Zango

Description:	Adware
Risk Level:	High
Date of First Occurence:	Wednesday, April 16, 2008
Software Developer:	180solutions, Inc.
Brief Info:	Zango is an adware program that monitors the contents of Internet browser windows. It opens the Web pages of partner sites when certain keywords are detected in Internet search or shopping browser windows.
Removal:	This threat can be removed using "Spyware Terminator"

REMOVER SPYWARE »

Geographical Distribution of Threat "Zango"

Threat Info

View All

Detected Items

Detected Files: %PROGRAMFILES%\Zango\bin\10.3.75.0\ZangoSAAX.dll MD5: 0B8073CA99C727B8E12ECB98214A5456 Size:316680 %TEMP%\1809072480.exe MD5: EEC0B6BF0F8BE04BD5A54521A3211AEC Size:22529 %PROGRAMFILES%\Zango\bin\10.3.74.0\CoreSrv.dll MD5: 4A27FF7C2E7D707B11102A3EEAEC007F Size:972040 %PROGRAMFILES%\Zango\bin\10.3.74.0\WeSkin.dll MD5: 891ECFD2F40EB4A933B867A8D93A9D0E Size:439560 %PROGRAMFILES%\ZANGO\BIN\10.3.37.0\ZANGOSA.EXE MD5: 434B4DA29BF927942176D7FB8034521C Size:762632 %PROGRAMFILES%\Zango\bin\10.3.37.0\WeSkin.dll MD5: 615AD760E9298BF870EA6F79C69645FD Size:439560 %PROGRAMFILES%\Zango\bin\10.3.37.0\Weather.exe MD5: 3A6B3A4B604BAFEF1D9202DBC557AB4F Size:501000 %PROGRAMFILES%\Zango\bin\10.3.37.0\OEAddOn.exe MD5: 9D186D5F81A6F3CCCD3EC6F5808E7685 Size:91400 %PROGRAMFILES%\zango\bin\10.3.75.0\Wallpaper.dll MD5: 359E31DBD4D7891F1F8C22B1982900F0 Size:341256 %TEMP%\180sainstallernusac.exe MD5: D1C54ED9BCF4D21FD697EAF8124CEC55 Size:419976 %PROGRAMFILES%\Zango Programs\Jade Shadow\jade.exe MD5: D63A61F23A14F4CD8792B5E91A850255 Size:643072 %TEMP%\180D.exe MD5: A43CDAB622BFBF7269C58F0FEC2FBEE9 Size:123979 %TEMP%\18013.exe MD5: 2B04B887AFAF0F24F4EA15BECB411029 Size:182697 %PROGRAMFILES%\zango\bin\10.3.74.0\firefox\extensions\plugins\npclntax_ZangoSA.dll MD5: 19C7F2E8FBA14DDB06713BF86B89D88B Size:70408 %PROGRAMFILES%\zango\bin\10.3.74.0\ZangoUninstaller.exe MD5: 8565F2FA6DD62E6D55AFCFA650674BA2 Size:331848 %PROGRAMFILES%\zango\bin\10.3.74.0\ZangoSADF.exe MD5: 9DF7278B71862C119558F4FA913F207C Size:386312 %PROGRAMFILES%\zango\bin\10.3.74.0\ZangoSAAX.dll MD5: A4542D17265231158EA70234A57D5ECF Size:316680 %PROGRAMFILES%\zango\bin\10.3.74.0\Wallpaper.dll MD5: B0BAD623D5F208CED6837E71E8171CE2 Size:341256 %PROGRAMFILES%\zango\bin\10.3.74.0\HostOL.dll MD5: E30C2575CCA1FA977FE93FBBCCE4B1A8 Size:849160 %PROGRAMFILES%\zango\bin\10.3.74.0\zangosahook.dll MD5: B93DFD257B038DA4578E76A42CCEBF01 Size:173320 %TEMP%\18011.exe MD5: 8F1FFE3FABED950E6319D5E2340B348B Size:103936 %TEMP%\18000001d000b7ae760032\NETSH.exe MD5: 808FF5B615DCBD7D086DF5ABD6529608 Size:20752 %TEMP%\180.exe MD5: F7C3913C6AE1E256042C54118BF6ED02 Size:93696 MD5: 022A95E8A75252C15BECAB4616DE369F Size:39424 MD5: D7DF3D94062F4D9BE6E40C4BE94C49CF Size:153088 MD5: AC722D7BFF3916382981AED1C2291AE8 Size:154112 MD5: 40E36877E39646D676DF88A8547A2681 Size:44114 MD5: 58E78E8AD500CF54092F0DA46E3E7A5C Size:29249 MD5: 1ECC3C03EE7BD23F285C07CEBC0C33FE Size:44097 MD5: 6932801184A370607879C554580189E2 Size:154112 MD5: 8655FABB81A4B5F78C6F224AA1D323BB Size:12632 MD5: D1FCE9CC7D967B1D278AA40D509DDB24 Size:108967 MD5: E98B0B5DFAFB48B2267FAB20312E0641 Size:4014 MD5: 8ED0E501F527A22ECC198DC60421FFBB Size:153598 and more.... %TEMP%\zango\jadeshadow\InstallerShell.exe MD5: 163A4AA0AF5C5645C7F682126D5F374E Size:210944 %TEMP%\180B6.exe MD5: D03E4219DF8B167472A24CD04C564F2D Size:191030 %TEMP%\180B0.exe MD5: CDDDFD2C256393C44AC8C83AB1EA3842 Size:123988 %PROGRAMFILES%\zango\bin\10.3.65.0\zangosahook.dll MD5: 936AD719481927DA9D6F4E7939C38EC5 Size:173320 %PROGRAMFILES%\Zango\bin\10.3.65.0\ZangoSA.exe MD5: 3CAD8D70B7CDD530996C7B9E3FB651C7 Size:762632 %PROGRAMFILES%\Zango\bin\10.3.65.0\OEAddOn.exe MD5: 873FEB864C58A5DECC7E599C2C88D69B Size:91400 %PROGRAMFILES%\Zango\bin\10.0.370.0\CoreSrv.dll MD5: B341FAEC3F4ABEC350C60CCC4AE12B9B Size:1045768 %PROGRAMFILES%\Zango\bin\10.0.370.0\Toolbar.dll MD5: 986D99C06380E79C91E6BFE20531F1DE Size:1201416 %PROGRAMFILES%\Zango\bin\10.0.370.0\HostIE.dll MD5: 43D23EEBF39970871BBFC724BC829B3A Size:652552 %PROGRAMFILES%\Zango\bin\10.0.370.0\ZangoSAAX.dll MD5: ECF44C95DD5F71387C7B1B5287818E63 Size:2385160 %PROGRAMFILES%\zango\bin\10.0.370.0\zangosahook.dll MD5: 7FE1AB58417062F6ADEB5547419A2BA4 Size:165128 %PROGRAMFILES%\Zango\bin\10.0.370.0\ZangoSA.exe MD5: B63C17D881905347294E624AD8B8E65C Size:771336 %PROGRAMFILES%\Zango\bin\10.0.370.0\OEAddOn.exe MD5: 5EEA1E0239713C59DFFBD3DD5288A7EE Size:91400 %PROGRAMFILES%\Zango\bin\10.0.370.0\HostOE.dll MD5: 0CCDA7C30D5A0EED77A7046B6DF92E96 Size:140552 %WINDIR%\msbb.exe MD5: 9F282E616AB3DBB38AE7BD0DC2FAA35A Size:270336 MD5: C6BB459E5A8DE8708758AAA5FA862E7E Size:196608 MD5: A89DDB6F2C69A9940C9E60EA88FE449A Size:309760 MD5: 7AA603A4B0D725CE200E7A89487DDD8E Size:11636 %PROGRAMFILES%\Zango\bin\10.3.75.0\Weather.exe MD5: 349AB8E4B8B8797C6B7D2A7DC38956B3 Size:578824 %PROGRAMFILES%\Zango\bin\10.3.75.0\ZangoSA.exe MD5: D6903945F179B4D1E15B5C33CD0BEBCD Size:840456 %PROGRAMFILES%\Zango\bin\10.3.75.0\OEAddOn.exe MD5: 52841A6D6D0655D3EFE8726DA0D52715 Size:169224 %PROGRAMFILES%\easy messenger\180SAInstaller.exe MD5: ED117B899AF2CF294C79C002D5E9624F Size:431904 %PROGRAMFILES%\EASY MESSENGER\EM2.EXE MD5: 7C4812027D2F4C69982BAFB8CC4FD672 Size:581632 %PROGRAMFILES%\zango\zango.exe MD5: 99438D4643580B65EB67553A855EE977 Size:867328 MD5: AEC123150ACB724D93ECBBA3364218C5 Size:31488 %PROGRAMFILES%\zango\bin\10.3.37.0\firefox\extensions\plugins\npclntax_ZangoSA.dll MD5: FDD101F0919D551813E9E5D469B4DF45 Size:70408 %PROGRAMFILES%\zango\bin\10.3.37.0\ZangoUninstaller.exe MD5: EBCF33129363D8A72095F5192FBBD60C Size:331344 %PROGRAMFILES%\zango\bin\10.3.37.0\ZangoSADF.exe MD5: 89ECD403A036E3BF47B355FF018EA83A Size:386312 %PROGRAMFILES%\zango\bin\10.3.37.0\ZangoSAAX.dll MD5: 6E312F8244F7F25AA3AAD6B7FE0AAE14 Size:316680 %PROGRAMFILES%\zango\bin\10.3.37.0\Wallpaper.dll MD5: D1677BD5E3C6D70D1E5F01449D5630B4 Size:341256 %PROGRAMFILES%\zango\bin\10.3.37.0\HostOL.dll MD5: 35F8E89B7724B3C7085744791695A5AE Size:849160 %PROGRAMFILES%\zango\bin\10.3.37.0\CntntCntr.dll MD5: 89A0E3C2F45FD2EE51D88BF46636EB44 Size:623880 %PROGRAMFILES%\Zango\bin\10.3.37.0\Srv.exe MD5: 77FF35FAB1248D0205B2B9A21663A813 Size:468232 %PROGRAMFILES%\Zango\bin\10.3.37.0\Toolbar.dll MD5: AAC1D7A887EA071878734D3762401017 Size:1066248 %PROGRAMFILES%\Zango\bin\10.3.37.0\CoreSrv.dll MD5: D8051D4085738C4D0510C58E824414B4 Size:972040 %PROGRAMFILES%\Zango\bin\10.3.37.0\HostIE.dll MD5: DAA60AB4B5719B47237D0EE40DE8CF90 Size:554248 %TEMP%\1802C.exe MD5: 076FBD08E630963631E0E63852A0D5F1 Size:172571 %TEMP%\18026.exe MD5: AC86A6C3B05DC4C7D448E914A54B6F15 Size:123993 %TEMP%\180sainstaller.exe MD5: 08FE41005B2730636831B7ACFBC5C775 Size:370824 MD5: 1020D0797FF337D24D59B6EE58019262 Size:292640 %PROGRAMFILES%\zango\bin\10.3.37.0\zangosahook.dll MD5: 783ABCAEE63111A5E64D261A6D8F5BBA Size:173320 %PROGRAMFILES%\Zango Programs\Zango Toolbar\ZangoTBUninstaller.exe MD5: CC710217D0C5EC4440A12ACB45CD45A3 Size:29768 %PROGRAMFILES%\Zango Programs\Zango Toolbar\ZangoTB.dll MD5: 9250D30872A439185D09DE164AADC476 Size:87624 %PROGRAMFILES%\ZANGO\BIN\10.0.275.0\ZANGOSA.EXE MD5: 0C75055BF0553DC1C22982106EB0997F Size:768264 %PROGRAMFILES%\Zango\bin\10.0.275.0\HostOE.dll MD5: 30983E86C9AA70CBD9BB18AB13C9C424 Size:140552 %TEMP%\180530294280421101.exe MD5: EABFFD1DFCF7E66CAF32B7A81C78889C Size:91136 %TEMP%\180365685.exe MD5: C9F5E692421CC151101469D530C9C83C Size:14336 %PROGRAMFILES%\Zango\bin\10.3.65.0\HostIE.dll MD5: D05F689698778F566B87A695479DCB7C Size:554248 %PROGRAMFILES%\Zango\bin\10.0.314.0\CoreSrv.dll MD5: F20ABC7E0A04FA89D38BAA7117D24717 Size:1045768 %PROGRAMFILES%\Zango\bin\10.0.314.0\HostIE.dll MD5: 4E15F6D90B01E0E25C63D75A1871F020 Size:652552 %PROGRAMFILES%\Zango\bin\10.0.314.0\HostOL.dll MD5: 51187C5ADB71D0241E13C53908186548 Size:910600 %PROGRAMFILES%\Zango\bin\10.0.314.0\ZangoSAAX.dll MD5: 64A7A01D8B8DF1D1219C91761F4875CA Size:2385160 %PROGRAMFILES%\zango\bin\10.0.314.0\zangosahook.dll MD5: 9C8FDF970F4E77FE8E2D593BB545CB8F Size:165128 %PROGRAMFILES%\Zango\bin\10.0.314.0\ZangoSA.exe MD5: A6FD611D2FC8AA59F9EF987CD3E9B3A8 Size:771336 %PROGRAMFILES%\Zango\bin\10.0.314.0\HostOE.dll MD5: 0084C22F394005CDC18933111460265E Size:140552 %TEMP%\180SAInstaller.exe MD5: C943A6FF6EDD622B2ADB4088A5ABED38 Size:579720 MD5: C9F34BF1F08458F71D7433CF1C2F1B86 Size:424072 %PROGRAMFILES%\zango\bin\10.1.181.0\zangosahook.dll MD5: B1A66001AD419504D0A9AF8C8280C0BC Size:165128 %PROGRAMFILES%\Zango\bin\10.1.181.0\ZangoSA.exe MD5: 48F1C74DCADBD11F7D67F903E8BF94AE Size:724232 %PROGRAMFILES%\Zango\bin\10.1.181.0\OEAddOn.exe MD5: E925A6A6A95021CE01C7C7B8B286B84E Size:91400 %PROGRAMFILES%\Zango\bin\10.1.181.0\HostOE.dll MD5: FCB39300EA28759EF77ACE71232AD565 Size:140552 %PROGRAMFILES%\Zango Programs\David vs Goliath\david.exe MD5: AC7C57B6C7B591FE5BA4CA11BB389239 Size:712704 %PROGRAMFILES%\Zango Programs\Crypt Hunter\Crypt Hunter.exe MD5: 78FEB70E6328B83D9B6DA3D73CDE2301 Size:28226957 %PROGRAMFILES%\Zango Programs\Common\ClientAxProxy.dll MD5: A226988A5675D35DF962424C7DBE2D60 Size:128520 %PROGRAMFILES%\ZANGO\BIN\10.1.181.0\ZANGOSA.EXE MD5: C38557FB8F6595850E523C687BB7786E Size:724232 %PROGRAMFILES%\Zango\bin\10.1.181.0\WeSkin.dll MD5: 6B889976CBF17671DC07F8D493902DF3 Size:439560 %PROGRAMFILES%\Zango\bin\10.1.181.0\Weather.exe MD5: 1B52C557B699A1F24998AD673FDD6A25 Size:496904 %PROGRAMFILES%\Zango\bin\10.3.35.0\HostIE.dll MD5: 86676A4542E1A1DAFF80D10D9A4B9C0E Size:554248 %PROGRAMFILES%\Zango\bin\10.3.35.0\WeSkin.dll MD5: 9D72F6C92311F51DB8E76943499211F1 Size:439560 %PROGRAMFILES%\Zango\bin\10.3.35.0\Weather.exe MD5: 3EAEBD6C7DDBC87B7FBF752F522C39F8 Size:501000 %PROGRAMFILES%\zango\bin\10.3.35.0\zangosahook.dll MD5: 9BA4F27BF54D380F5944892337FF1858 Size:173320 %PROGRAMFILES%\Zango\bin\10.3.35.0\ZangoSA.exe MD5: D7A91A2865B777FB3A360BB79445E4D1 Size:762632 %PROGRAMFILES%\Zango\bin\10.3.35.0\OEAddOn.exe MD5: A605579F90EE602460184E9FDA4B4927 Size:91400 %PROGRAMFILES%\Zango\bin\10.3.35.0\HostOE.dll MD5: 00887C66961FDCDDCBC0CF0E0FE397DF Size:140552 %PROGRAMFILES%\Zango Programs\Zango TV\zangotv.exe MD5: 360EE696353E37442221C4275FD29F30 Size:593920 %PROGRAMFILES%\Zango Programs\Zango Muncher\zangomuncher.exe MD5: B93F7039D48E86D57D69DDED84C2C712 Size:602112 %PROGRAMFILES%\Zango Programs\Wubly\Wubly.exe MD5: 6B719761A81AE6F9BF63E4980FFA01C2 Size:6483991 %PROGRAMFILES%\Zango Programs\Speed\Speed.exe MD5: C72C87C82AE13FFA319651E51C133EA8 Size:2308098 %PROGRAMFILES%\Zango Programs\Sheriff Tripeaks\sheriff-tripeaks.exe MD5: 3097F6549C7B4474AD18F73D72957AF2 Size:991318 %PROGRAMFILES%\Zango Programs\Secret Chamber\chamber.exe MD5: 0C7DBCBE1BB78156413FB7161646CC2C Size:598016 %PROGRAMFILES%\Zango Programs\Mini Golf Pro\Mini Golf Pro.exe MD5: D13B93703097D4071CA05160CE157C72 Size:6026227 %PROGRAMFILES%\Zango Programs\Jumper Two\Jumper Two.exe MD5: 0EAF59F7FD66FF6ED51CEABF64AAC0A3 Size:3952252 %PROGRAMFILES%\Zango Programs\Infection\Infection.exe MD5: 962AFAF89CF8801642F567B971122D56 Size:7901301 %PROGRAMFILES%\Zango Programs\Air Hockey\AirHockey2.exe MD5: 04FF8F6BBB990371D84ECD0CA46EE9F8 Size:966656 %TEMP%\180ToZangoNOVPFinish.exe MD5: F465890883A03AEB2FB801EB8FF2FEFB Size:768112 %PROGRAMFILES%\zango applications\Zango Weather\WeatherInstall.exe MD5: 2CAE6CDFC8540130EDEBE163C28D5C9E Size:169721 %TEMP%\zango\windwords\InstallerShell.exe MD5: 03565E4FBB69D9A3CB4262325947217A Size:392704 %TEMP%\18072.exe MD5: AEAF368D4C21027898C9A8DC6B4EFD04 Size:372203 %TEMP%\1806C.exe MD5: B755F7A27B86350D428DFC85CBB1CF34 Size:123983 %TEMP%\1807640\ytb_inst.exe MD5: 62531A085B228DE7FD763D5808ED5995 Size:741195 %TEMP%\1807640\ymdc.exe MD5: 85BFBE59E8E4AD588F298BA69E6CFAE8 Size:46088 %PROGRAMFILES%\zango\bin\10.3.36.0\firefox\extensions\plugins\npclntax_ZangoSA.dll MD5: 06CEBDC06E937C90C2116E12F538CF45 Size:70408 %PROGRAMFILES%\zango\bin\10.3.36.0\ZangoUninstaller.exe MD5: 79D239EF63E61B5866C78A6731079F84 Size:331408 %PROGRAMFILES%\zango\bin\10.3.36.0\ZangoSAHook.dll MD5: 54212AAE90B5690E6E2D1E71982676F7 Size:173320 %PROGRAMFILES%\zango\bin\10.3.36.0\ZangoSADF.exe MD5: 2EE8F42805D8A535E727D90486140264 Size:386312 %PROGRAMFILES%\zango\bin\10.3.36.0\ZangoSAAX.dll MD5: 0B46A922F607603FA0085E337110EA99 Size:316680 %PROGRAMFILES%\zango\bin\10.3.36.0\WeSkin.dll MD5: 072504C1D04DEAF53EB3C09DBA0EC8BD Size:439560 %PROGRAMFILES%\zango\bin\10.3.36.0\Wallpaper.dll MD5: 8E6EC9151E096E1D1AA11B6658346425 Size:341256 %PROGRAMFILES%\zango\bin\10.3.36.0\Toolbar.dll MD5: 1D1833BEC2DD2C81D9E0A0F45467F844 Size:1066248 %PROGRAMFILES%\zango\bin\10.3.36.0\Srv.exe MD5: 38484E71C782D2E01AF1E571E928B5E9 Size:468232 %PROGRAMFILES%\zango\bin\10.3.36.0\InstIE.dll MD5: 42C37751632E3BB8E4932322E57CA6CD Size:312584 %PROGRAMFILES%\zango\bin\10.3.36.0\HostOL.dll MD5: 6A188C13374618A3AC35038EA238491B Size:849160 %PROGRAMFILES%\zango\bin\10.3.36.0\HostIE.dll MD5: 02FCA1EEB432D8177D223021EE440EDD Size:554248 %PROGRAMFILES%\zango\bin\10.3.36.0\CoreSrv.dll MD5: 4A0D95211322A48406404AF8D301BD3E Size:972040 %PROGRAMFILES%\zango\bin\10.3.36.0\CntntCntr.dll MD5: EEA31F91B6B370E5A7BEE2545AF57601 Size:623880 %PROGRAMFILES%\Zango\bin\10.3.36.0\ZangoSA.exe MD5: 95224846CEFFE861D104E6AFCAE63A6D Size:762632 %PROGRAMFILES%\Zango\bin\10.3.36.0\Weather.exe MD5: 9B33C2276A2A800A4498AD28D5F0C701 Size:501000 %PROGRAMFILES%\Zango\bin\10.3.36.0\OEAddOn.exe MD5: 6E7E87DE9888923FC36957C9211E5838 Size:91400 %PROGRAMFILES%\Zango\bin\10.3.36.0\HostOE.dll MD5: 9D39AC3E0DBAB500B5F2AD642AC846C6 Size:140552 %PROGRAMFILES%\zango messenger\uninstall.exe MD5: F5AF83437C046D8FF6086450E425223C Size:3584 %PROGRAMFILES%\ZANGO MESSENGER\EM2.EXE MD5: D2E1A63FBECA639B0517EE9B2E6685EE Size:582144 %TEMP%\180sainstallersca.exe MD5: 84EBFC52DFA37CCCB6E541944531AA01 Size:428168 %TEMP%\180.exe MD5: 9B573E3AF9776EF3B7ABECA2E27879D5 Size:153608 MD5: 14B9C812EFAD2A56E419B83855CAC049 Size:153646 %PROGRAMFILES%\Zango Programs\Library of the Ages\library.exe MD5: 834710DC27B32DA98266B761EA2D75E5 Size:585728 %PROGRAMFILES%\zango\bin\10.3.70.0\firefox\extensions\plugins\npclntax_ZangoSA.dll MD5: C50AF5885B14546EDD1588F6A11E5004 Size:70408 %PROGRAMFILES%\zango\bin\10.3.70.0\ZangoUninstaller.exe MD5: 0E823566C37F1E99F8BD41E15418E36C Size:331408 %PROGRAMFILES%\zango\bin\10.3.70.0\ZangoSAHook.dll MD5: C5491BD6703F8FA9EA9B242DF5F7D79F Size:173320 %PROGRAMFILES%\zango\bin\10.3.70.0\ZangoSADF.exe MD5: 9BE109AEB270304619B9E2D25E9EA477 Size:386312 %PROGRAMFILES%\zango\bin\10.3.70.0\ZangoSAAX.dll MD5: 77EEB94C1301C9079FC36B5439A99FC2 Size:316680 %PROGRAMFILES%\zango\bin\10.3.70.0\ZangoSA.exe MD5: 54E4A7A74081FCF10264B6FB4EF5B8BC Size:762632 %PROGRAMFILES%\zango\bin\10.3.70.0\WeSkin.dll MD5: 2E46DC44EA900AAF564E72206A90613A Size:439560 %PROGRAMFILES%\zango\bin\10.3.70.0\Weather.exe MD5: 09D77D6D764F188DCAC52AB5568EFCB7 Size:501000 %PROGRAMFILES%\zango\bin\10.3.70.0\Wallpaper.dll MD5: 860D2A42C6B752C6EDC6B1CEE9A8B7D8 Size:341256 %PROGRAMFILES%\zango\bin\10.3.70.0\Toolbar.dll MD5: 85F34A8E5E53613F9F22D717ECC13586 Size:1066248 %PROGRAMFILES%\zango\bin\10.3.70.0\Srv.exe MD5: B7674094528571A9A5FC2BE3A48F78BD Size:468232 %PROGRAMFILES%\zango\bin\10.3.70.0\OEAddOn.exe MD5: 8DBAB94946C51E0C871AC6478616F29E Size:91400 %PROGRAMFILES%\zango\bin\10.3.70.0\HostOL.dll MD5: 4620958FC439374C73EC525A5C9F98B5 Size:849160 %PROGRAMFILES%\zango\bin\10.3.70.0\HostOE.dll MD5: A705DCFCEDBBCC3DF04DA1306DDDD0B9 Size:140552 %PROGRAMFILES%\zango\bin\10.3.70.0\CoreSrv.dll MD5: 3B01EB3BA02788E491AF1A941D80D7BF Size:972040 %PROGRAMFILES%\zango\bin\10.3.70.0\CntntCntr.dll MD5: 4659BA9A5D82AC3A17FDAF035BBD54BD Size:623880 %PROGRAMFILES%\Zango\bin\10.3.70.0\HostIE.dll MD5: 239E9CA5664CAAF635F8F5A1FD97DCE6 Size:554248 %TEMP%\180F5.exe MD5: 12B01D151F6BF7625A5270BAE48B8C53 Size:184781 %PROGRAMFILES%\Zango\bin\10.3.65.0\Toolbar.dll MD5: 234328A70A840B3199D4A3A47833BCCF Size:1066248 %PROGRAMFILES%\Zango\bin\10.3.65.0\HostOL.dll MD5: 440F31282F01614BE480EBBC90F4F66F Size:849160 %TEMP%\1801158612.exe MD5: 51569CFA6BC978862A783084D87B9B0E Size:22017
Detected Files with variable Filenames: MD5: 1DC55E857B992BA03AC9C4365B1D96DD Size: 972040 %PROGRAMFILES%\Zango\bin\10.3.75.0\CoreSrv.dll %PROGRAMFILES%\zango\bin\10.3.75.0\CoreSrv.dll.ren MD5: F34491F8A1F0F6DA0EA108ABA6204F78 Size: 439560 %PROGRAMFILES%\Zango\bin\10.3.75.0\WeSkin.dll %PROGRAMFILES%\zango\bin\10.3.75.0\WeSkin.dll.ren MD5: 3BD3E739669CCB4596ABF22BD01CABFA Size: 501000 %PROGRAMFILES%\Zango\bin\10.3.75.0\Weather.exe %PROGRAMFILES%\zango\bin\10.3.75.0\weather.exe.ren MD5: CD0ADEE83D2266C301783D9958624E64 Size: 173320 %PROGRAMFILES%\zango\bin\10.3.75.0\zangosahook.dll %PROGRAMFILES%\zango\bin\10.3.75.0\zangosahook.dll.ren MD5: 133DECBF1A0C397BC3DA553AF5272E38 Size: 1066248 %PROGRAMFILES%\Zango\bin\10.3.75.0\Toolbar.dll %PROGRAMFILES%\zango\bin\10.3.75.0\Toolbar.dll.ren MD5: 8ADD5388449C7CA29B6B399CBC567E84 Size: 849160 %PROGRAMFILES%\Zango\bin\10.3.75.0\HostOL.dll %PROGRAMFILES%\zango\bin\10.3.75.0\HostOL.dll.ren MD5: 622BB601F8B8BB8A7E954F03632EB4FF Size: 69264 %TEMP%\1800208549.exe %TEMP%\1808153517.exe %TEMP%\1804848627.exe %TEMP%\1807377335.exe %TEMP%\1803846695.exe MD5: CBF0768F023F76596DFD1262F7CCF21B Size: 184772 %TEMP%\1803F.exe %TEMP%\18035.exe %TEMP%\18024.exe MD5: E0A6BF2E6BD2E89B0A12BE05EBE2CC13 Size: 123985 %TEMP%\18038.exe %TEMP%\1802F.exe %TEMP%\1801E.exe %TEMP%\180EF.exe MD5: 197E0A5F8F2423CAA14026B4E9A9740E Size: 53248 %TEMP%\zango\jadeshadow\Bidulator.exe %TEMP%\zango\windwords\Bidulator.exe MD5: 173311AE55DAE1C8A8FC2CC2D634C8C9 Size: 3072 %PROGRAMFILES%\easy messenger\idle.dll %PROGRAMFILES%\zango messenger\idle.dll MD5: 783657F43CEC7F19C32CBDCF0D659D66 Size: 3584 %PROGRAMFILES%\Easy Messenger\uninstall.exe %PROGRAMFILES%\zango messenger\uninstall.exe.ren %PROGRAMFILES%\zango messenger\uninstall.exe MD5: E5FBABB8D755F85A0E9E0288AB9D6EA9 Size: 54784 %TEMP%\1805683653.exe %TEMP%\1804484133.exe %TEMP%\1804231533.exe MD5: F81B39B8836651BC30A22E24086699BC Size: 91136 %TEMP%\1800441783667273346.exe %TEMP%\1801983163-1781090602.exe MD5: 897852D53540B23EE9CBDA62FB873451 Size: 114688 %PROGRAMFILES%\Zango Programs\David vs Goliath\ZangoLib.dll %PROGRAMFILES%\Zango Programs\Zango TV\ZangoLib.dll %PROGRAMFILES%\Zango Programs\Zango Muncher\ZangoLib.dll %PROGRAMFILES%\Zango Programs\Secret Chamber\ZangoLib.dll MD5: D80BB08696A289DA5B1AEEF05EB0F8A4 Size: 137728 %WINDIR%\qzgtut.exe %WINDIR%\ajgpwryf.exe MD5: B43EA16662161BB481763DC7B1B3F318 Size: 123996 %TEMP%\18020.exe %TEMP%\18010.exe

Detecting items list:

Files by Name %TEMP%\Zango\messenger\Bidulator.exe %programfiles%\zango\zanuhook.dll %TEMP%\180*.exe %windir%\JIBOL.EXE %programfiles%\zango\zangohook.dll %programfiles%\zango applications\zango messenger\em2.exe %programfiles%\zango applications\zango messenger\idle.dll %programfiles%\zango applications\zango messenger\messengerinstall.exe %programfiles%\zango applications\zango messenger\messengerinstaller.exe %programfiles%\zango applications\zango messenger\messengersetup.exe %programfiles%\zango applications\zango messenger\uninstall.exe %programfiles%\zango applications\zango messenger\unwise.exe %programfiles%\zango applications\zango messenger\zangoinstaller.exe %START_PROGRAMS%\zango\zango.com.url %START_PROGRAMS%\zango applications\zango messenger\zango messenger.lnk %TEMP%\zango\messenger\installershell.exe %programfiles%\zango\zanu.exe %programfiles%\zangoclient\zanu.exe %windir%\msbb.exe %programfiles%\easy messenger\em2.exe %programfiles%\zango messenger\unwise.exe %programfiles%\Zango Programs\Zango Toolbar\ZangoTB.dll %programfiles%\zango\zango.exe %programfiles%\Zango SiteFinder\ZangoSiteFinder.exe %WINDIR%\azad.exe
Files by MD5 MD5: D80BB08696A289DA5B1AEEF05EB0F8A4 Size: 137728
Files by Directories %programfiles%\zango %programfiles%\zangoclient %START_PROGRAMS%\zango %START_PROGRAMS%\zango applications\zango messenger %TEMP%\zango %TEMP%\zango\messenger %programfiles%\zango applications %programfiles%\zango messenger %programfiles%\easy messenger %programfiles%\Zango Programs\Zango Toolbar %programfiles%\Zango Programs
Files by CLSID or Name CLSID=56F1D444-11BF-4879-A12B-79CF0177F038 CLSID=99410CDE-6F16-42ce-9D49-3807F78F0287 CLSID=21B4ACC4-8874-4AEC-AEAC-F567A249B4D4 CLSID=00000000-0000-4D83-BACC-419A80AF64FD CLSID=EA0D26BD-9029-431A-86E0-83152D67828A CLSID=51CF80DC-A309-4735-BB11-EF18BF4E3AD9
Registry Keys HKCR\zangohook.SABHO HKCR\zangohook.SABHO\CurVer HKCR\zangohook.SABHO.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango
Registry Values HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs ValueName=Zango HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ValueName=zango

« Go to Software Database

Pesquisar em nosso banco de dados de software

Navegar pelo Banco de dados

Últimas notícias sobre Malware

23. Setembro 2011

Among one of the most active spywares currently is without a doubt Trojan.MicroFake.ba. It attacks in conjunction with Rogue antispyware applications and forces users to purchase these fake applications. Using rootkit techniques is very typical of this Trojan to help it hide from users and the system, making it hard to trace. We recommend regular updating of our database and an active real-time protection with antivirus.

Notícias anteriores sobre malware »