Zinaps AntiSpyware 2008

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Zinaps AntiSpyware 2008 is a rogue anti-spyware program developed by Zinaps Corporation that poses as a legitimate antispyware program.[1] It attempts to persuade users to buy the software by displaying false scans and popups.

Method of Infection/Variants[edit]

Zinaps AntiSpyware may be downloaded by some trojan horses. Zinaps AntiSpyware belongs to the same family as Awola.[2]

Symptoms of infection[edit]

In a typical infection, Zinaps Anti-Spyware displays an excessive amount of pop-up ads that pushes users to download and purchase the program. The current dialog displayed says the following:[1]

Windows has detected spyware infection.

It is recommended to use special antispyware tools to prevent data loss.

Windows will now download and install the most up-to-date antispyware for you.

Click here to protect your computer from spyware.

When a user clicks on this alert, the Trojan will automatically install Zinaps on the users computer. Once Zinaps has finished installing, it will automatically scan the infected computer and list a variety of infections that can only be removed if the user purchases the software. These infections, though, are either false-positives or fake.[2] Zinaps will also edit the Windows Registry so that it will run when Windows starts.


Zinaps Antispyware is detected in some common Anti-Virus programs, including CA Anti-Spyware, the Norton Family of Security products, Windows Defender, and Malwarebytes' Anti-Malware. As always, a user should only use verified Anti-Virus Programs.[3][4]

The following files are related to Zinaps: wbcpy.exe, zinaps7.exe, These can also be deleted manually.

See also[edit]