What is Zoompic?

Zoompic is software application developed by Jambo Digital Ltd. It is most commonly found on computers running Windows 7 with nearly 58.02% of installations running this operating system. Zoompic's installer is typically 4.00 MB in size and installs around 11 files.

Zoompic is most popular in the United States with 100.00% of installations residing in this country.

Zoompic adds 1 scheduled task to the Windows Task Scheduler launching the program at randomly scheduled times. When using a computer that is connected to the internet, Zoompic is known to create 1 firewall exception to allow inbound and outbound connectivity.

About Zoompic?

Zoompic is a browser extension supported by advertisements that may serve a variety of ads, including coupons, affiliate links, and price comparisons. These ads are delivered through various methods, such as inserting them into the content of the web pages the user is viewing. This adware also tracks the user's browsing activity, including visited web pages, search terms, and domains. Additionally, Zoompic may install a web browser extension and inject ads into the underlying webpage in the form of banners or inline text advertisements. The ads are tailored to the user's queries.

Multiple virus scanners have detected malware in Zoompic.

cozwdhost.exe (MD5: a95f538dc9efeb2f3c3906b0739f8b07) has been flagged by 34 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Adware.Agent.PFN
Agnitum Outpost	5.5.1.3	PUA.PennyBee!
ALYac	1.0.1.4	Adware.Agent.PFN
avast!	8.0.1489.320	Win32:Adware-gen [Adw]
AVG	15.0.0.4315	Generic.397
Avira	3.6.1.96	ADWARE/PennyBee.199200
AVware	1.5.0.21	Trojan.Win32.Generic!BT
Bitdefender	7.2	Adware.Agent.PFN
Comodo Security	21589	ApplicUnwnt
Dr.Web	7.0.12.3050	Trojan.Siggen6.28348
Emsisoft Anti-Malware	3.0.0.600	Adware.Agent.PFN (B)
ESET-NOD32	11400	Win32/Adware.PennyBee.D
Fortinet FortiGate	5.0.999.0	Riskware/PennyBee
F-Secure	11.0.19100.45	Adware.Agent.PFN
G Data	25	Adware.Agent.PFN
K7 AntiVirus	9.202.15430	Adware ( 004b77e51 )
K7GW	9.202.15430	Adware ( 004b77e51 )
Malwarebytes	1.75.0.1	PUP.Optional.Zoomify.A
McAfee	6.0.5.614	Artemis!A95F538DC9EF
Microsoft Security Essentials	1.1.11502.0	Adware:Win32/ZoomyLib
MicroWorld-eScan	12.0.250.0	Adware.Agent.PFN
nProtect	2015-03-30.01	Adware.Agent.PFN
Panda Antivirus	4.6.4.2	Trj/Genetic.gen
Qihoo-360	1.0.0.1015	HEUR/QVM10.1.Malware.Gen
Sophos	4.98.0	Zoomify
Symantec	20141.2.0.56	WS.Reputation.1
Trend Micro	9.740.0.1012	TROJ_GEN.R00UC0DAR15
TrendMicro-HouseCall	9.700.0.1001	TROJ_GEN.R00UC0DAR15
VIPRE Antivirus	38904	Trojan.Win32.Generic!BT
AhnLab-V3	2015.07.21.03	Adware/Win32.Zoomylib
Arcabit	1.0.0.425	Adware.ZoomyLib.A
CAT-QuickHeal	14.00	AdWare.ZoomyLib.r5 (Not a Virus)
McAfee-GW-Edition	v2015	Artemis
Tencent	1.0.0.1	Win32.Risk.Adware.Chc

cozaghost.exe (MD5: 006001c7ae8047ef5287ca188968a6eb) has been flagged by 28 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	12.0.163.0	Adware.ZoomyLib.A
Agnitum Outpost	5.5.1.3	PUA.PennyBee!
AhnLab-V3	2015.07.21.03	Adware/Win32.Zoomylib
ALYac	1.0.1.4	Adware.ZoomyLib.A
Arcabit	1.0.0.425	Adware.ZoomyLib.A
avast!	8.0.1489.320	Win32:Malware-gen
AVG	15.0.0.4392	Generic.397
Avira	8.3.1.6	ADWARE/ClickPotato.471096
AVware	1.5.0.21	Trojan.Win32.Generic!BT
Bitdefender	7.2	Adware.ZoomyLib.A
CAT-QuickHeal	14.00	AdWare.ZoomyLib.r5 (Not a Virus)
Emsisoft Anti-Malware	3.5.0.642	Adware.ZoomyLib.A (B)
ESET-NOD32	11971	a variant of Win32/Adware.PennyBee.J
F-Secure	11.0.19100.45	Adware.ZoomyLib.A
G Data	25	Adware.ZoomyLib.A
K7 AntiVirus	9.207.16622	Riskware ( 0049f6ae1 )
K7GW	9.207.16623	Riskware ( 0049f6ae1 )
Malwarebytes	2.1.1.1115	PUP.Optional.Zoomify.A
McAfee	6.0.5.614	Artemis!006001C7AE80
McAfee-GW-Edition	v2015	Artemis
Microsoft Security Essentials	1.1.11804.0	Adware:Win32/ZoomyLib
MicroWorld-eScan	12.0.250.0	Adware.ZoomyLib.A
nProtect	2015-07-20.01	Adware.ZoomyLib.A
Panda Antivirus	4.6.4.2	Trj/Genetic.gen
Symantec	20141.2.0.56	WS.Reputation.1
Tencent	1.0.0.1	Win32.Risk.Adware.Chc
Trend Micro	9.740.0.1012	TROJ_GEN.R03LC0DBJ15
VIPRE Antivirus	42194	Trojan.Win32.Generic!BT

coz32host.exe (MD5: 0865f36ba55217ebbd4251c72e5cef01) has been flagged by 36 scanners:

Scanner Software	Version	Result
Lavasoft Ad-Aware	663	Adware.Jambo.A
Agnitum Outpost	7.1.1	PUA.PennyBee
ALYac	1.0.1.4	Adware.Jambo.A
avast!	2014.9-150413	Win32:Dropper-gen [Drp]
AVG	2016.0.3141	Generic6
Avira	7.11.217.14	Adware/ClickPotato.154112
AVware	1.5.0.21	Trojan.Win32.Generic!BT
Baidu-International	4.0.3.15413	Adware.Win32.PennyBee.D
Bitdefender	1.0.20.515	Adware.Jambo.A
Cyren	5.4.16.7	W32/Adware.ZXSK-1138
Emsisoft Anti-Malware	8.15.04.13.01	Adware.Jambo
ESET-NOD32	9.11316	Win32/Adware.PennyBee.D
Fortinet FortiGate	4/13/2015	Riskware/PennyBee
F-Secure	11.2015-13-04_2	Adware.Jambo.A
G Data	15.4.25	Adware.Jambo
Malwarebytes	v2015.04.13.01	PUP.Optional.Zoomify.A
McAfee	5600.6797	Artemis!0865F36BA552
McAfee-GW-Edition	7.6797	BehavesLike.Win32.BadFile.cm
Microsoft Security Essentials	1.1.11400.0	Adware:Win32/ZoomyLib
MicroWorld-eScan	16.0.0.309	Adware.Jambo.A
nProtect	15.03.13.01	Adware.Jambo.A
Sophos	4.98	Generic PUA EH
Symantec	4/13/2015 rev. 2	Trojan.Gen
Trend Micro	10.465.13	TROJ_GEN.R047C0DAM15
TrendMicro-HouseCall	7.2.103	TROJ_GEN.R047C0DAM15
VIPRE Antivirus	38396	Trojan.Win32.Generic!BT
Comodo Security	21589	ApplicUnwnt
Dr.Web	7.0.12.3050	Trojan.Siggen6.28348
K7 AntiVirus	9.202.15430	Adware ( 004b77e51 )
K7GW	9.202.15430	Adware ( 004b77e51 )
Panda Antivirus	4.6.4.2	Trj/Genetic.gen
Qihoo-360	1.0.0.1015	HEUR/QVM10.1.Malware.Gen
AhnLab-V3	2015.07.21.03	Adware/Win32.Zoomylib
Arcabit	1.0.0.425	Adware.ZoomyLib.A
CAT-QuickHeal	14.00	AdWare.ZoomyLib.r5 (Not a Virus)
Tencent	1.0.0.1	Win32.Risk.Adware.Chc

Software Behaviors

Services:

cozwdhost.exe runs as a service named 'cozwdhost' (cozwdhost).
cozaghost.exe runs as a service named 'cozaghost' (cozaghost).

Firewall:

cozaghost.exe is added as a firewall exception for 'C:\Documents and Settings\user\Application Data\makulitsidwe\1.1.0.29\cozaghost.exe'.

Scheduled tasks:

cozaghost.exe is scheduled as a task named 'Tempo Runner coz64host'.

Software Details

URL:

–

Support:

–

Installation path:

C:\ProgramData\makulitsidwe\1.1.0.29

Uninstaller:

C:\ProgramData\makulitsidwe\1.1.0.29\Uninstaller.exe /ga=1503

Size:

4.00 MB

Language:

English

Zoompic Executable Details

Primary executable:

coz32host.exe

Name:

Zoompic

Path:

C:\ProgramData\makulitsidwe\1.1.0.29\coz32host.exe

MD5:

0865f36ba55217ebbd4251c72e5cef01

SHA-1:

–

SHA-256:

–

File Type

Filename

MD5

EXE

uninstaller.exe

5c437e5e231bb135a46cd8ed5ba17796

EXE

utils.exe

a93d3040777ef2f8da8c91784dd53c70

XPI

zoompic.xpi

6be8326561ad034c7bafe6dea3b2892c

DLL

zoompicutil32.dll

4ab973f3e190eb8cb3f501d15f0bb64a

DLL

zoompicL64.dll

bbddd70592e85e49dfc3d5b712e86fd8

DLL

zoompicL32.dll

d720123bceba40ed8243f54f78a24a62

EXE

cozwdhost.exe

Adware

a95f538dc9efeb2f3c3906b0739f8b07

EXE

cozahost.exe

c75348cf22ef07a9b35f6d9f81e35354

EXE

cozaghost.exe

Malware

006001c7ae8047ef5287ca188968a6eb

EXE

coz64host.exe

b4c7b49e79e377df6f6256f2842a5c79