Home Malware Programs Browser Hijackers ZinkSeek.com

ZinkSeek.com

Posted: April 2, 2012

ZinkSeek.com Screenshot 1ZinkSeek.com is a fake web search system used to increase traffic of this bogus website and other web pages related to it. ZinkSeek.com is associated with Trojans, rootkits and browser hijackers such as ZeroAccess rootkit and Google Redirect Virus. These malware threats may include a malicious code which targets a web browser. They can hijack your web browser and change default homepage. These malware threats can also change your search results on any major search engine and redirect you to ZinkSeek.com or other dubious and advertising websites. Malware infections linked to ZinkSeek.com may display annoying pop-up ads and slow down your PC. To avoid ZinkSeek.com web-navigation problem, you need to remove all malware infections connected with this fraudulent search engine.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%AppData%[trojan name]toolbarstat.log File name: %AppData%[trojan name]toolbarstat.log
Mime Type: unknown/log
%AppData%[trojan name]toolbardtx.ini File name: %AppData%[trojan name]toolbardtx.ini
Mime Type: unknown/ini
%AppData%[trojan name]toolbarlog.txt File name: %AppData%[trojan name]toolbarlog.txt
Mime Type: unknown/txt
%AppData%[trojan name]toolbarpreferences.dat File name: %AppData%[trojan name]toolbarpreferences.dat
File type: Data file
Mime Type: unknown/dat
%AppData%[trojan name]toolbarguid.dat File name: %AppData%[trojan name]toolbarguid.dat
File type: Data file
Mime Type: unknown/dat
%AppData%[trojan name]toolbarstats.dat File name: %AppData%[trojan name]toolbarstats.dat
File type: Data file
Mime Type: unknown/dat
%AppData%[trojan name]toolbaruninstallIE.dat File name: %AppData%[trojan name]toolbaruninstallIE.dat
File type: Data file
Mime Type: unknown/dat
%AppData%[trojan name]toolbaruninstallStatIE. dat File name: %AppData%[trojan name]toolbaruninstallStatIE. dat
Mime Type: unknown/ dat
%Temp%[trojan name]toolbar-manifest.xml File name: %Temp%[trojan name]toolbar-manifest.xml
Mime Type: unknown/xml
%AppData%[trojan name]toolbarversion.xml File name: %AppData%[trojan name]toolbarversion.xml
Mime Type: unknown/xml
%AppData%[trojan name]toolbarcouponscategories.xml File name: %AppData%[trojan name]toolbarcouponscategories.xml
Mime Type: unknown/xml
%AppData%[trojan name]toolbarcouponsmerchants.xml File name: %AppData%[trojan name]toolbarcouponsmerchants.xml
Mime Type: unknown/xml
%AppData%[trojan name]toolbarcouponsmerchants2.xml File name: %AppData%[trojan name]toolbarcouponsmerchants2.xml
Mime Type: unknown/xml

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\{CLSID Path}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID "[trojan name]IEHelper.UrlHelper.1"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} "UrlHelper Class"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}InprocServer32 "C:PROGRA~1WINDOW~4ToolBar[trojan name]dtx.dll"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} "[trojan name] Toolbar"HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID "[trojan name]IEHelper.UrlHelper"HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Classes[trojan name]IEHelper.DNSGuardHKEY_LOCAL_MACHINE\SOFTWARE\Classes[trojan name]IEHelper.DNSGuard.1HKEY_LOCAL_MACHINE\SOFTWARE\Classes[trojan name]IEHelper.DNSGuardCurVerHKEY_LOCAL_MACHINE\SOFTWARE\Classes[trojan name]IEHelper.DNSGuardCLSIDHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} "[trojan name] Toolbar"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar "[trojan name] Toolbar"
Loading...