Posts Comments

Zentom System Guard

By admin on July 21, 2011 Leave a Comment

What is Zentom System Guard?

Zentom System Guard is a rogue antivurs client deigned to trick users into purchasing its fake license. It is important to carry out all the necessary steps for proper Zentom System Guard removal as well as ignore every security notification displayed by this malware.

How Did I get infected with Zentom System Guard?

In most cases, Zentom System Guard is spread on infected PCs with the help of additional malicious software such as trojans, backdoors and web based exploit packs. A PC will most likely get infected with this type of unwanted software after its user unknowingly visits infected websites carrying automated exploit systems.

At this point, once the rogue antivirus client has been identified as running on the infected PC it is recommended to take all necessary steps included in this article related to how to remove Zentom System Guard.

 

What is Zentom System Guard Doing to My Computer Right Now?

Zentom System Guard will most likely display false security warnings describing that the PC is infected with many different forms of trojans and viruses. This may be true, as the computer is most likely infected with other forms of malware except Zentom System Guard however the notifications shown by the fake antivirus are all crafted specifically to trick PC users into purchasing its license.

Under no circumstances should you spend money on this rogue security tool. As a matter of fact it is recommended to delete Zentom System Guard as well as any related files that may have been created by this rogue in order to scare you.

Zentom System Guard

Zentom System Guard

» Download Zentom System Guard Removal Software

What Do I Do To Remove Zentom System Guard?

The first step that needs to be followed is to apply the instructions included in the manual Zentom System Guard removal section. By doing so, you will have to stop its running process and delete the main executable from disk in order to prevent Zentom System Guard from ever running again on your system. Last but not least, a full antivirus scan is recommended in order to make sure that no other parasites are affecting your system.

Automatic Zentom System Guard Removal

Online Zentom System Guard Removal Service

computer repair

Remove Proxy Setting so You Can Connect to the Internet Again. Some need this some do not.

Proxy Settings

Zentom System Guard Manual Removal Procedures

The first step you must take in order to remove Zentom System Guard is to stop its main running process:

  • [random].exe

Unfortunately Zentom System Guard has a random name generator used to mask its main executable under a different alpha-numeric string for each install. As a result, there is no fixed file name and we cannot indicate you which file to delete, reason why some other steps will have to be taken before a proper Zentom System Guard removal can be done.

Known File Path Locations

XP:

  • C:\Documents and Settings\All Users\Application Data\[random].exe

Vista / Windows 7:

  • C:\ProgramData\[random].exe

To stop this process you have to reboot into Safe Mode with Networking and browse to the folder path indicated below in this article. Once there, sort the contents of the folder by last modified first so that the files related to Zentom System Guard will be close to the top. Closely examine the names of the top most files and rename to a different extension the one(s) that look suspicious. In this way, once the operating system will be booted into normal more, Zentom System Guard will no longer run as it will not be able to load its main process.

While in Safe Mode, it is recommended to download a copy of Spyware Doctor with Antivirus from our website so that you can install it at any time in order to scan for additional threats that may be affecting the system.

KNOWN LOCATIONS OF THIS VIRUS

Windows XP:

  • C:\Documents and Settings\All Users\Application Data\

Windows Vista / Windows 7:

  • C:\ProgramData\

Once you have deleted the above executable make sure that you run a full system scan using Spyware Doctor with Antivirus. In most cases, even if Zentom System Guard has been disabled, other malicious software may still be present reason why a larger infection may be required to be eliminated.

If you find this threat too hard to remove we recommend that you request the support of a remove computer repair service that can guide you into properly fixing your computer. They will only charge a fee if the problem is fixed completely reason why the guarantee of service is really professional.

Zentom System Guard Registry Removal Procedures

PLEASE NOTE: Editing the registry can cause a series of additional problems if not done properly reason why we recommend that you use PC Health Advisor in order to automatically scan and fix all registry related issues.
Here are the registry traces for your reference only:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe "Debugger" = 'svchost.exe'
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe "Debugger" = 'svchost.exe'
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe "Debugger" = 'svchost.exe'
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe "Debugger" = 'svchost.exe'
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe "Debugger" = 'svchost.exe'
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe "Debugger" = 'svchost.exe'
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe "Debugger" = 'svchost.exe'
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe "Debugger" = 'svchost.exe'
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore "DisableSR " = '1'

Zentom System Guard Directories:

XP

  • C:\Documents and Settings\All Users\Application Data\

Windows 7 / Windows Vista

  • C:\ProgramData\

Conclusion

The removal of Zentom System Guard can turn into a difficult situation, depending on the number and nature of other malware present in the system. It is recommended to attempt a manual removal only if your overal PC experience allows it. In other cases the risk of further operating system damage and data loss is too great to ignore. In this case it is recommended to simply conduct a full system scan using either Spyware Doctor with Antivirus and identify all malware traces in a completely automatic and professional way. Additionally, in the unlikely event that the problem persists, contact a professional computer repair site and request their dedicated assistance.

Filed Under: Virus Removal Tagged With: , , ,

Speak Your Mind

*

RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.