F5808E7685 Size:91400
%PROGRAMFILES%\Zango\bin\10.0.370.0\Toolbar.dll
MD5: 986D99C06380E79C91E6BFE20531F1DE Size:1201416
%PROGRAMFILES%\Zango\bin\10.0.370.0\HostIE.dll
MD5: 43D23EEBF39970871BBFC724BC829B3A Size:652552
%PROGRAMFILES%\Zango\bin\10.0.370.0\ZangoSAAX.dll
MD5: ECF44C95DD5F71387C7B1B5287818E63 Size:2385160
%PROGRAMFILES%\zango\bin\10.0.370.0\zangosahook.dll
MD5: 7FE1AB58417062F6ADEB5547419A2BA4 Size:165128
%PROGRAMFILES%\Zango\bin\10.0.370.0\OEAddOn.exe
MD5: 5EEA1E0239713C59DFFBD3DD5288A7EE Size:91400
%PROGRAMFILES%\Zango\bin\10.0.370.0\HostOE.dll
MD5: 0CCDA7C30D5A0EED77A7046B6DF92E96 Size:140552
%TEMP%\180D.exe
MD5: A43CDAB622BFBF7269C58F0FEC2FBEE9 Size:123979
MD5: ACB33B25FD838F9A8B79C4A5E43CB7D6 Size:372206
%TEMP%\18013.exe
MD5: 2B04B887AFAF0F24F4EA15BECB411029 Size:182697
%WINDIR%\msbb.exe
MD5: 9F282E616AB3DBB38AE7BD0DC2FAA35A Size:270336
MD5: A89DDB6F2C69A9940C9E60EA88FE449A Size:309760
MD5: C6BB459E5A8DE8708758AAA5FA862E7E Size:196608
MD5: 40022AF3857C6EFDEFC0B4117E6EF9E7 Size:200704
%TEMP%\180SAInstaller.exe
MD5: C943A6FF6EDD622B2ADB4088A5ABED38 Size:579720
%PROGRAMFILES%\zango\bin\10.3.70.0\firefox\extensions\plugins\npclntax_ZangoSA.dll
MD5: C50AF5885B14546EDD1588F6A11E5004 Size:70408
%PROGRAMFILES%\zango\bin\10.3.70.0\ZangoUninstaller.exe
MD5: 0E823566C37F1E99F8BD41E15418E36C Size:331408
%PROGRAMFILES%\zango\bin\10.3.70.0\ZangoSADF.exe
MD5: 9BE109AEB270304619B9E2D25E9EA477 Size:386312
%PROGRAMFILES%\zango\bin\10.3.70.0\ZangoSAAX.dll
MD5: 77EEB94C1301C9079FC36B5439A99FC2 Size:316680
%PROGRAMFILES%\zango\bin\10.3.70.0\Wallpaper.dll
MD5: 860D2A42C6B752C6EDC6B1CEE9A8B7D8 Size:341256
%PROGRAMFILES%\zango\bin\10.3.70.0\Toolbar.dll
MD5: 85F34A8E5E53613F9F22D717ECC13586 Size:1066248
%PROGRAMFILES%\zango\bin\10.3.70.0\Srv.exe
MD5: B7674094528571A9A5FC2BE3A48F78BD Size:468232
%PROGRAMFILES%\zango\bin\10.3.70.0\HostOL.dll
MD5: 4620958FC439374C73EC525A5C9F98B5 Size:849160
%PROGRAMFILES%\zango\bin\10.3.70.0\CoreSrv.dll
MD5: 3B01EB3BA02788E491AF1A941D80D7BF Size:972040
%PROGRAMFILES%\zango\bin\10.3.70.0\CntntCntr.dll
MD5: 4659BA9A5D82AC3A17FDAF035BBD54BD Size:623880
%TEMP%\1805451200.exe
MD5: C83E893B0FC8B443A5C58860B33F137F Size:22529
%PROGRAMFILES%\Zango\bin\10.1.181.0\HostIE.dll
MD5: ADFF42E1B7D58E97A77A2D55D0301EBD Size:546056
%PROGRAMFILES%\Zango\bin\10.1.181.0\WeSkin.dll
MD5: 6B889976CBF17671DC07F8D493902DF3 Size:439560
%PROGRAMFILES%\Zango\bin\10.1.181.0\Weather.exe
MD5: 1B52C557B699A1F24998AD673FDD6A25 Size:496904
%PROGRAMFILES%\zango\bin\10.1.181.0\zangosahook.dll
MD5: B1A66001AD419504D0A9AF8C8280C0BC Size:165128
%PROGRAMFILES%\Zango\bin\10.1.181.0\ZangoSA.exe
MD5: C38557FB8F6595850E523C687BB7786E Size:724232
%PROGRAMFILES%\Zango\bin\10.1.181.0\OEAddOn.exe
MD5: E925A6A6A95021CE01C7C7B8B286B84E Size:91400
%PROGRAMFILES%\Zango\bin\10.1.181.0\HostOE.dll
MD5: FCB39300EA28759EF77ACE71232AD565 Size:140552
%PROGRAMFILES%\Zango\bin\10.3.35.0\Srv.exe
MD5: A2D474834CED675BC6E973D18C15C436 Size:468232
%PROGRAMFILES%\Zango\bin\10.3.35.0\Toolbar.dll
MD5: 6BF307B3804B5DE6F65435446C73E3E2 Size:1066248
%PROGRAMFILES%\Zango\bin\10.3.35.0\CoreSrv.dll
MD5: 06529F080C2E17A1DE45980FDEEFBDB4 Size:972040
%PROGRAMFILES%\Zango\bin\10.3.35.0\HostIE.dll
MD5: 86676A4542E1A1DAFF80D10D9A4B9C0E Size:554248
%PROGRAMFILES%\Zango\bin\10.3.35.0\WeSkin.dll
MD5: 9D72F6C92311F51DB8E76943499211F1 Size:439560
%PROGRAMFILES%\Zango\bin\10.3.35.0\Weather.exe
MD5: 3EAEBD6C7DDBC87B7FBF752F522C39F8 Size:501000
%PROGRAMFILES%\zango\bin\10.3.35.0\zangosahook.dll
MD5: 9BA4F27BF54D380F5944892337FF1858 Size:173320
%PROGRAMFILES%\Zango\bin\10.3.35.0\ZangoSA.exe
MD5: D7A91A2865B777FB3A360BB79445E4D1 Size:762632
%PROGRAMFILES%\Zango\bin\10.3.35.0\OEAddOn.exe
MD5: A605579F90EE602460184E9FDA4B4927 Size:91400
%PROGRAMFILES%\Zango\bin\10.3.35.0\HostOE.dll
MD5: 00887C66961FDCDDCBC0CF0E0FE397DF Size:140552
%TEMP%\180211.exe
MD5: 5029FF5E46D0F86166C4C10B469AD9BA Size:372212
%PROGRAMFILES%\Zango\bin\10.3.65.0\Srv.exe
MD5: 5AD0B31412FAA8E0BACC3360F9539CA2 Size:468232
%PROGRAMFILES%\Zango\bin\10.3.65.0\Toolbar.dll
MD5: 234328A70A840B3199D4A3A47833BCCF Size:1066248
%PROGRAMFILES%\easy messenger\180SAInstaller.exe
MD5: ED117B899AF2CF294C79C002D5E9624F Size:431904
%PROGRAMFILES%\Easy Messenger\uninstall.exe
MD5: 783657F43CEC7F19C32CBDCF0D659D66 Size:3584
%PROGRAMFILES%\Easy Messenger\em2.exe
MD5: 7C4812027D2F4C69982BAFB8CC4FD672 Size:581632
%PROGRAMFILES%\zango\bin\10.3.37.0\firefox\extensions\plugins\npclntax_ZangoSA.dll
MD5: FDD101F0919D551813E9E5D469B4DF45 Size:70408
%PROGRAMFILES%\zango\bin\10.3.37.0\ZangoUninstaller.exe
MD5: EBCF33129363D8A72095F5192FBBD60C Size:331344
%PROGRAMFILES%\zango\bin\10.3.37.0\ZangoSADF.exe
MD5: 89ECD403A036E3BF47B355FF018EA83A Size:386312
%PROGRAMFILES%\zango\bin\10.3.37.0\ZangoSAAX.dll
MD5: 6E312F8244F7F25AA3AAD6B7FE0AAE14 Size:316680
%PROGRAMFILES%\zango\bin\10.3.37.0\Wallpaper.dll
MD5: D1677BD5E3C6D70D1E5F01449D5630B4 Size:341256
%PROGRAMFILES%\zango\bin\10.3.37.0\Srv.exe
MD5: 77FF35FAB1248D0205B2B9A21663A813 Size:468232
%PROGRAMFILES%\zango\bin\10.3.37.0\InstIE.dll
MD5: 4A4E64B9B0145F8045077623C643B34E Size:312584
%PROGRAMFILES%\zango\bin\10.3.37.0\HostOL.dll
MD5: 35F8E89B7724B3C7085744791695A5AE Size:849160
%PROGRAMFILES%\zango\bin\10.3.37.0\CntntCntr.dll
MD5: 89A0E3C2F45FD2EE51D88BF46636EB44 Size:623880
%TEMP%\180ToZangoNOVPFinish.exe
MD5: F465890883A03AEB2FB801EB8FF2FEFB Size:768112
%TEMP%\180f2.exe
MD5: D9886F418BD634990F4A463F4E2CC0DE Size:70144
%TEMP%\18047.exe
MD5: EFBF775772454983025A0E10D048A556 Size:65536
%PROGRAMFILES%\Zango\bin\10.0.314.0\Srv.exe
MD5: 4505B754E308F9C6CC94F9A958217D40 Size:562440
%PROGRAMFILES%\Zango\bin\10.0.314.0\Toolbar.dll
MD5: 33F90F297F5AFD4A91B790B7ABCB451D Size:1205512
%PROGRAMFILES%\Zango\bin\10.0.314.0\CoreSrv.dll
MD5: F20ABC7E0A04FA89D38BAA7117D24717 Size:1045768
%PROGRAMFILES%\Zango\bin\10.0.314.0\HostIE.dll
MD5: 4E15F6D90B01E0E25C63D75A1871F020 Size:652552
%PROGRAMFILES%\Zango\bin\10.0.314.0\ZangoSAAX.dll
MD5: 64A7A01D8B8DF1D1219C91761F4875CA Size:2385160
%PROGRAMFILES%\zango\bin\10.0.314.0\zangosahook.dll
MD5: 9C8FDF970F4E77FE8E2D593BB545CB8F Size:165128
%PROGRAMFILES%\Zango\bin\10.0.314.0\ZangoSA.exe
MD5: 7E8C08BC29C92BE19D3C0DE82179FDCC Size:767752
%PROGRAMFILES%\Zango\bin\10.0.314.0\HostOE.dll
MD5: 0084C22F394005CDC18933111460265E Size:140552
%PROGRAMFILES%\ZANGO\BIN\10.0.275.0\ZANGOSA.EXE
MD5: 0C75055BF0553DC1C22982106EB0997F Size:768264
%PROGRAMFILES%\Zango\bin\10.0.275.0\HostOE.dll
MD5: 30983E86C9AA70CBD9BB18AB13C9C424 Size:140552
%TEMP%\180515.exe
MD5: EE122170E460E6667A4EB1099D639205 Size:508416
%TEMP%\180c4.exe
MD5: 96511DB6A3C8596158AEA1F7C68E60DD Size:65536
%TEMP%\18056.exe
MD5: E8CE3EBC6B5B42B9A58796720BB72CA0 Size:65024
%TEMP%\18027.exe
MD5: 52D082B2899A653331829FE89870B22C Size:65536
%PROGRAMFILES%\zango\bin\10.0.370.0\firefox\extensions\plugins\npclntax_ZangoSA.dll
MD5: 367922A0C92EA1D757580DDDE76E03E5 Size:69896
%PROGRAMFILES%\zango\bin\10.0.370.0\ZangoUnInstaller.exe
MD5: F93ECE59D8D4C701B95ECCECB5966063 Size:315656
%PROGRAMFILES%\zango\bin\10.0.370.0\ZangoSADF.exe
MD5: C25D242A7B701D7DB721686647ADB132 Size:152840
%PROGRAMFILES%\zango\bin\10.0.370.0\Wallpaper.dll
MD5: 735F84209375C984782C4FDC74A2B274 Size:353544
%PROGRAMFILES%\zango\bin\10.0.370.0\Srv.exe
MD5: 72FC27A05BC946BD79715996DD092AF5 Size:562440
%PROGRAMFILES%\zango\bin\10.0.370.0\InstIE.dll
MD5: 8B3EE0EAF52287CC4184628846F9DBC4 Size:312584
%PROGRAMFILES%\zango\bin\10.0.370.0\HostOL.dll
MD5: BC28826EFCCD871C772DE9315CA4B6CE Size:910600
%PROGRAMFILES%\Zango\bin\10.0.370.0\ZangoSA.exe
MD5: 50A9CBC3FC567980664D712E91814721 Size:771336
%TEMP%\1805021271.exe
MD5: 16E87620950F2B8EEBF87073B178D9BC Size:232960
%TEMP%\1801755555.exe
MD5: 2914CAA2A8073861E8E273C91205B059 Size:233984
%PROGRAMFILES%\Zango\bin\10.0.370.0\CoreSrv.dll
MD5: B341FAEC3F4ABEC350C60CCC4AE12B9B Size:1045768
%PROGRAMFILES%\zango\zango.exe
MD5: AEC123150ACB724D93ECBBA3364218C5 Size:31488
MD5: 77B7A24BF64A9473316BBEDB7F697B98 Size:16128
MD5: 6206671FC13492F38FC3FEECCF540A7C Size:867840
MD5: 3FC783E8C587891E6977F4E36A1F511A Size:621056
%TEMP%\1802336\ymsgr8us.exe
MD5: AAF4FAF61A2835F4B86710E496781FA1 Size:77805
%TEMP%\1804.tmp\remove.exe
MD5: D15B13AB7F23732A90CABCBD45AEDCB0 Size:53248
%TEMP%\zango\jadeshadow\InstallerShell.exe
MD5: 163A4AA0AF5C5645C7F682126D5F374E Size:210944
MD5: A46F15A1BB40091642FD3514D84CAA60 Size:210944
%PROGRAMFILES%\Zango Programs\Bird Hunter\Bird Hunter.exe
MD5: 61F7DBC253DEEC60C37F52F50467E0CC Size:2314976
%PROGRAMFILES%\Zango\bin\10.3.36.0\WeSkin.dll
MD5: 072504C1D04DEAF53EB3C09DBA0EC8BD Size:439560
%PROGRAMFILES%\Zango\bin\10.3.36.0\Weather.exe
MD5: 9B33C2276A2A800A4498AD28D5F0C701 Size:501000
%PROGRAMFILES%\zango\bin\10.3.36.0\zangosahook.dll
MD5: 54212AAE90B5690E6E2D1E71982676F7 Size:173320
%PROGRAMFILES%\Zango\bin\10.3.36.0\ZangoSA.exe
MD5: 95224846CEFFE861D104E6AFCAE63A6D Size:762632
%PROGRAMFILES%\Zango\bin\10.3.36.0\OEAddOn.exe
MD5: 6E7E87DE9888923FC36957C9211E5838 Size:91400
%PROGRAMFILES%\Zango\bin\10.3.36.0\HostOE.dll
MD5: 9D39AC3E0DBAB500B5F2AD642AC846C6 Size:140552
%PROGRAMFILES%\Zango Programs\Zango Grab & Burn\WnASPI32.dll
MD5: E8331F57A530BC8081D948D696B23F07 Size:8704
%PROGRAMFILES%\Zango Programs\Zango Grab & Burn\qt-mt321.dll
MD5: C784A39507291091034615AF1C73EB42 Size:3334144
%PROGRAMFILES%\Zango Programs\Zango Grab & Burn\msvcr71.dll
MD5: 86F1895AE8C5E8B17D99ECE768A70732 Size:348160
%PROGRAMFILES%\Zango Programs\Zango Grab & Burn\msvcp71.dll
MD5: 561FA2ABB31DFA8FAB762145F81667C2 Size:499712
%PROGRAMFILES%\Zango Programs\Zango Grab & Burn\GrabBurn.exe
MD5: 42992410B994E28F2FBB191A623D2B83 Size:3207168
%TEMP%\180sainstallersilsais1.exe
MD5: AD9F4CFAB6E1E3818F1ADF71947D142C Size:419976
%PROGRAMFILES%\Zango Programs\Zango Toolbar\ZangoTBUninstaller.exe
MD5: CC710217D0C5EC4440A12ACB45CD45A3 Size:29768
%TEMP%\180375.exe
MD5: B5AB56E3478DA301B7271469C6961033 Size:499200
%TEMP%\zango\messenger\installershell.exe
MD5: D6FB69D4EB20AEAAD443AFB1D6A2DC9C Size:190464
%PROGRAMFILES%\zango\bin\10.3.36.0\firefox\extensions\plugins\npclntax_ZangoSA.dll
MD5: 06CEBDC06E937C90C2116E12F538CF45 Size:70408
%PROGRAMFILES%\zango\bin\10.3.36.0\ZangoUninstaller.exe
MD5: 79D239EF63E61B5866C78A6731079F84 Size:331408
%PROGRAMFILES%\zango\bin\10.3.36.0\ZangoSADF.exe
MD5: 2EE8F42805D8A535E727D90486140264 Size:386312
%PROGRAMFILES%\zango\bin\10.3.36.0\ZangoSAAX.dll
MD5: 0B46A922F607603FA0085E337110EA99 Size:316680
%PROGRAMFILES%\zango\bin\10.3.36.0\Wallpaper.dll
MD5: 8E6EC9151E096E1D1AA11B6658346425 Size:341256
%PROGRAMFILES%\zango\bin\10.3.36.0\Toolbar.dll
MD5: 1D1833BEC2DD2C81D9E0A0F45467F844 Size:1066248
%PROGRAMFILES%\zango\bin\10.3.36.0\Srv.exe
MD5: 38484E71C782D2E01AF1E571E928B5E9 Size:468232
%PROGRAMFILES%\zango\bin\10.3.36.0\InstIE.dll
MD5: 42C37751632E3BB8E4932322E57CA6CD Size:312584
%PROGRAMFILES%\zango\bin\10.3.36.0\HostOL.dll
MD5: 6A188C13374618A3AC35038EA238491B Size:849160
%PROGRAMFILES%\zango\bin\10.3.36.0\HostIE.dll
MD5: 02FCA1EEB432D8177D223021EE440EDD Size:554248
%PROGRAMFILES%\zango\bin\10.3.36.0\CoreSrv.dll
MD5: 4A0D95211322A48406404AF8D301BD3E Size:972040
%PROGRAMFILES%\zango\bin\10.3.36.0\CntntCntr.dll
MD5: EEA31F91B6B370E5A7BEE2545AF57601 Size:623880
%PROGRAMFILES%\zango\bin\10.3.65.0\ZangoSAAX.dll
MD5: D9C6279D4FA5C0FF5F9F5A5F2358AA71 Size:316680
%PROGRAMFILES%\Zango Programs\Zango Messenger\em2.exe
MD5: 9A2513EC7C51D859BF372D0391FDE43C Size:582144
%TEMP%\18075.exe
MD5: 9ECFA00E1970E83B16E0E5652EE60FA8 Size:65024
%PROGRAMFILES%\Zango Programs\Zango Muncher\zangomuncher.exe
MD5: B93F7039D48E86D57D69DDED84C2C712 Size:602112
%PROGRAMFILES%\zango\bin\10.3.65.0\Wallpaper.dll
MD5: 189A592A398B4844DA9EC040E53BC87B Size:341256
%PROGRAMFILES%\zango\bin\10.3.65.0\HostOL.dll
MD5: 440F31282F01614BE480EBBC90F4F66F Size:849160
%TEMP%\18023.exe
MD5: AAA70E88EB50C68170C83869CF72B89D Size:173116
%TEMP%\18010.exe
MD5: 0C67F96300D7166E0C3020CB6F3BF0AE Size:123987
%PROGRAMFILES%\Zango Programs\Secret Spy\Secret Spy.exe
MD5: 9DF373ABC1CF823D507E86846B447BDB Size:30004124
%TEMP%\1808.exe
MD5: 5CF87652375BB8DF0A6B1F4B8DA2B075 Size:573440
%TEMP%\180SACIDInstaller.exe
MD5: 3253BA85FD1BC40345E864DE991AE577 Size:653448
%PROGRAMFILES%\Zango Programs\Squarez\Squarez.exe
MD5: 7761AF67E8BFA9F6D45E1C0FD7EB897D Size:1807422
%PROGRAMFILES%\Zango Programs\Secret Chamber\chamber.exe
MD5: 0C7DBCBE1BB78156413FB7161646CC2C Size:598016
%PROGRAMFILES%\Zango Programs\Zango Weather\WeSkin.dll
MD5: 6254E65DF034421A37BEA954213598B9 Size:274432
%PROGRAMFILES%\Zango Programs\Common\Libraries\CryptoAPI.dll
MD5: 51CD53D0B7692BD9B901260815491520 Size:118784
%PROGRAMFILES%\Zango Programs\Zango Weather\ZangoWeather.exe
MD5: FF83621C52249272030ED3CE5829560B Size:270336
%TEMP%\180F5.exe
MD5: 12B01D151F6BF7625A5270BAE48B8C53 Size:184781
%TEMP%\180.tmp\b2e.exe
MD5: 147F81EB9E6606F0FB0C93E2462D2E70 Size:347442
- Detected Files with variable Filenames:
MD5: 19C7F2E8FBA14DDB06713BF86B89D88B Size: 70408
%PROGRAMFILES%\zango\bin\10.3.74.0\firefox\extensions\plugins\npclntax_ZangoSA.dll
%PROGRAMFILES%\zango\bin\10.3.74.0\firefox\extensions\plugins\npclntax_zangosa.dll.ren
MD5: B0BAD623D5F208CED6837E71E8171CE2 Size: 341256
%PROGRAMFILES%\zango\bin\10.3.74.0\Wallpaper.dll
%PROGRAMFILES%\zango\bin\10.3.74.0\wallpaper.dll.ren
MD5: 891ECFD2F40EB4A933B867A8D93A9D0E Size: 439560
%PROGRAMFILES%\Zango\bin\10.3.74.0\WeSkin.dll
%PROGRAMFILES%\zango\bin\10.3.74.0\WeSkin.dll.ren
MD5: 5B43B3D7D6135A1DE0FD525C93CC2B94 Size: 140552
%PROGRAMFILES%\Zango\bin\10.3.74.0\HostOE.dll
%PROGRAMFILES%\zango\bin\10.3.74.0\HostOE.dll.ren
MD5: D03E4219DF8B167472A24CD04C564F2D Size: 191030
%TEMP%\1803E.exe
%TEMP%\180B6.exe
%TEMP%\1804F.exe
MD5: CDDDFD2C256393C44AC8C83AB1EA3842 Size: 123988
%TEMP%\18038.exe
%TEMP%\180B0.exe
%TEMP%\18049.exe
MD5: 6BACD0CCBE9CB8FDFFCBE9974A6C8D0C Size: 91400
%PROGRAMFILES%\Zango\bin\10.3.75.0\OEAddOn.exe
%PROGRAMFILES%\zango\bin\10.3.75.0\oeaddon.exe.ren
MD5: F34491F8A1F0F6DA0EA108ABA6204F78 Size: 439560
%PROGRAMFILES%\Zango\bin\10.3.75.0\WeSkin.dll
%PROGRAMFILES%\zango\bin\10.3.75.0\WeSkin.dll.ren
MD5: 3BD3E739669CCB4596ABF22BD01CABFA Size: 501000
%PROGRAMFILES%\Zango\bin\10.3.75.0\Weather.exe
%PROGRAMFILES%\zango\bin\10.3.75.0\weather.exe.ren
MD5: CD0ADEE83D2266C301783D9958624E64 Size: 173320
%PROGRAMFILES%\zango\bin\10.3.75.0\zangosahook.dll
%PROGRAMFILES%\zango\bin\10.3.75.0\zangosahook.dll.ren
MD5: 2E46DC44EA900AAF564E72206A90613A Size: 439560
%PROGRAMFILES%\Zango\bin\10.3.70.0\WeSkin.dll
%PROGRAMFILES%\zango\bin\10.3.70.0\WeSkin.dll.ren
MD5: 09D77D6D764F188DCAC52AB5568EFCB7 Size: 501000
%PROGRAMFILES%\Zango\bin\10.3.70.0\Weather.exe
%PROGRAMFILES%\zango\bin\10.3.70.0\weather.exe.ren
MD5: C5491BD6703F8FA9EA9B242DF5F7D79F Size: 173320
%PROGRAMFILES%\zango\bin\10.3.70.0\zangosahook.dll
%PROGRAMFILES%\zango\bin\10.3.70.0\zangosahook.dll.ren
MD5: 54E4A7A74081FCF10264B6FB4EF5B8BC Size: 762632
%PROGRAMFILES%\Zango\bin\10.3.70.0\ZangoSA.exe
%PROGRAMFILES%\zango\bin\10.3.70.0\zangosa.exe.ren
MD5: 8DBAB94946C51E0C871AC6478616F29E Size: 91400
%PROGRAMFILES%\Zango\bin\10.3.70.0\OEAddOn.exe
%PROGRAMFILES%\zango\bin\10.3.70.0\oeaddon.exe.ren
MD5: D05F689698778F566B87A695479DCB7C Size: 554248
%PROGRAMFILES%\Zango\bin\10.3.65.0\HostIE.dll
%PROGRAMFILES%\zango\bin\10.3.65.0\HostIE.dll.vir
MD5: 2B6EEE270117EB33501ADD3796D67B01 Size: 439560
%PROGRAMFILES%\Zango\bin\10.3.65.0\WeSkin.dll
%PROGRAMFILES%\zango\bin\10.3.65.0\WeSkin.dll.ren
MD5: 11A5C92AA2300995BBAC13FCCFA78F05 Size: 501000
%PROGRAMFILES%\Zango\bin\10.3.65.0\Weather.exe
%PROGRAMFILES%\zango\bin\10.3.65.0\weather.exe.ren
%PROGRAMFILES%\zango\bin\10.3.65.0\Weather.exe.vir
MD5: 3CAD8D70B7CDD530996C7B9E3FB651C7 Size: 762632
%PROGRAMFILES%\Zango\bin\10.3.65.0\ZangoSA.exe
%PROGRAMFILES%\zango\bin\10.3.65.0\ZangoSA.exe.vir
MD5: 133DECBF1A0C397BC3DA553AF5272E38 Size: 1066248
%PROGRAMFILES%\zango\bin\10.3.75.0\Toolbar.dll
%PROGRAMFILES%\zango\bin\10.3.75.0\Toolbar.dll.ren
MD5: 1DC55E857B992BA03AC9C4365B1D96DD Size: 972040
%PROGRAMFILES%\zango\bin\10.3.75.0\CoreSrv.dll
%PROGRAMFILES%\zango\bin\10.3.75.0\CoreSrv.dll.ren
MD5: 9250D30872A439185D09DE164AADC476 Size: 87624
%PROGRAMFILES%\Zango Programs\Zango Toolbar\ZangoTB.dll
%PROGRAMFILES%\Zango Programs\Zango Toolbar\zangotb.dll.ren
MD5: B63C17D881905347294E624AD8B8E65C Size: 771336
%PROGRAMFILES%\Zango\bin\10.0.370.0\ZangoSA.exe
%PROGRAMFILES%\ZANGO\BIN\10.0.314.0\ZANGOSA.EXE
MD5: CBF0768F023F76596DFD1262F7CCF21B Size: 184772
%TEMP%\1803F.exe
%TEMP%\18035.exe
%TEMP%\18024.exe
MD5: E0A6BF2E6BD2E89B0A12BE05EBE2CC13 Size: 123985
%TEMP%\18038.exe
%TEMP%\1802F.exe
%TEMP%\1801E.exe
%TEMP%\180EF.exe
MD5: 918D6F2A3BA0F512DE433780413A34E6 Size: 49152
%TEMP%\1809961914-551620479.exe
%TEMP%\1809925523796214926.exe
%TEMP%\1809795208-341039385.exe
%TEMP%\1809262488-488945865.exe
%TEMP%\180918913-1712322668.exe
%TEMP%\1809111400361767239.exe
%TEMP%\1809018674-2046720167.exe
%TEMP%\1808951052713591995.exe
%TEMP%\1808870186-1130141519.exe
%TEMP%\1808739520-601250433.exe
%TEMP%\180870717-1373863680.exe
and next 69 variations.
MD5: ACB33B25FD838F9A8B79C4A5E43CB7D6 Size: 372206
%TEMP%\180D.exe
%TEMP%\1801B.exe
%TEMP%\18012.exe
%TEMP%\1806C5.exe
%TEMP%\1806BF.exe
%TEMP%\1806B9.exe
MD5: 07F70F2FBBA4C71B8EFD50ECBCE8EE0A Size: 123988
%TEMP%\18020B.exe
%TEMP%\1806B3.exe
%TEMP%\1806AF.exe
%TEMP%\1806AB.exe
%TEMP%\1806A7.exe
%TEMP%\1806A3.exe
%TEMP%\18069F.exe
%TEMP%\18069B.exe
%TEMP%\180697.exe
MD5: 173311AE55DAE1C8A8FC2CC2D634C8C9 Size: 3072
%PROGRAMFILES%\Easy Messenger\idle.dll
%PROGRAMFILES%\Zango Programs\Zango Messenger\idle.dll
MD5: 076FBD08E630963631E0E63852A0D5F1 Size: 172571
%TEMP%\1802C.exe
%TEMP%\18014A1.exe
MD5: AC86A6C3B05DC4C7D448E914A54B6F15 Size: 123993
%TEMP%\18026.exe
%TEMP%\180145A.exe
%PROGRAMFILES%\zango applications\zango messenger\messengersetup.exe
MD5: ACF8FDF640094D931F9183271CC1E818 Size: 233472
%TEMP%\1809750021.exe
%TEMP%\1809697877.exe
%TEMP%\180968359.exe
%TEMP%\1809584551.exe
%TEMP%\1809482469.exe
%TEMP%\1809401557.exe
%TEMP%\1808934989.exe
%TEMP%\1808606205.exe
%TEMP%\1808532059.exe
%TEMP%\1808457925.exe
%TEMP%\1808451517.exe
and next 25 variations.
MD5: E153BCFB2E3E35A94EC845279D6C22F6 Size: 232960
%TEMP%\1809683053.exe
%TEMP%\1808058071.exe
%TEMP%\1805039527.exe
%TEMP%\1800644685.exe
MD5: F5E669B5ADE171472D029B6C78DC37DC Size: 232960
%TEMP%\1808257575.exe
%TEMP%\1804419255.exe
%TEMP%\1802427893.exe
MD5: 85BFBE59E8E4AD588F298BA69E6CFAE8 Size: 46088
%TEMP%\1802336\ymdc.exe
%TEMP%\1800016\ymdc.exe
MD5: 197E0A5F8F2423CAA14026B4E9A9740E Size: 53248
%TEMP%\zango\jadeshadow\Bidulator.exe
%TEMP%\Zango\messenger\Bidulator.exe
MD5: ACAE332B47ACED1137B3F9CE986779DD Size: 169913
%TEMP%\1809F.exe
%PROGRAMFILES%\zango applications\zango messenger\messengerinstall.exe
MD5: 808FF5B615DCBD7D086DF5ABD6529608 Size: 20752
%TEMP%\18000001d000b7ae760032\NETSH.exe
%TEMP%\18000001c000b7ae760032\NETSH.exe
MD5: 7FF6274E7B2A010BFE5BE9E9D5B06BA2 Size: 123979
%PROGRAMFILES%\zango applications\Zango Astrology\AstrologySetup.exe
%TEMP%\180D.exe
%TEMP%\18015.exe
MD5: 7A32D59A568A1CF2E37F2DB8A9A67064 Size: 278528
%TEMP%\1802615547.exe
%TEMP%\1801759291.exe
Detecting items list:
- Files by Name
%TEMP%\Zango\messenger\Bidulator.exe
%programfiles%\zango\zanuhook.dll
%TEMP%\180*.exe
%windir%\JIBOL.EXE
%programfiles%\zango\zangohook.dll
%programfiles%\zango applications\zango messenger\em2.exe
%programfiles%\zango applications\zango messenger\idle.dll
%programfiles%\zango applications\zango messenger\messengerinstall.exe
%programfiles%\zango applications\zango messenger\messengerinstaller.exe
%programfiles%\zango applications\zango messenger\messengersetup.exe
%programfiles%\zango applications\zango messenger\uninstall.exe
%programfiles%\zango applications\zango messenger\unwise.exe
%programfiles%\zango applications\zango messenger\zangoinstaller.exe
%START_PROGRAMS%\zango\zango.com.url
%START_PROGRAMS%\zango applications\zango messenger\zango messenger.lnk
%TEMP%\zango\messenger\installershell.exe
%programfiles%\zango\zanu.exe
%programfiles%\zangoclient\zanu.exe
%windir%\msbb.exe
%programfiles%\easy messenger\em2.exe
%programfiles%\zango messenger\unwise.exe
%programfiles%\Zango Programs\Zango Toolbar\ZangoTB.dll
%programfiles%\zango\zango.exe
%programfiles%\Zango SiteFinder\ZangoSiteFinder.exe
%WINDIR%\azad.exe
- Files by MD5
MD5: D80BB08696A289DA5B1AEEF05EB0F8A4 Size: 137728
MD5: 5DC1C4F2298F75DBB587F8C74408E4CD Size: 752128
MD5: E7F3996C61104B7737B19F4528608EF4 Size: 39424
- Files by Directories
%programfiles%\zango
%programfiles%\zangoclient
%START_PROGRAMS%\zango
%START_PROGRAMS%\zango applications\zango messenger
%TEMP%\zango
%TEMP%\zango\messenger
%programfiles%\zango applications
%programfiles%\zango messenger
%programfiles%\easy messenger
%programfiles%\Zango Programs\Zango Toolbar
%programfiles%\Zango Programs
- Files by CLSID or Name
CLSID=56F1D444-11BF-4879-A12B-79CF0177F038
CLSID=99410CDE-6F16-42ce-9D49-3807F78F0287
CLSID=21B4ACC4-8874-4AEC-AEAC-F567A249B4D4
CLSID=00000000-0000-4D83-BACC-419A80AF64FD
CLSID=EA0D26BD-9029-431A-86E0-83152D67828A
CLSID=51CF80DC-A309-4735-BB11-EF18BF4E3AD9
- Registry Keys
HKCR\zangohook.SABHO
HKCR\zangohook.SABHO\CurVer
HKCR\zangohook.SABHO.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango
- Registry Values
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs ValueName=Zango
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=zango
«
Go to Software Database