ZIPZAPPromos

I can't get rid of the zipzappromos pop ups. I have run all the spyware and antivirus software mentioned on your site but still get the pop ups. Help

 

The programs I ran were
Ad-Aware SE.......
CCleaner
Spybot...............
SpywareBlaster...
McAfee AVERT Stinger
CWShredder
Kill2me.
about:HSRemove........

 

see attached logfile

 

Scan with HijackThis and Check the Boxes for the following:

Make sure All Browser Windows are Closed when you Click FIX.

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://hsremove.com/done.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

O4 - HKCU\..\Run: [Instant Access] rundll32.exe EGDACCESS_1058.dll,InstantAccess

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} -%windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1058_XP.cab

Again, make sure All Browser Windows are Closed when you Click FIX.

NOW:
Please boot into Safe Mode with the Viewing of Hidden Files & Folders Enabled

NEXT:
Run CCleaner and Spybot S&D and have Spybot fix what it finds.
Note: Dont forget to update Spybot S&D by selecting "Search For Updates"

Then, as an added precaution, Go to Start > Run and type: cleanmgr and then click OK. Make sure the boxes for these are checked:
Temporary Files
Temporary Internet Files
Recycle Bin

And Click OK.


Reboot to Normal Windows , Scan with HijackThis and attach the new log.
Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now.

Good Luck!

 

Followed your instructions with no problems. Still have pop ups from ZIPZAP- mostly porn. Attached is my new log after the steps you posted. Any further help would be greatly appreciated.

 

Please download, install, and update: Spy Sweeper
Then run a full scan with Spy Sweeper and fix what it finds. Post the log from Spy Sweeper as an attachment. Now boot into safe mode and run Spy Sweeper again. Save the log again. Reboot in normal mode and post both SpySweeper logs.

While in Safe Mode, scan with HJT and have it fix the below entries:

O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)

 

I ran Spy Sweeper and attached is the first log file. The 2nd in safe mode didn't turn up anything. I am still getting the pop ups.

 

Bunch of cookies I noticed in that log. Run CCleaner and that should take care of that. Lets rule out something before we continue.

Download the Generic Detection Tool - NT/2000/XP


NOW:

Unzip the Generic Detection Tool to a safe folder of your choice and run "find.bat" - Allow it as much time as it needs to run. You may get an error message of "File Not Found," but just let it go.

The tool should generate a long text file. Attach this log as an attachment to your post.

 

Ran CCleaner and ran the BAt find - see attached log file. One note- I still get the pop ups but they only show the shell of the page and do not load the images only the background.

thanks

 

That log is clean, now lets run on more program before continuing.

Download and run Ad-Aware SE 1.05
(Be sure you get the updated ref file)

After you run the scan, remove all found infections. Reboot and post a fresh HJT log and let me know the results from the scan.

 

I ran the AD Aware freeware personal SE 1.05. It found 3 critical items. I quarentined them and rebooted. Attached is a new HJT log. I still get the pop up but again- it doesn't load completely.

Thanks

 

Download and install Microsoft® Windows AntiSpyware during the install make sure you get any updates.

Please make sure ALL Browser Windows are Closed.

Now allow the Microsoft Antispyware program to run a full scan. After it completes, reboot again in normal boot mode and tell me how things are running.

 

Completed the scan- found two bugs that were ?dialers? . Still get the pop ups from zipzap.

Alan

 

Did you have Spyware Definition Version: 5717 installed? If so, procede with the next step.

Please download "StartDreck", from here: http://www.niksoft.at/php/dl.php?f=startdreck.zip

Unzip to its own folder and start the program,
Press 'Config'
Press 'Unmark All'
Check the following boxes only:
Registry -> Run Keys
System/drivers> Running processes
Press 'Ok'
Press 'Save' and select the location to save the log file
(default is the same folder as the application)

Please attach the log in this thread.