Computer Help forum

General discussion

ad-w-a-r-e.com and zestyfind.com problem

Hi. I'm a new user here. Please advice me on my computer problem.

Lately, I've been getting a lot of ad-a-w-a-r-e.com and zestyfind.com pop-ups whenever I use IE and Mozilla Firefox. I've used Spybot, ewido, TweakNow RegCleaner and Ad-Aware Personal Edition but nothing works. Here is my HijackThis log:-

------------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 9:08:40 PM, on 1/20/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\windows\Explorer.EXE
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\windows\SOUNDMAN.EXE
C:\windows\sm56hlpr.exe
C:\Program Files\Elantech\Ktp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\TPPALDR.EXE
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\windows\system32\LSASS.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\windows\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\WordWeb\wweb32.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\o2flash.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Real\RealPlayer\realplay.exe
C:\WINDOWS\system32\notepad.exe
C:\windows\system32\NOTEPAD.EXE
C:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\ms\msntb.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [KTPWare] C:\Program Files\Elantech\Ktp.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [TPP Auto Loader] C:\WINDOWS\TPPALDR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [Rloih] C:\Program Files\Jopofkw\Mxmdktv.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [winsync] C:\windows\system32\kwikpy.exe reg_run
O4 - HKLM\..\Run: [Microsoft Office] C:\windows\system32\msoff.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Startup: WordWeb.lnk = C:\Program Files\WordWeb\wweb32.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\wweb32.dll/lookup.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: browsela - C:\windows\system32\browsela.dll
O20 - Winlogon Notify: igfxcui - C:\windows\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: msupdate - msupdate32.dll (file missing)
O20 - Winlogon Notify: Telephony - C:\windows\system32\o0660ajsedo60.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\STARDOCK\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

------------------------------------------------------


Please tell me the neccesary things to do because this problem had cause my computer to be running slow. I do not want to reinstall Windows all over again.

Thanx very much! Happy

Discussion is locked
You are posting a reply to: ad-w-a-r-e.com and zestyfind.com problem
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: ad-w-a-r-e.com and zestyfind.com problem
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
The only help I can offer

In reply to: ad-w-a-r-e.com and zestyfind.com problem

when traditional spyware remover programs are not cutting it there are very limited options. 1. Norton internet security 2006 has a very good spyware cleaner in it but it may be an expensive program to buy. 2. It sounds to me that the reason why it keeps comming back is that it has changed your browsers start page so that everytime you open your browser you are getting the spyware again and again. you can maybe try and find the site that the spyware comes from and see if they have a removal or goto nortons website and it may have detailed info on the registy values to delete to get rid of it.
My best advice and the option I feel that you should use is to just start fresh. Save any nessissary info like documents and pictures and format your computer and reinstall windows on it. Spyware is a ***** but looks like we have to deal with it. Sorry

Collapse -
Also

In reply to: The only help I can offer

Check out the processes that run at start up in 'msconfig' or try using windows services only, and add the others in one by one until you find the culprit.

Collapse -
Maya, Your HijackThis Log..

In reply to: ad-w-a-r-e.com and zestyfind.com problem

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.