ZipZapPromos Adware

Not much is known about the Adware Program called ZipZapPromos.  It delivers pop-up advertising for select companies.  It is assumed that it infects computers through peer to peer (P2P) file sharing, as some associated registry keys involve P2P file sharing autostart programs.  The most frequently cited P2P file sharing site for ZipZapPromos infections is  Kazaa is notorious for including adware as part of their software bundles.

If you have been infected with ZipZapPromos, it is probably from P2P file sharing.  This is generally considered to be an unsafe browsing practice, and should be avoided if possible.  You should also tighten up your browser’s security settings.  This can prevent most adware and spyware infections.

SpyZooka can quickly and easily remove ZipZapPromos.

Associated Files:
P2P Networking.exe, hupstlqk.exe, idctup20.exe, wmnshl.exe, msedpb.exe


Registry Files:


R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = http=
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *; *; *.images; *; *;; 64.13 6.21.30;;;;;;;; localhost ; *; *; *; *; *;; liveup;; *; *;; <local>
O4 – HKLM\..\Run: [plhsqcmfizwt] D:\WINNT\system32\hupstlqk.exe
O4 – HKLM\..\Run: [P2P Networking] D:\WINNT\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 – HKLM\..\Run: [ivrrzbomqu] D:\WINNT\System32\hupstlqk.exe
O4 – HKLM\..\Run: [intdctrr] D:\WINNT\system32\idctup20.exe
O4 – HKCU\..\Run: [ZwpFRXc5R] wmnshl.exe
O4 – HKCU\..\Run: [msmc] D:\WINNT\system32\msedpb.exe

Download Free Scan

Leave a Reply

Your email address will not be published. Required fields are marked *