Comments for Question and Answer

Comment on Trojan Horse Agent2.ZZG by Sven

Sven — Thu, 19 Nov 2009 00:03:08 +0000

J found Agentt2.ZZG 15/11 with MalwareBytes. It was hidden HP\BIN\ProcessLogger.exe. I run Vista and scan with AVG every day, but AVG didn´t find it.

Comment on System Security Firewall Alert popup by Erin

Erin — Wed, 18 Nov 2009 20:54:02 +0000

This is super annoying!

Everyone is right, as to where to find the virus
C:\Documents and Settings\All Users\Application Data

I had to go into safe mode to delete it (if you can’t get into safe mode, restart your computer and keep pressing F8 until the safe mode comes up)
Once you are in safe mode, I had to type in that c:\ file drive in the “run” button.

Once you get in there, delete it & the folder (about 10 digit folder) and then also go empty your recycle bin.

Restart into normal mode and you should be good to go! It took me 24 hours to figure it out, but that’s where it is!

Comment on E mail address has been intercepted by johnytango

johnytango — Wed, 18 Nov 2009 09:48:41 +0000

You must have a worm that uses a computer as an SMTP server and symptoms are very much what is happening to yours. Update your antivirus program and do a complete scan in Safe Mode.

Comment on Trojan Horse Agent2.ZZG by adamnotsandler

adamnotsandler — Tue, 17 Nov 2009 01:13:25 +0000

This is what I’ve got:
Trojan horse agent2.siq
–c:system volume information_restore{D341….
Trojan horse agent2.siq
–c:hprecoverywizardswr_wizard.exe

Trojan horse agent2.zzg
–c:system volume information_restore{D341….

Trojan horse agent2.zzg
–c:hpbinprocesslogger.exe

PC — HP, windows XP

AVG version — 8.5

I noticed most are using ver 9. I’m still at 8.5 with latest update.

Cheers…

Comment on How to remove Z-Connect Virus by TSM - Swaziland

TSM - Swaziland — Mon, 16 Nov 2009 18:31:51 +0000

Deleted the z-connect connection, added a new cnxtn called z-connect, entered isp details, now i am browsing.

My fear is that as a spyware, assholes may still see into my laptop, so no more businessing on this laptop until i get a true removal tool. Any ideas

Comment on Trojan Horse Agent2.ZZG by christina jones

christina jones — Mon, 16 Nov 2009 12:09:56 +0000

Well this is the email that I received back from HP

“Thank you for contacting HP Total Care.

After reviewing your email, I have understood that you are experiencing the issue with virus.

I regret the inconvenience you have faced in the course. I assure you that I, as a part of HP Total Care, take the ownership of the issue you are experiencing and would try to resolve the issue to the best of my abilities and up to your expectation.

The reason for this issue is virus.

In order to remove the virus I would suggest you to use malware bytes to remove the virus first after that if the issue still persists please download Liveone care for scanning the virus.

Please click on the link given below to download Liveone care:

http://onecare.live.com/site/en-us/default.htm

(The above mentioned URL will take you to a non-HP Web site. HP does not control and is not responsible for information outside of the HP Web site.

)

Please get back to us with your valuable observation, if any issue persists we would continue from there. We are waiting for your response.

If you need further assistance, please reply to this message and we will be happy to assist you further.

It has been a real pleasure assisting you. If you need any further assistance, please feel free to contact us and we will be at your service right away

For information on keeping your HP and Compaq products up and running, please visit our Web site
at:
http://www.hp.com/go/totalcare”

I didn’t think that was too helpful but others might. I was thinking of maybe contacting AVG seeing as it was their product that detected it.

Comment on Trojan Horse Agent2.ZZG by Wanda

Wanda — Sun, 15 Nov 2009 18:43:07 +0000

I found something on the HP site about the ZZG file but nothing on the SIQ. http://h30434.www3.hp.com/psg/board/message?board.id=OSandSW&message.id=13134&query.id=133991#M13134

Comment on Trojan Horse Agent2.ZZG by christina jones

christina jones — Sun, 15 Nov 2009 06:14:31 +0000

I have the same issue. my mum was so worried and rang me to come look. We are running XP on a Hp computer. We apprently have it three times. The process name is: C:\\WINDOWS
system32\cidaemon.exe for all three threats.

2 of the files are the same and have the torjan horse agant2.SIQ ‘infection’ and the other is the 2.ZZG.

I’ve moved them to the virus vault so if anyone here’s anthing back from Hp or gets any info that would be great if they share it =]

Comment on Google Redirect Virus by ?????? ???????? ??????????

?????? ???????? ?????????? — Sun, 15 Nov 2009 02:14:07 +0000

Привет! Видел твой блог давно не работал, а теперь смотрю пашет 24\7\365 с возвращением, кстати не подскажешь что это у тебя за хостинг?
Спасибо, надеюсь ответишь

Comment on Trojan Horse Agent2.ZZG by Brian

Brian — Sat, 14 Nov 2009 19:44:05 +0000

I also got this virus, but it listed three files in:
C:\System Volume Information\_restore{00EFF…

Each one said it was the C:\WINDOWS\system32\svchost.exe process that was running that had the issue.

Is this something that was lurking until today? Or something else?