What is ZESOFT and how remove it from Registry

G

Guest

After downloading and running some files from a zipped directory pc started
boot and shutdown very slow. Antivirus scan, Lavasoft AdAware, Microsoft
AntiSpyware, Spybot Search & Destroy, Bazooka Adware and Spyware Scanner
found and deleted some ……...wares, incl., ZESOFT, incl., ZESOFT started from
Services.

Re-running mentioned above programs does not show any ZESOFT, but Registry
scan found many ZESOFT keys and values. When I deleted they, they were
deleted, but next scan shows they are restored again. Repeated several times
without any success. ZESOFT are present in Registry and pc still boot and
shutdown slow.

What is this ZESOFT? How remove it from Registry, e.g,??

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ZESOFT\0000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ZESOFT\0000

I’ll appreciate any advice.
Best, L
 
S

Shenan Stanley

i_zuly said:
After downloading and running some files from a zipped directory pc
started boot and shutdown very slow. Antivirus scan, Lavasoft
AdAware, Microsoft AntiSpyware, Spybot Search & Destroy, Bazooka
Adware and Spyware Scanner found and deleted some .....wares, incl.,
ZESOFT, incl., ZESOFT started from Services.

Re-running mentioned above programs does not show any ZESOFT, but
Registry scan found many ZESOFT keys and values. When I deleted they,
they were deleted, but next scan shows they are restored again.
Repeated several times without any success. ZESOFT are present in
Registry and pc still boot and shutdown slow.

What is this ZESOFT? How remove it from Registry, e.g,??

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ZESOFT\0000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ZESOFT\0000
Click to expand...

ZESOFT is crapware..

http://labs.paretologic.com/spyware.aspx?remove=Adware.P2PNetworking
 
R

Rob graham

What is this ZESOFT? How remove it from Registry, e.g,??
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_ZESOFT\0000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ZESOFT\0000

I'll appreciate any advice.
Best, L
Click to expand...

Use HijackThis and post the log to where it tells you.

Rob Graham
 
G

Guest

Thank you for reply.
HijackThis log is below.
P.S. to the initial post. I run all diagnostics both in normal and safe
winxp pro mode.

==============================
Logfile of HijackThis v1.99.1
Scan saved at 11:48:49 PM, on 5/11/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\PROGRA~1\COMMON~1\AOL\111408~1\EE\AOLHOS~1.EXE
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\COMMON~1\AOL\111408~1\EE\AOLServiceHost.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PC Care\Games\freecell.exe
C:\PC Care\PC Care\RegSeeker\RegSeeker.exe
C:\windows\system32\taskmgr.exe
C:\windows\regedit.exe
C:\Program Files\Lingvo\lingvo32.exe
C:\PC Care\PC Care\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} -
C:\PROGRA~1\Spyware Doctor\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} -
C:\PROGRA~1\Spyware Doctor\tools\iesdpb.dll
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common
Files\AOL\1114084021\EE\AOLHostManager.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common
Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [Pure Networks Port Magic]
"C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &
Destroy\TeaTimer.exe
O8 - Extra context menu item: Download all by Free Download Manager -
file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager -
file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager -
file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager -
file://C:\Program Files\Free Download Manager\dlpage.htm
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
C:\PROGRA~1\Spyware Doctor\tools\iesdpb.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.c...ls/en/x86/client/wuweb_site.cab?1115273034218
O17 -
HKLM\System\CCS\Services\Tcpip\..\{315BEF35-A6C7-4CBA-B792-B55CB76A4530}:
NameServer = 205.188.146.145
O17 -
HKLM\System\CS1\Services\Tcpip\..\{315BEF35-A6C7-4CBA-B792-B55CB76A4530}:
NameServer = 205.188.146.145
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH -
C:\Program Files\AVPersonal\AVGUARD.EXE
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online -
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online,
Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany
- C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 - Service: Imapi Helper - Alex Feinman - C:\Program Files\Alex
Feinman\ISO Recorder\ImapiHelper.exe
==============================
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Bargains Buddy - ZESoft driver missed 0
Delete registry keys 3
Error deleting Registry Key 2
Cleaning up after Norton 4
Unable to Delete Registry Acronis LEGACY_TIFS_FILTERS 6
Virus 'W32.Spybot.Worm' identified in file 'wlmsngr.exe' 3
Creating LEGACY_NULL Via Registry Script 3
oops 5

Top