CategorySearch Hijacker: Any software that resets your browser's settings to point to other sites when you perform a search. Hijacks may reroute your info and address requests through an unseen site, capturing that info. In such hijacks, your browser may behave normally, but be slower. Search results when such a hijacker is running will sometimes differ from non-hijacked results.
Reasons For RetentionThe Zango Toolbar (hereafter, 'the Toolbar') fails the eTrust™ PestPatrol® Spyware Scorecard v2.05.03. Research was conducted on December 28th, 2005. The Toolbar was downloaded from dollidol.com.
The Toolbar meets the following Scorecard criteria:
First, installs itself or any other item without user permission or knowledge at time of installation. The installation process lacks clarity of intention from the outset. When downloaded from dollidol.com a button titled ‘Personalized Avatar of the Day' with ‘Powered by Zango’ below the avatar, was clicked. By doing this, another window opens with ‘Doll idol.com’ at top and the primary button titled ‘CREATE NEW AVATAR.’ The emphasis is placed on creating avatars. Clicking this button leads to the File Download box for ZangoInstaller.exe. After the installer is downloaded there are only two more steps, both of which come late in the installation process and after the key executable is on the system.
Second, displays popup/popunder ads. Ads are shown when the host product is not being used or even installed, though it is designed to ‘support’ other products.
Third, updates itself or any other. Zango installs a DAT file with many keywords that correspond to a popup ad. When a user types words in the browser, for example, Zango compares these words against those in the DAT file and if there is a match a popup ad will be displayed. These DAT files are updated periodically for more current ones or if the one on disk gets corrupted. Zango does this update at boot without user permission or awareness. Furthermore, Zango does not offer any configuration options related to updates.
Update
On 08/28/2006, the Zango Toolbar was observed hijacking address bar searches. If a user types something in the address bar, "travel" for example, the search is redirected to tvf.zango.com without informing the user that this is occurring.
Immediate Protection Info
|
DAT Release
|
Product
|
DAT Version
|
| Original | eTrust PestPatrol v4
CA Antispyware v9
eTrust PestPatrol v8
eTrust PestPatrol v5
eTrust PestPatrol v4
eTrust PestPatrol v4
CA Antispyware v9
| 01 10 2006
01 10 2006
01 10 2006
01 10 2006
03 30 2006
08 07 2006
02 17 2009
|
| Latest | eTrust PestPatrol v4
eTrust PestPatrol v8
eTrust PestPatrol v5
eTrust PestPatrol v4
eTrust PestPatrol v4
CA Antispyware v9
| 03 28 2006
07 09 2009
07 09 2009
08 03 2006
01 11 2007
11 09 2009
|