By ESGI Advisor in Browser Hijackers

Zinkzo.com Image

Zinkzo.com is a search engine that is designed to display nothing but advertisements whenever a computer user carries out a search. Zinkzo.com belongs to a large family of search engines with identical designs. Clones of Zinkzo.com, such as Zwangie.com and WyeKe.com have the same interface. The only difference from one website to another is in each clone's name, which changes to match its designated URL and the name of the file process that runs on the infected computer system. The main page of Zinkzo.com is blue and white and contains this website's logo in the form of a magnifying glass. Any visit to the Zinkzo.com website should be treated as a potential malware infection, and should be followed with a full scan of all hard drives in search for any malware that may have infected them as a result of contact with Zinkzo.com.

How Zinkzo.com Differs from Other Spam Websites

Spam websites are nothing new – from click farms to typo squatters, websites designed for nothing else than to display advertisements have long been present on the Internet. However, the main problem with Zinkzo.com is not the fact that Zinkzo.com displays advertisements but that Zinkzo.com is related to browser hijackers and forces its victims to visit repeatedly. Usually in the form of a malicious Browser Helper Object (BHO) or browser toolbar, this browser hijacker takes over the infected computer system's browser and forces it to visit Zinkzo.com and its clones repeatedly. This browser hijacker infection will usually be part of a Trojan that fundamentally alters how the victim's computer system goes online, as well being protected with a dangerous rootkit infection. Because of this, redirects to the bogus search engine Zinkzo.com should be taken quite seriously, as they are signs of a severe malware infection.

Do Not Let Criminals Profit from Forcing Zinkzo.com on You!

By boosting this malicious website's traffic with the help of browser hijackers, criminals can quickly accumulate a substantial profit which would normally only be possible by providing useful content or providing services for their visitors. Instead of bothering with this, criminals simply force their victims to visit Zinkzo.com repeatedly and reap the rewards. Use a good anti-malware application to erase any malware from your computer system.

File System Details

Zinkzo.com may create the following file(s):
# File Name Detections
1. %AppData%[trojan name]toolbarcouponsmerchants2.xml
2. %AppData%[trojan name]toolbarcouponsmerchants.xml
3. %AppData%[trojan name]toolbarpreferences.dat
4. %AppData%[trojan name]toolbarstat.log
5. %Temp%[trojan name]toolbar-manifest.xml
6. %AppData%[trojan name]toolbarcouponscategories.xml
7. %AppData%[trojan name]toolbarlog.txt
8. %AppData%[trojan name]toolbaruninstallStatIE.dat
9. %AppData%[trojan name]toolbarversion.xml
10. %AppData%[trojan name]toolbardtx.ini
11. %AppData%[trojan name]toolbarguid.dat
12. %AppData%[trojan name]toolbaruninstallIE.dat
13. %AppData%[trojan name]toolbarstats.dat

Registry Details

Zinkzo.com may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}InprocServer32 "C:PROGRA~1WINDOW~4ToolBar[trojan name]dtx.dll"
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuardCurVer
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} "[trojan name] Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID "[trojan name]IEHelper.UrlHelper"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID "[trojan name]IEHelper.UrlHelper.1"
HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuard.1
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} "[trojan name] Toolbar"
HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} "UrlHelper Class"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar "[trojan name] Toolbar"


Most Viewed