ZestyFind is a spyware program

 ZestyFind is a spyware program that disguises itself as a Browser Helper Object, or BHO.  It appears to the user as a Browser Toolbar which links to gambling, adult dating, travel sites and others.  It has Browser Hijacking capabilities, where it resets your home page and redirects your browsing to sites of its choosing through its home page at zestyfind.com or look2me.com.  It can also generate pop-up advertising, often focusing on adult content.  It also monitors your browsing, but only slightly delivers custom advertisements (it sends advertisements that are only vaguely related to your browsing history.)

You may have gotten infected by ZestyFind by visiting its home pages or by visiting other unsecured sites like peer to peer file sharing groups, downloading torrents, freeware or shareware.  These browsing habits are considered risky and should be avoided.

You can completely remove ZestyFind and all of its files by using ZookaWare PC Cleaner.

Also Known As :

 

Look2me
ADW_ZESTYFIND.A Adware.Zestyfind Adware.Winfavorites Trojan.W
Adware:W32/Zestyfind
Adware.Zestyfind

 

 

Zestyfind Files:

msg117.dll
zestyfind.dll
%SYSTEM%ankctrs.dll
%SYSTEM%aoctres.dll
%SYSTEM%axtiveds.dll
%SYSTEM%po4svc.dll
iconXX.exe (where XX is a random alphanumeric combination)
69.20.16.183 auto.search.msn.com
69.20.16.183 search.netscape.com
69.20.16.183 ieautosearch
127.0.0.1 igetnet.com
127.0.0.1 code.ignphrases.com
127.0.0.1 clear-search.com
127.0.0.1 r1.clrsch.com
127.0.0.1 sds.clrsch.com
127.0.0.1 status.clrsch.com
127.0.0.1 clrsch.com
127.0.0.1 clr-sch.com
127.0.0.1 sds-qckads.com
127.0.0.1 status.qckads.com
Registry Keys:

DDFFA75A-E81D-4454-89FC-B9FD0631E726
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDFFA75A-E81D-4454-89FC-B9FD0631E726}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\Notify\Guardian
HKEY_CLASSES_ROOT\CLSID\{DDFFA75A-E81D-4454-89FC-B9FD0631E726}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ShellExtensions\Approved\{DDFFA75A-E81D-4454-89FC-B9FD0631E726}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Guardian
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWPAEvents
HKEY_CLASSES_ROOTCLSID{1C563581-13EB-42A5-BAEA-4D08BB9BFAFE}
HKEY_CLASSES_ROOTCLSID{3BEEC1BF-3EA3-48AE-82DF-AE7BA6F92F4F}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyWOW
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsUser AgentPost Platform|{BCFBD005-CEF6-4348-91F6-2D3FE878EC6B}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShell ExtensionsApproved|{1C563581-13EB-42A5-BAEA-4D08BB9BFAFE}
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShell ExtensionsApproved|{3BEEC1BF-3EA3-48AE-82DF-AE7BA6F92F4F}
HKEY_USERS*SoftwareMicrosoftInternet ExplorerMain|*|*.zestyfind.com*
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifySetup|*|*6co4svc.dll
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifySetup|*|*6ho4svc.dll
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifySetup|*|*6po4svc.dll

Download Free Scan
ZookaWare runs on Windows Vista, 7, 8 and 10. It has no ads, popups or bundled software and fully uninstalls by clicking Start > All Programs > select ZookaWare and click Uninstall.

Leave a Reply

Your email address will not be published. Required fields are marked *

css.php