Zwangi

By Sumo3000 in Browser Hijackers

Translate To:

Threat Scorecard

Threat Level:	20 % (Normal)
Infected Computers:	263

First Seen:	December 1, 2009
Last Seen:	October 28, 2022
OS(es) Affected:	Windows

Zwangi is a malicious browser hijacker. When inside a computer, Zwangi will run in the background and modify the browser settings in order to redirect a victim's searches to malicious or advertising websites. Zwangi may also generate numerous pop-ups and disable security software on the infected computer. Remove Zwangi from your computer with a good antivirus.

Table of Contents

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
Panda	Malicious Packer
AVG	OneStepSearcher.P
Ikarus	Gen.Variant.AdWare.Zwangi
AVG	PSW.Banker5.BSYT
Kaspersky	Trojan-Banker.Win32.Banker.bdkx
ClamAV	BC.Heuristics.Rootkit.B-9.MV
NOD32	Win32/Spy.Banker.WAP
McAfee	Artemis!B88A2E30814C
Comodo	MalCrypt.Indus!
BitDefender	Gen:Heur.Krypt.12
NOD32	a variant of Win32/Kryptik.IDM
NOD32	a variant of Win32/Kryptik.ELT
AVG	Cryptic.AEA
Sunbelt	Trojan.Win32.Bredolab.Gen.pac (v)
NOD32	Win32/Adware.DesktopSecurity2010

SpyHunter Detects & Remove Zwangi

File System Details

Zwangi may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	GBM8.exe	9deb0d5937339f0a1b5adc098ad5aa19	79
Name: GBM8.exe MD5: 9deb0d5937339f0a1b5adc098ad5aa19 Size: 607.87 KB (607872 bytes) Detections: 79 Type: Executable File Path: C:\Program Files (x86)\Genie-Soft\GBMPro8\GBM8.exe Group: Malware file Last Updated: October 28, 2022
2.	0047.DLL	a469716fbacba5a0b10e2429f70208d5	30
Name: 0047.DLL MD5: a469716fbacba5a0b10e2429f70208d5 Size: 37.37 KB (37376 bytes) Detections: 30 Type: Dynamic link library Path: %WINDIR%\system32 Group: Malware file Last Updated: December 8, 2010
3.	cntprot.exe	344ec301934c487407095919ee073b8f	26
Name: cntprot.exe MD5: 344ec301934c487407095919ee073b8f Size: 1.67 MB (1673728 bytes) Detections: 26 Type: Executable File Path: %APPDATA%\Protection Center Group: Malware file Last Updated: April 15, 2020
4.	qhj0.exe	2a31732080e0b938ad4cb53508cea0cf	24
Name: qhj0.exe MD5: 2a31732080e0b938ad4cb53508cea0cf Size: 40.96 KB (40960 bytes) Detections: 24 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: December 8, 2010
5.	datprot.exe	5b09127a5e60c99d2386dcb8fb5da559	17
Name: datprot.exe MD5: 5b09127a5e60c99d2386dcb8fb5da559 Size: 1.69 MB (1699840 bytes) Detections: 17 Type: Executable File Path: %PROGRAMFILES%\Data Protection Group: Malware file Last Updated: December 8, 2010
6.	m.21CA.tmp.exe	a88180ad9b6982bab598cb1c5ead4f13	8
Name: m.21CA.tmp.exe MD5: a88180ad9b6982bab598cb1c5ead4f13 Size: 2.94 MB (2940416 bytes) Detections: 8 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: December 8, 2010
7.	iesto64.dll	b88a33b9d72afc285b26e76e5f21ca3b	4
Name: iesto64.dll MD5: b88a33b9d72afc285b26e76e5f21ca3b Size: 73.72 KB (73728 bytes) Detections: 4 Type: Dynamic link library Path: %USERPROFILE%\Configuraci??n local\Datos de programa\iesto64 Group: Malware file Last Updated: December 9, 2010
8.	nah_earv.exe	990c1f138c5d872b38701b03da2bd7d3	3
Name: nah_earv.exe MD5: 990c1f138c5d872b38701b03da2bd7d3 Size: 99.32 KB (99328 bytes) Detections: 3 Type: Executable File Path: %USERPROFILE% Group: Malware file Last Updated: December 8, 2010
9.	secservr.exe	704ba23e92ba8517869575b04226721b	3
Name: secservr.exe MD5: 704ba23e92ba8517869575b04226721b Size: 37.88 KB (37888 bytes) Detections: 3 Type: Executable File Path: %PROGRAMFILES%\Microsoft SQL Server\MSSQL$PACCAR\Binn Group: Malware file Last Updated: November 16, 2018
10.	ojokel.exe	52d39cf626500f81d47a596af4c4726a	2
Name: ojokel.exe MD5: 52d39cf626500f81d47a596af4c4726a Size: 5.63 KB (5632 bytes) Detections: 2 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: December 8, 2010
11.	36a1532f.dll	2a78d7e06e66a52c08af1f2063b81ac6	2
Name: 36a1532f.dll MD5: 2a78d7e06e66a52c08af1f2063b81ac6 Size: 1.53 MB (1538048 bytes) Detections: 2 Type: Dynamic link library Path: %WINDIR%\system32 Group: Malware file Last Updated: December 8, 2010
12.	MicrosoftExtensions.dll	49a19bb5943eb5a10b75c2e0fee85771	2
Name: MicrosoftExtensions.dll MD5: 49a19bb5943eb5a10b75c2e0fee85771 Size: 374.27 KB (374272 bytes) Detections: 2 Type: Dynamic link library Path: %TEMP% Group: Malware file Last Updated: December 9, 2010
13.	nvmcaudio97.dll	ce3564af5238a15abc348a1c529f73ea	2
Name: nvmcaudio97.dll MD5: ce3564af5238a15abc348a1c529f73ea Size: 69.63 KB (69632 bytes) Detections: 2 Type: Dynamic link library Path: %USERPROFILE%\Impostazioni locali\Dati applicazioni\nvmcaudio97 Group: Malware file Last Updated: December 8, 2010
14.	trs.sys	b88a2e30814cd2154cb40c8754ff3d1a	2
Name: trs.sys MD5: b88a2e30814cd2154cb40c8754ff3d1a Size: 8.32 KB (8320 bytes) Detections: 2 Type: System file Path: %WINDIR%\System32\drivers Group: Malware file Last Updated: December 9, 2010
15.	Au_.exe	0ac4cd89be5f9e82700bd197448bf26c	1
Name: Au_.exe MD5: 0ac4cd89be5f9e82700bd197448bf26c Size: 92.82 KB (92824 bytes) Detections: 1 Type: Executable File Group: Malware file Last Updated: February 28, 2021
16.	dplay32.dll	40f4b4304cbd8a38918e88f1a8314314	1
Name: dplay32.dll MD5: 40f4b4304cbd8a38918e88f1a8314314 Size: 139.77 KB (139776 bytes) Detections: 1 Type: Dynamic link library Path: %WINDIR%\System32 Group: Malware file Last Updated: December 9, 2010
17.	msgsc2.dll	ad06893b1b50505f7ab2b361d6b249af	1
Name: msgsc2.dll MD5: ad06893b1b50505f7ab2b361d6b249af Size: 590.84 KB (590848 bytes) Detections: 1 Type: Dynamic link library Path: %PROGRAMFILES%\Messenger Group: Malware file Last Updated: December 8, 2010
18.	boot.exe	c046ce4b86206169f32e63ee69126a31	1
Name: boot.exe MD5: c046ce4b86206169f32e63ee69126a31 Size: 807.93 KB (807932 bytes) Detections: 1 Type: Executable File Path: %WINDIR%\system32\Win32_Run Group: Malware file Last Updated: December 8, 2010
19.	Btocia.exe	73f646ed46fec003e6845e01c17f0143	1
Name: Btocia.exe MD5: 73f646ed46fec003e6845e01c17f0143 Size: 174.59 KB (174592 bytes) Detections: 1 Type: Executable File Path: %WINDIR% Group: Malware file Last Updated: December 8, 2010
20.	dpwsockx32.dll	0ee164688dd583db33fdfe238a7bb955	1
Name: dpwsockx32.dll MD5: 0ee164688dd583db33fdfe238a7bb955 Size: 296.96 KB (296960 bytes) Detections: 1 Type: Dynamic link library Path: %ALLUSERSPROFILE% Group: Malware file Last Updated: December 8, 2010
21.	windows.exe	831ec347fcd665e90931676b75c044ea	1
Name: windows.exe MD5: 831ec347fcd665e90931676b75c044ea Size: 131.07 KB (131072 bytes) Detections: 1 Type: Executable File Path: %WINDIR%\system32\svhost Group: Malware file Last Updated: December 8, 2010
22.	dot3api32.dll	a4fce94da986e00fd1b07cdb8e2b3e2c	1
Name: dot3api32.dll MD5: a4fce94da986e00fd1b07cdb8e2b3e2c Size: 200.7 KB (200704 bytes) Detections: 1 Type: Dynamic link library Path: %WINDIR%\system32 Group: Malware file Last Updated: December 8, 2010
23.	m.22E.tmp.exe	91cebfed6a042ea910c5427c079c734e	1
Name: m.22E.tmp.exe MD5: 91cebfed6a042ea910c5427c079c734e Size: 2.71 MB (2718208 bytes) Detections: 1 Type: Executable File Path: %TEMP% Group: Malware file Last Updated: December 9, 2010
24.	Gates.exe	38d70683fde392707dd7eb21141b4ef4	1
Name: Gates.exe MD5: 38d70683fde392707dd7eb21141b4ef4 Size: 2.42 MB (2420736 bytes) Detections: 1 Type: Executable File Path: %ALLUSERSPROFILE%\Datos de programa\Gatesss Group: Malware file Last Updated: December 8, 2010
25.	~TM9B.tmp	f426e0b5d27445c7d65d011ed63edadb	1
Name: ~TM9B.tmp MD5: f426e0b5d27445c7d65d011ed63edadb Size: 153.6 KB (153600 bytes) Detections: 1 Type: Temporary File Path: %TEMP% Group: Malware file Last Updated: December 8, 2010
26.	api-ms-win-core-misc-l1-1-032.dll	0cc53b2afb44d2557d3e6319e758f40d	1
Name: api-ms-win-core-misc-l1-1-032.dll MD5: 0cc53b2afb44d2557d3e6319e758f40d Size: 250.88 KB (250880 bytes) Detections: 1 Type: Dynamic link library Path: %ALLUSERSPROFILE% Group: Malware file Last Updated: December 9, 2010
27.	sukoku(2)(2)(2).dll	cd4dc698161f825849b0d9b3d8f55d34	0
Name: sukoku(2)(2)(2).dll MD5: cd4dc698161f825849b0d9b3d8f55d34 Size: 589.82 KB (589824 bytes) Detections: 0 Type: Dynamic link library Group: Malware file Last Updated: December 11, 2009
28.	resulttool129.exe	d66066ddbf7a1fef1c01f7c636cc93fa	0
Name: resulttool129.exe MD5: d66066ddbf7a1fef1c01f7c636cc93fa Size: 49.15 KB (49152 bytes) Detections: 0 Type: Executable File Path: %PROGRAMDATA%\ResultTool Group: Malware file Last Updated: October 27, 2011

More files

Enigma Software Group Prevails Over Malwarebytes at the Ninth Circuit

Search

Change Region

Zwangi

Threat Scorecard

EnigmaSoft Threat Scorecard

Aliases

SpyHunter Detects & Remove Zwangi

File System Details

Submit Comment

Related Posts

Adware.Win32.Zwangi.v

Zwangie.com

TR/BHO.Zwangi.728.trojan

Trending

Rzfu Ransomware

'YouPorn' Email Scam

Rzkd Ransomware

Most Viewed

Is Lookmovie.io Safe?

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen