Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

SAAZOD Question


  • Please log in to reply
5 replies to this topic

#1 I_Need_A_Fix

I_Need_A_Fix

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:55 AM

Posted 17 March 2014 - 07:12 PM

I have one laptop that has been infected by the SAAZOD program--the e-crime randomware. I have instructions and will perform those instrcutions shortly. However, my question is I notice on another computer the directory SAAZOD, which could mean that my 2nd computer may be on the way to being locked. On my first computer, I did not notice anything until the computer was locked. I was able to uninstall Firefox that I was using and replace it with Chrome, which works. I cannot manually delete the directory (I have tried). How can I eliminate this program BEFORE it activates?
 
I_Need_A_Fix

Edit: Moved topic from Windows XP to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,086 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:55 AM

Posted 18 March 2014 - 12:01 PM

Hi,

 

Where is the folder located? I.e. What is the file path?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#3 I_Need_A_Fix

I_Need_A_Fix
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:55 AM

Posted 18 March 2014 - 12:44 PM

The folder in the root directory (C:\) under "Program Files". It is labeled "saazod".



#4 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,086 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:55 AM

Posted 18 March 2014 - 03:28 PM

Hi,

 

Look in the control panel under add and remove programs and tell me if you see an entry for SAAZOD Application? Are you familiar with this program?

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#5 I_Need_A_Fix

I_Need_A_Fix
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:01:55 AM

Posted 18 March 2014 - 03:36 PM

Hi,
 
Look in the control panel under add and remove programs and tell me if you see an entry for SAAZOD Application? Are you familiar with this program?
 
xXToffeeXx~


There are no programs listed related to SAAZOD.

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,905 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:55 AM

Posted 18 March 2014 - 04:16 PM

Not all programs show up in Add/Remove Programs or Programs and Features. Some will have their own uninstaller, which can be found in the program's folder. This is by design as some vendors write installation routines so their program will not be included in the Add/Remove list. If the program is not listed in Add/Remove or Programs and Features, look for an uninstall icon (shortcut) from within its program group. Click on Start > All Programs (or Program Files), look for the program folder by name and use the program's uninstaller. If it's not there, the next step would be to open Window's Explorer, manually navigate to the program's folder itself, look for an uninstaller file (i.e. uninstall.exe) and double-click on it to run.

C:\Program Files (x86)\SAAZOD\Uninstall\uninstall.exe

A user at another forum said this about SAAZOD...

SAAZOD is a tool that is included with a number of agents used by a teaming partner that provides managed IT services. Specifically it helps me monitor all the computers on my network to ensure that AV definitions and windows updtates are up to date. Also help monitor event logs network devices for automated notification of any problems.


SAAZOD is developed by Zenith Infotech Ltd , it is also developed by Continuum Managed Service LLC. Continuum Managed Services LLC.

What is SAAZOD
Uninstalling the Zenith version of ShadowProtect
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users