BitDefender Products
About BitDefender
Application.180solutions.Zango
( Adware.180Search,Adware.Win32.180Solutions,Adware.180Solutions )| Spreading: | low | |
| Damage: | low | |
| Size: | 141 kbytes | |
| Discovered: | 2006 May 10 |
SYMPTOMS:
A yellow icon with a black "g" appears in the taskbar ,a toolbar appears in your browser and popups appear from time to time when you're surfing the webTECHNICAL DESCRIPTION:
Application.180solutions.Zango is an ad supported software that runs in the background and although it has a icon in the taskbar it won't let you unload it through standard methods it also sends information to the home site about your browsing habbits and displays ads based on the keywords you search. It also has a searchbar that displays irelevant or sponsored links if you type in keywords.Files and folders created:
C:\Documents and Settings\All Users\Start Menu\Programs\Zango
C:\Program Files\Zango Programs
C:\Program Files\Zango
C:\WINNT\Downloaded Program Files\ClientAX.dll
Registry keys created:
HKEY_CLASSES_ROOT\AppID\{F1F040D5-E8F8-4680-B101-9334E9773841}
HKEY_CLASSES_ROOT\AppID\ZangoToolbar.DLL
HKEY_CLASSES_ROOT\ClientAX.ClientInstaller.1
HKEY_CLASSES_ROOT\ClientAX.ClientInstaller
HKEY_CLASSES_ROOT\ClientAX.RequiredComponent.1
HKEY_CLASSES_ROOT\ClientAX.RequiredComponent
HKEY_CLASSES_ROOT\ClientAX.ZangoClientAX.1
HKEY_CLASSES_ROOT\ClientAX.ZangoClientAX
HKEY_CLASSES_ROOT\LMgr180.WMDRMAx.1
HKEY_CLASSES_ROOT\LMgr180.WMDRMAx
HKEY_CLASSES_ROOT\zangohook.SABHO.1
HKEY_CLASSES_ROOT\zangohook.SABHO
HKEY_CLASSES_ROOT\ZangoToolbar.ZCToolBand.1
HKEY_CLASSES_ROOT\ZangoToolbar.ZCToolBand
HKEY_CURRENT_USER\Software\zango
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EA0D26BD-9029-431A-86E0-83152D67828A}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56F1D444-11BF-4879-A12B-79CF0177F038}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zango REG_SZ, 70 bytes, ""c:\program files\zango\zango.exe""
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Zango Toolbar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zango
HKEY_LOCAL_MACHINE\SOFTWARE\Zango Programs
HKEY_LOCAL_MACHINE\SOFTWARE\zango
Removal instructions:
Please let BitDefender disinfect your files.ANALYZED BY:
George Nechifor ,virus researcher
