Tuesday, July 19, 2011

Remove Zentom System GuardRemove Zentom System Guard

Remove Zentom System Guard
Zentom System Guard is a fake antivirus program which intend to urge the user whose computer is infected by Zentom System Guard to purchase the full version of Zentom System Guard. Zentom System Guard produces fake alert in order to cheat the user. Zentom System Guard installs into the computer without the confirmation of the user and configure itself to start automatically when windows boot. Zentom System Guard will then scan the computer and state that there are many malware in the computer and ask the user to purchase full version of Zentom System Guard to remove all the malwares.

Zentom System Guard can be removed by stopping its processes and the user should remember to kill the file. The registry settings should be restored by following the removal guide below.

Zentom System Guard should be removed immediately!

Zentom System Guard Removal Guide
Kill Process
(How to kill a process effectively?)
[random].exe
nv716saver.exe
KB2721125.exe
KB2692265.exe

Delete Registry
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "[random]"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[random]"
HKEY_CURRENT_USER\SOFTWARE\ZENTOMSYSTEMGUARD\ZENTOM SYSTEM GUARD\
HKEY_CURRENT_USER\SOFTWARE\ZENTOMSYSTEMGUARD\
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ZENTOM SYSTEM GUARD\
HKEY_CURRENT_USER\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\

Remove Folders and Files
%USERPROFILE%\Start Menu\Zentom System Guard.lnk
%USERPROFILE%\Start Menu\Programs\Zentom System Guard\Uninstall.lnk
%USERPROFILE%\Start Menu\Programs\Startup\Zentom System Guard.lnk
%USERPROFILE%\Start Menu\Programs\Zentom System Guard\Zentom System Guard.lnk
%TEMP%\WER16.tmp.dir00\appcompat.txt
%TEMP%\2AE6AA.dmp
%TEMP%\WER15.tmp.dir00\appcompat.txt
%TEMP%\WER14.tmp.dir00\appcompat.txt
%TEMP%\WER13.tmp.dir00\appcompat.txt
%TEMP%\WER14.tmp
%TEMP%\44d18f1b51a1182dac79e4320ec31538310a8c5f
%TEMP%\2A8F24.dmp
%APPDATA%\205BA7C8FC5F7E32A2A4797AFBB34F61\nv716saver.exe
%APPDATA%\205BA7C8FC5F7E32A2A4797AFBB34F61\local.ini
%APPDATA%\Adobe\plugs\KB2721125.exe
%APPDATA%\Microsoft\Internet Explorer\Quick Launch\Zentom System Guard.lnk
%APPDATA%\Adobe\plugs\KB2692265.exe
%APPDATA%\205BA7C8FC5F7E32A2A4797AFBB34F61\hookdll.dll
%TEMP%\2AD39F.dmp
%TEMP%\WER13.tmp
%TEMP%\2A9473.dmp
%TEMP%\2B88A7.dmp
%TEMP%\FY11.tmp
%TEMP%\WER15.tmp
Posted by Olzen at 12:03 AM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)