Tech Support Forum banner
Cancel

reguardind the zinaps problem..

Jump to Latest Follow
Status
Not open for further replies.
1 - 2 of 2 Posts
L

· Registered
Joined
·
2 Posts
Discussion Starter · #1 ·
ok for my problem yesterday was:
there was a pop up message in my desktop saying that my comp was infected with spyware and need "special" programs to get rid of it. it said to get rid of it, click the messeage. that message looked exactly like a windows update message, the difference being the contents of the text displayed. when i clicked it a "anti spyware" program popped up without an installation wizard thing, no IE window opening to some website...i've never HEARD of the program, i googled it and barely nay results came out..it had a buy option...but since i never go for programs i have to pay for, i closed it and uninstalled it from my comp. but no uninstall wizard popped up, only a window saying its gone. then the pop up reappears every few minutes and zinaps would appear if i clicked it. I googled it, and again, very little info as before. I spoke to several of my computer nerd friends...one of them suggested i check registry and yes it was there...a folder named zinaps7...i deleted it but that didnt work...i deleted other entries with zinaps in it too...didnt work..so then he said check msconfig and someone on somewhere said the thing comes form a file made the same day the problem starts in aplication data with .exe ending...and yes there was a file like there..theres a zinaps folder too in application data...i deleted both the folder and the .exe file with the random name(its njjgsomething for the person who said it on that site i found on google), for me its baokx.exe...i unchecked that in startup too...then i downloaded spybot s&d and scanned....after scanning and clicking the "fix this problem" button i restarted, zinaps didnt pop up again...
now my only concern is making sure its not there...also while scanning to get the log to post here, i also looked at the log and noticed that theres a bunch of cookies it found harmful or potentially harmful...since they were just cookies with names of sites i dont even know about but looked like it came from ads or somthing...i deleted what i could...im 90% sure that deleting cookies wont get me much trouble, theyre not essential files for the comp to work..unlike the stuff in the registry...so here's the log...i got rid of w/e cookies were in the cookie folder for both my acc and the guest acc...the rest, i cudnt find or it said its been disinfected...so hopefully i wont have much more trouble...just wanna make sure zinaps is gone and to
clean out w/e's left to clean out

i thank all who are willing to help me ensure my comp is safe^^

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-05-26 11:10:28
PROTECTIONS: 2
MALWARE: 26
SUSPECTS: 2
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
AVG 7.5.519 7.5.519 Yes No
McAfee VirusScan No No
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.atdmt.com/]
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[.tribalfusion.com/]
00147796 Cookie/Entrepreneur TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.revenue.net/]
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.com.com/]
00167647 Cookie/Yadro TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00167672 Cookie/DomainSponsor TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[landing.domainsponsor.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00167749 Cookie/Toplist TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.perf.overture.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[ad.yieldmanager.com/]
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[ad.yieldmanager.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.serving-sys.com/]
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.bs.serving-sys.com/]
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00168097 Cookie/BurstBeacon TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][2].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[server.iad.liveperson.net/hc/66037379]
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[server.iad.liveperson.net/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\ycuiehij.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[.advertising.com/]
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[.advertising.com/]
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[.realmedia.com/]
00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Application Data\Mozilla\Firefox\Profiles\h29jgpdt.default\cookies.txt[.realmedia.com/]
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][2].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Guest\Cookies\[email protected][1].txt
00286732 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][5].txt
00286736 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][3].txt
02164907 Generic Malware Virus/Trojan No 0 Yes Yes C:\Program Files\DIGStream\digstream.exe
02897073 Cookie/Revenue TrackingCookie No 0 Yes No C:\Documents and Settings\Anna\Cookies\[email protected][1].txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location
 
tetonbob

· TSF Security Manager, Emeritus
Joined
·
51,795 Posts
#2 ·
Please do this:

Download Deckard's System Scanner (DSS) to your Desktop. Note: You must be logged onto an account with administrator privileges.
  1. Close all applications and windows.
  2. Double-click on dss.exe to run it, and follow the prompts.
  3. When the scan is complete, two text files will open - main.txt <- this one will be maximized and extra.txt <-this one will be minimized
  4. Copy (Ctrl+A then Ctrl+C) and paste (Ctrl+V) the contents of main.txt here.
  5. Please attach extra.txt to your post.
To attach a file to a new post, simply
  1. Click the[Manage Attachments] button under Additional Options > Attach Files on the post composition page, and
  2. copy and paste the following into the "Upload File from your Computer" box:
    C:\Deckard\System Scanner\extra.txt
  3. Click Upload.

What DSS will do:
  • create a new System Restore point in Windows XP and Vista.
  • clean your Temporary Files, Downloaded Program Files, and Internet Cache Files, and also empty the Recycle Bin on all drives.
  • check some important areas of your system and produce a report for your analyst to review. DSS automatically runs HijackThis for you, but it will also install and place a shortcut to HijackThis on your desktop if you do not already have HijackThis installed.

---------------------------------------------------------------------------------------------
 
1 - 2 of 2 Posts
Status
Not open for further replies.
About this Discussion
1 Reply
2 Participants
Last post:
tetonbob
Tech Support Forum
A forum community dedicated to tech experts and enthusiasts. Come join the discussion about articles, computer security, Mac, Microsoft, Linux, hardware, networking, gaming, reviews, accessories, and more!
Full Forum Listing
Explore Our Forums
Windows XP Support Windows 7 , Windows Vista Support Motherboards, Bios|UEFI & CPU Networking Support Laptop Support
Top