Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Xoftspy Detecting Zipclix


  • Please log in to reply
3 replies to this topic

#1 logan5

logan5

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:58 AM

Posted 04 February 2007 - 12:57 PM

This is my first post here, so I'll try to do it right.

Running XP/SP2 Pro / 2.0 AMD / 512mb. Dual Boot XP / Linux
I do not use system restore (turned off). All windows updates current

While getting rid of another problem some time back, I tried a new Spyware program called Xoftspy. When running a scan with Xoftspy during the scan it stops on a directory (Program Files\zipclix) and sits there for nearly a minuet. Then continues it's scan finding nothing but some cookies.

If I run the scan in "safemode" then it hangs and won't continue till I hit abortscan.

I have tried finding this directory with no luck. I have set options to show hidden files, system files, and have file extensions set to show. It never detects anything to delete/remove other than stopping on that directory and then proceeding. Is this a "false" reading? Or is there something else I can do to find and rid myself of it.

Machine running fine except for this "detection?".

Nothing irregular detected in:
Hijackthis
AVG Free
Ad-Aware
Pest-Patrol
ScanSpyware
SpySweeper
SpyBot search and destroy
The Cleaner
Only Xoftspy hangs on this zipclix directory.

Any suggestions? need more info?

Ron

BC AdBot (Login to Remove)

 


#2 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:03:58 AM

Posted 04 February 2007 - 01:34 PM

I see you mentioned using HijackThis.
Have you been trained in the use of HijackThis?
You should never attempt to fix anything using HijackThis, until someone who is experienced at reading the log outputs, has a chance to review it.
Fixing the wrong items can make your computer unbootable.

Spaces, extra characters, spelling, file location, plus numerous other subtle changes, all make the difference between a good, or bad, file entry.

Removing entries in HJT before the problem is properly identified, and correct removal instructions posted, can make the problem undetectable to other detection and removal tools.
Hijack this should only be used to clean up the entries left behind, after you have properly removed the offending program, file, trojan, worm, hijacker, etc.
And this usually requires help.

I suggest you post a HJT log for our Team to examine.
They'll take you through the fix, step by step.

Once you post your log, don't make any changes to your system, as that could change the results of the posted log, making it more difficult to properly clean your system.

Read Preparation Guide for use before posting a HijackThis Log.
Please read, and follow, all directions carefully!!!

Then, run a log, and post it in the HijackThis Logs and Analysis forum, >at this link<.
Do not, fix anything, yet.
A member, of the HJT Team, will help you out.
It may take a while to get a response, because the HJT Team are very busy. Please, be patient, these people are volunteers. They will help you out, as soon as possible.

NOTE:
Once you have made the post, please, DO NOT make another post in the HJT forum, until it has been responded to by a member of the HJT Team. The first thing they look for, when looking for logs to reply to, is 0 replies. If you make another post, there will be 1 reply. The team member, glancing over the replies, might assume someone is already helping you out, and will not respond. So, just make your post, and let it sit there, until a team member responds. This way you will be taken care of, in the most timely manner.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#3 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:10:58 AM

Posted 05 February 2007 - 06:07 AM

CheckSpyware guide




Program that delivers advertisements on your PC.

Note that many websites have their own advertising, unrelated to adware.

Adware is any software application in which advertising is displayed while the program is running. The authors of these applications include additional code that delivers the ads, which can be viewed through pop-up windows or through a bar that appears on a computer screen and sometimes through text links or in integrated search results. Adware may or may not track personal information. It may also gather information anonymously or in aggregate only. Users should check the EULA and Privacy policy to ensure if the adware on their machines conforms to their standards.


Do the following :
Download and scan with SUPERAntiSypware Free for Home Users

* Double-click SUPERAntiSypware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Udates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
* When done, select "Scan for Harmful Software".
* There are three scanning options. Choose "Perform Complete Scan" and click "Next".
* When done, a Scan Summary will appear with potentially harmful items that were detected. Click "OK".
* Make sure they all have a checkmark next to them and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* Click Preferences and then click the statistics/logs tab.
* Click the dated log and press View log. A text file will appear so you can see the results.
* Select close to exit the program.
* Scan in SAFE MODE

and post back the result.

#4 fozzie

fozzie

    aut viam inveniam aut faciam


  • Members
  • 3,516 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Ossendrecht/The Netherlands
  • Local time:10:58 AM

Posted 05 February 2007 - 06:48 AM

I see you also have posted a HJT log. Please do not make any changes to your system. Any mod please close this thread.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users