This program delivers advertising content to the user. It is usually annoying but harmless, unless it is combined with spyware or trackware.
Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action.
More scanning & removal options
More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.
You may also refer to the Knowledge Base on the F-Secure Community site for more information.
Adware:W32/Zwangi displays popup advertisements on the infected machine.
Once launched, the program will also attempt to connect to the following sites:
File System Changes
Creates these files:
Sets these values:
- HKLM\System\CurrentControlSet\Services\Weemi Service ImagePath = "C:\Documents and Settings\All Users\Application Data\Weemi\weemi117.exe" "weemi.dll" Service [Launchpoint: Service]
Creates these keys:
- HKLM\System\CurrentControlSet\Services\Weemi Service
- HKLM\System\CurrentControlSet\Services\Weemi Service\Security
Description Created: 2009-09-30 06:29:31.0
Description Last Modified: 2009-09-30 06:43:51.0