Once the program is downloaded and installed it will display an alert that states it is a Windows Automatic Update that prompts the user to install a System Security Pack Upgrade for Windows. This fake security update is titled System Security Pack 2010.78.932 (Zentom System Guard Upgrade; KB904067) and does nothing but start the Zentom System Guard program on the user's computer.
Once started it will scan the user's computer and state that there are numerous infections present, but will not remove any of them until the user purchase the program.
While Zentom System Guard is running it will also display fake security alerts that are crafted to make it seem that your computer is under attack by a remote user or infected with a variety of different computer infections. The text of these alerts include:
Infections on your PC can cause:
- Applications won't start
- Unwanted advertising displaying
- Loss of Internet communication
- Lost documents and settings
- Some files can disappear from PC
- You need registered version of Zentom System Guard to remove these infections.
Click "Remove threats" to activate protection and eliminate these security hazards.
Trojan.Spy threat has been detected.
This threat module advertises websites with explicit content. Be advised of such content being possibly illegal. Please click button below to locate and remove this threat now.
Warning! Removed attack detected!
Zentom System Guard has detected that somebody is trying to stole Your private data remotely via Trojan.Win32.Generic!BT.
Transfer for Your private data via internet will start in: 10 seconds
We strongly recommend You to block attack immediately.
Zentom System Guard - Hacker attack detected
Your computer is subjected to hacker attack. Zentom System Guard has detected that somebody is trying to transfer Your private data via internet. We strongly recommend you to block attack immediately.
Firewall file transfer detected
Hidden file transfer to remote host was detected
Zentom System Guard has detected that somebody is trying to transfer Your private data via internet. We strongly recommend you to block attack immediately.
Warning! Threat detected!
Threat module detected on your PC!
Zlob.Porn.Ad threat has been detected. This threat module advertises websites with explicit content. Be advised of such content being possibly illegal. Please click button below to locate and remove this threat now.
Network intrusion detected!
Warning! Network attack detected!
Process is trying to steal your passwords listed below. It is highly recommended to block this threat now.
Your computer is being attacked from a remote PC.
Attack from: 126.96.36.199:34630
Protection Center Alert
To help protect your computer, Zentom System Guard has blocked some features of this program
Zentom System Guard has detected unauthorized activity, but unfortunately trial version cannot remove viruses, keyloggers and other treats. Your personal data under serious risk. It is strongly recommended to register Your copy of Zentom System Guard and prevent intrusion for future.
Do You want to block this suspicious software?
Alert level: High
Description: It is highly recommended to remove this threat from your PC