home

Zango

Publisher Information

Zango is a software developer located in Bellevue, Washington in the United States*. The company is a primary distributor of unwanted software. Zango, also known as 180solutions, Hotbar and ePIPO, is a adware publisher that now operates as Pinball Corporation. The software mostly consists of browser plugins that are difficult to remove. Thre are 4 additional code signing certificates issued to this publisher.
Authority:
VeriSign, Inc.

Valid from:
2/14/2008 1:00:00 AM

Valid to:
5/13/2010 1:59:59 AM

Subject:
CN=Zango, OU=Zango, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Zango, L=Bellevue, S=Washington, C=US

Issuer:
CN=VeriSign Class 3 Code Signing 2004 CA, OU=Terms of use at https://www.verisign.com/rpa (c)04, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
1ca00caea054614d44d3119b6db48ad8

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
PUP.Zango (M), PUP.Zango.Installer (M)
100.00%

1 / 68      (Adware)
setup.exe (Setup by Zango)  (ec688c375db0ea26af7c18893233bf15)

1 / 68      (Adware)
emulesetup.exe (Setup by Zango)  (6776bcaac74a741393eafe67d6e4f77b)

1 / 68      (Adware)
emuleplussetup.exe (Setup by Zango)  (9dc986845ae9fd047b8106f78b476263)

1 / 68      (Adware)
tmp0000006505d3b40d0dd27fad (Zango Firefox Plugin by Zango)  (c90657d7ce511c6860659da2569ac957)

1 / 68      (Adware)
emulesetup.exe (Setup by Zango)  (36d9252b2feb113e8f6e20fabd797a46)

1 / 68      (Adware)
vlcsetup.exe (Setup by Zango)  (f5cbb1433ccacd0a2c4b391c1df3c8fb)

1 / 68      (Adware)
Resource.dll (Zango Resource DLL by Zango)  (18de4e9c87a520295cff5835848be8df)

1 / 68      (Adware)
Install.dll (Install Dynamic Link Library by Zango)  (ee3873c412f83c18974c0f0f34f7f3df)

1 / 68      (Adware)
oeaddon.exe (Hotbar by Zango)  (bbd47421dc76e9fad1d7e58cbcb65722)

1 / 68      (Adware)
ClientAxProxy.dll (ActiveX Control by Zango)  (2d2c4628eb233d77e05db5ce4fcbc139)

1 / 68      (Adware)
npclntax_zangosa.dll (Zango Firefox Plugin by Zango)  (fdd101f0919d551813e9e5d469b4df45)

1 / 68      (Adware)
hostie.dll (Zango by Zango)  (02fca1eeb432d8177d223021ee440edd)

1 / 68      (Adware)
sai4b6b.tmp (Zango by Zango)  (44f4c14072625f90d6bf68fecec3af22)

1 / 68      (Adware)
vuzesetup.exe (Setup by Zango)  (4df92971fc0ebbe6a47e8f59c1241d91)

1 / 68      (Adware)
hotbarsa.exe (Hotbar Search Assistant by Zango)  (d9c9787fd37a6b1ee28c4c7c39a62339)

1 / 68      (Adware)
oeaddon.exe (Zango by Zango)  (6e7e87de9888923fc36957c9211e5838)

1 / 68      (Adware)
zangosa.exe (Zango Search Assistant by Zango)  (95224846ceffe861d104e6afcae63a6d)

1 / 68      (Adware)
tmp0000000442d4bda717405a8d (Weather by Zango)  (70e40553290b6061ec82d4c520b395db)

1 / 68      (Adware)
hostie.dll (Hotbar by Zango)  (c7cd43a77db62f9c50220629ca06187e)

1 / 68      (Adware)
hotbarsa.exe (Hotbar Search Assistant by Zango)  (70e28167c10e88d1ea8b32213119053b)

1 / 68      (Adware)
hostoe.dll (Zango by Zango)  (2d0dbaacd932e103ab783b1067d46ba6)

1 / 68      (Adware)
WeSkin.DLL (Weather by Zango)  (55c72fd92f3ff03bb34e0f8acaa3b309)

1 / 68      (Adware)
Setup.exe (Setup by Zango)  (68a1cb14568ed17aa69ba4199b56ac30)

1 / 68      (Adware)
Resource.dll (Hotbar Resource DLL by Zango)  (be1a88be56b6994429882fb3e3cd4022)

1 / 68      (Adware)
launchhelp.dll (by Zango)  (9e8c456314678b48a11b0799d10222d9)

1 / 68      (Adware)
Install.dll (Install Dynamic Link Library by Zango)  (0d588f0eb9af4e2db8ebdec77d2cdda0)

1 / 68      (Adware)
limewiresetup.exe (Setup by Zango)  (82043d66919ec21c3aa072e82178287d)

1 / 68      (Adware)
limewiresetup.exe (Setup by Zango)  (ffaf14e554c37f736e9e04e3dde15056)

1 / 68      (Adware)
vlcsetup.exe (Setup by Zango)  (dcde1183f76be97d09fb4d158fefb62d)

1 / 68      (Adware)
hostie.dll (Zango by Zango)  (5e908d670ddf11e48ff7f1fd1e0ae6f3)

 
Latest 30 of 136 files

The certificates below are also signed by Zango.

1BFD2BADE8D6BA77BAB6FA3C75F46631  (Mar 20, 2007 to May 13, 2008)

7A9E3D20F0540AA46412FA66C233F5B8  (Mar 16, 2006 to May 10, 2007)

7F7BA710B2DE94E64618988A4FC1BDBD  (Apr 26, 2005 to Apr 27, 2006)

02A6ED914A18FFBC5CDE777EFF702F6A  (May 20, 2004 to May 21, 2005)

* Note, the details and description above are based on the code signing digital signature issued to Zango by VeriSign, Inc. on February 14, 2008 with the serial number '1ca00caea054614d44d3119b6db48ad8'.
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.