Zinkzo.com
Zinkzo.com is a malicious site that facilitates the propagation of various PC threats, particularly the browser hijacker known as BrowserModifier:Win32/Zwangi. Besides promoting and being promoted by these same browser hijackers, Zinkzo.com may also expose you to other PC threats, hostile sites or simply pointless advertisements with its questionable search functions. SpywareRemove.com malware experts have noted that most visits to Zinkzo.com occur through browser redirect attacks or through contact with spam messages, which have been known to include links to Zinkzo.com. If any of the above has happened to your PC, you should be prepared to use reputable anti-malware products to remove any PC threats that may have been installed onto your computer with or without your permission, including Zinkzo.com-promoting browser hijackers.
Zinkzo.com – Using Circular Promotion Techniques for Profit
Zinkzo.com looks similar to any other search engine, and even provides a privacy policy and other safeguards, but, unfortunately, all of these features are just empty promises to give Zinkzo.com a greater appearance of legitimacy than Zinkzo.com deserves. As a copy of sites like Browserquest.com, BrowserQuery.com, Browserseek.com, Browserzinc.com, Zwangie.com, Zwankysearch.com, Winkzink.com and Zinkwink.com, Zinkzo.com can be considered to be just as dangerous for your PC as any of the above sites and isn't capable of providing search results that are on par with professional standards for such. SpywareRemove.com malware researchers have noted that Zinkzo.com has been actively engaged in distributing PC threats, and is particularly likely to install browser hijackers for itself, such as BrowserModifier:Win32/Zwangi, without acquiring consent from visitors.
BrowserModifier:Win32/Zwangi (AKA Mal/BHO-S, Spyware.Screenspy or TR/BHO.Zwangi.391, according to some of its other aliases) will redirect your web browser to Zinkzo.com when you try to load popular sites such as Google or Yahoo. This allows Zinkzo.com's web masters to gain additional revenue from your traffic, and SpywareRemove.com malware experts generally recommend that you minimize any contact with Zinkzo.com or associated sites to reduce the possibility of other attacks against your computer.
Reacting to Zinkzo.com Redirects and Putting an End to Them
Zinkzo.com redirects can attack your web browser regardless of its brand, and, even if your web browser isn't running, may cause your PC to have worsened performance due to the resource expenditure from a hidden browser hijacker. Since manual installation or contact with Zinkzo.com is required, in most cases, BrowserModifier:Win32/Zwangi to infect your computer, SpywareRemove.com malware experts recommend that you pay close attention to software during installation and use basic web surfing safeguards.
If you need to delete a browser hijacker for Zinkzo.com or other Zinkzo.com-related PC threat, you should scan your PC, preferably after a boot into Safe Mode, to disable, detect and remove all malicious programs. Because browser hijackers that promote sites like Zinkzo.com may also have other capabilities (including spyware functions), SpywareRemove.com malware experts recommend that you do this as soon as you first see symptoms of redirects to Zinkzo.com or come into contact with Zinkzo.com.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%AppData%[trojan name]toolbarversion.xml
File name: %AppData%[trojan name]toolbarversion.xmlMime Type: unknown/xml
%Temp%[trojan name]toolbar-manifest.xml
File name: %Temp%[trojan name]toolbar-manifest.xmlMime Type: unknown/xml
%AppData%[trojan name]toolbarcouponsmerchants2.xml
File name: %AppData%[trojan name]toolbarcouponsmerchants2.xmlMime Type: unknown/xml
%AppData%[trojan name]toolbardtx.ini
File name: %AppData%[trojan name]toolbardtx.iniMime Type: unknown/ini
%AppData%[trojan name]toolbarcouponscategories.xml
File name: %AppData%[trojan name]toolbarcouponscategories.xmlMime Type: unknown/xml
%AppData%[trojan name]toolbarcouponsmerchants.xml
File name: %AppData%[trojan name]toolbarcouponsmerchants.xmlMime Type: unknown/xml
%AppData%[trojan name]toolbarguid.dat
File name: %AppData%[trojan name]toolbarguid.datFile type: Data file
Mime Type: unknown/dat
%AppData%[trojan name]toolbarlog.txt
File name: %AppData%[trojan name]toolbarlog.txtMime Type: unknown/txt
%AppData%[trojan name]toolbarpreferences.dat
File name: %AppData%[trojan name]toolbarpreferences.datFile type: Data file
Mime Type: unknown/dat
%AppData%[trojan name]toolbaruninstallIE.dat
File name: %AppData%[trojan name]toolbaruninstallIE.datFile type: Data file
Mime Type: unknown/dat
%AppData%[trojan name]toolbaruninstallStatIE.dat
File name: %AppData%[trojan name]toolbaruninstallStatIE.datFile type: Data file
Mime Type: unknown/dat
%AppData%[trojan name]toolbarstat.log
File name: %AppData%[trojan name]toolbarstat.logMime Type: unknown/log
%AppData%[trojan name]toolbarstats.dat
File name: %AppData%[trojan name]toolbarstats.datFile type: Data file
Mime Type: unknown/dat
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7} "[trojan name] Toolbar"HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}VersionIndependentProgID "[trojan name]IEHelper.UrlHelper"HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{99079a25-328f-4bd4-be04-00955acaa0a7}InprocServer32 "C:PROGRA~1WINDOW~4ToolBar[trojan name]dtx.dll"HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} "UrlHelper Class"HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}ProgID "[trojan name]IEHelper.UrlHelper.1"HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuardCurVerHKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuardCLSIDHKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuardHKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{99079a25-328f-4bd4-be04-00955acaa0a7} "[trojan name] Toolbar"HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar "[trojan name] Toolbar"HKEY_LOCAL_MACHINESOFTWAREClasses[trojan name]IEHelper.DNSGuard.1
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.