Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer infected with Zentom System Guard


  • Please log in to reply
3 replies to this topic

#1 White_Knight

White_Knight

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:10:00 PM

Posted 09 October 2011 - 08:39 AM

Last week, my computer became infected with the Zentom System Guard fake antivirus program. I've been hit with fake antiviruses before, but I've always been able to remove them using solutions that I've found here at BleepingComputer and elsewhere. This time, and this program, is different. Here's a list of programs that I've tried, and what's happened.

Rkill: Program starts, but hangs if used in normal mode, and when used in safe mode, doesn't find anything to stop.
Malwarebytes: Program will not work properly in either normal or safe modes, and has refused to work properly since even before this. It begins scanning, but then shuts off after less than half a minute. When I try activating the program again, it tells me that I don't have permission to access it. I've tried reinstalling it and going through it again, but have gotten the same result each time.
Combofix: In normal mode, the program will activate, but just before it begins its' scan, it gives an "access denied" message to me. It will scan in safe mode, but hangs when trying to create a log of the session when it reboots the computer into normal mode.
Process Explorer: It's a pain to deal with Zentom processes in Task Manager, so I downloaded Process Explorer. I've tried twice to use it. A program window opened, then immediately closed. When I tried activating it again, it told me that I didn't have permission to access it. This was in safe mode, and I doubt that it'd work any better in normal mode.
PC Tools antimalware program: Haven't tried in normal mode. In safe mode, the program will activate, but tells me that I need to reactivate it to use it. When I try, it tells me that I can't. I can't currently use any part of the program, so I uninstalled it after a couple of attempts.

Zentom has left me open to other things, such as a Google redirect virus. I already had one, but it was manageable. Now I have at least two. However, as per forum rules, I won't go further in addressing the issue in this thread unless asked.

As for my computer, it's an HP Compaq nc8230 laptop which is currently running Windows XP SP3, and I feel that I should note that the dvd-rom unit that's currently installed does not work. I can replace it if absolutely necessary, but I'd have to pay for a new unit, so I'd prefer solutions that don't involve having to use discs.

BC AdBot (Login to Remove)

 


#2 nmbgeek

nmbgeek

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:00 PM

Posted 09 October 2011 - 09:12 AM

MOD PLEASE DELETE

Edited by nmbgeek, 09 October 2011 - 09:18 AM.


#3 nmbgeek

nmbgeek

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:00 PM

Posted 09 October 2011 - 09:17 AM

PLEASE DELETE

Edited by nmbgeek, 09 October 2011 - 09:18 AM.


#4 TheShooter93

TheShooter93

    Cody


  • Malware Response Team
  • 4,792 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Orlando, Florida
  • Local time:10:00 PM

Posted 13 October 2011 - 01:00 AM

With the information you have provided I believe you will need help from the malware removal team. I would like you to start a new thread HERE and include a link to this thread.

Please make sure that you read the information about getting started before you start your thread.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

CCNA R&SCCNA Security | Network+  |  B.S. - Information Technology | Cyber Security Engineer

If I am helping you and have not replied within 48 hours, please send me a private message.

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users