Sukoku.com

By JubileeX in Browser Hijackers

Sukoku.com Image

Sukoku.com is a search engine that is identical to a large number of search engines such as Seekeen.com – in fact, the differences between these two web pages are minimal, both using the same layout and design with only the search engine's name being different from one to the other. It is important to understand that Sukoku.com has no legitimate search functions, being limited instead to displaying advertisements for malicious websites that tend to promote various online scams. Sukoku.com also has the typo squatter element, taking advantage of computer users that may have wanted to arrive at the web page Sudoku.com, a legitimate web page for fans of this popular number puzzle (a typo squatter is a website that has been set up with the sole purpose of leeching traffic from a high-traffic website by taking advantage of common typos when writing out the URL in the address bar). The main danger with the Sukoku.com website is the fact that Sukoku.com is closely linked to a dangerous browser hijacker. This browser hijacker is caused by a browser toolbar which will usually be installed as a requirement for various low-quality freeware applications. In reality, this browser toolbar also installs a dangerous Trojan that has the capacity to take over the infected computer's web browser, forcing it to visit Sukoku.com repeatedly.

Dealing with a Malware Infection Associated with Sukoku.com

The main purpose of bogus search engines like Sukoku.com is to profit from the large amount of artificially-boosted web traffic that browser hijackers allow them to generate. Regardless of the reason why a visitor arrives at a website, advertising revenue is calculated with the number of times an advertisement is exhibited and the amount of times a particular link is clicked. This means that criminals can infect their victim's with browser hijackers in order to corral them into the Sukoku.com website (as well as other clones of this bogus search engine). Browser hijackers associated with websites like Sukoku.com also affect a computer system's performance adversely, often slowing the infected computer down and causing various problems when connecting to the Internet. The victim may also find that their homepage and default search engine has been set to one of these malicious search engines. Using a reliable anti-malware application to remove the Trojan causing redirects to the Sukoku.com website should put an end to any problems on the infected computer system.

File System Details

Sukoku.com may create the following file(s):
# File Name Detections
1. %AppData%[trojan name]toolbarcouponsmerchants2.xml
2. %AppData%[trojan name]toolbarcouponsmerchants.xml
3. %AppData%[trojan name]toolbarpreferences.dat
4. %AppData%[trojan name]toolbarstat.log
5. %Temp%[trojan name]toolbar-manifest.xml
6. %AppData%[trojan name]toolbarcouponscategories.xml
7. %AppData%[trojan name]toolbarlog.txt
8. %AppData%[trojan name]toolbaruninstallStatIE.dat
9. %AppData%[trojan name]toolbarversion.xml
10. %AppData%[trojan name]toolbardtx.ini
11. %AppData%[trojan name]toolbarguid.dat
12. %AppData%[trojan name]toolbaruninstallIE.dat
13. %AppData%[trojan name]toolbarstats.dat

Registry Details

Sukoku.com may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}InprocServer32 "C:PROGRA~1WINDOW~4ToolBar[trojan name]dtx.dll"
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuardCurVer
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} "[trojan name] Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID "[trojan name]IEHelper.UrlHelper"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID "[trojan name]IEHelper.UrlHelper.1"
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuard
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuard.1
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} "[trojan name] Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} "UrlHelper Class"
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuardCLSID
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar "[trojan name] Toolbar"

Trending

Most Viewed

Loading...