Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Z@!1.tmp trojan--anyone have success removing this?

Posted on 2008-10-20
5
Medium Priority
?
1,052 Views
Last Modified: 2009-03-03
I keep running into this file when I run security task manager.  Many of the virus scanners have not picked this up and there is only a 1 paragraph blurb on the internet about it which really says nothing.
0
Comment
Question by:OLMECIAN
5 Comments
 
LVL 23

Expert Comment

by:Mohamed Osama
ID: 22771687
Try  Malwarebytes Antimalware http://www.malwarebytes.org/mbam.php

download, install, update & run a full scan


if the infection persists, please download Hijack this , install , perform a scan and post the hijack this log here

http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php


if you  have he physical file, you can check it at http://www.virustotal.com/
to identify what different AV engines detect it as.

hope this helps
0
 

Expert Comment

by:cberinger
ID: 23184480
I had the same problem.  I booted into safe mode and began to kill Processes until I was able to delete the Z@1.tmp.  The Process that seemed to be keeping it alive was an svchost.exe running under the System and using about 16,xxx of Mem.  This is really vague I know and you have to be careful killing Processes, but this is how I was able to remove it.  Hope this helps
0
 
LVL 2

Expert Comment

by:stefmahoney
ID: 23339307
I'm working on a system with this now.  Process Explorer shows it not only involved with 2 instances of svchost but also 16 other processes.  Including iexplore.exe, explorer.exe and Mctray.exe.  It's into a lot of stuff.

I'm still trying to figure out what it does.
0
 

Accepted Solution

by:
OLMECIAN earned 0 total points
ID: 23339462
My bad.... its actually a process for Bomgar which is a remote connection tool such as LogMeIn.  If you have it on your pc it was probably installed by the IT department.  If you run the new version of Security Task Manager it will show you the updated info.
0
 

Expert Comment

by:wizzardz
ID: 23745539
This file is part of the Bomgar Remote Support solution. this file should be signed by Bomgar in newer versions of the software (check file properties)
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
This story has been written with permission from the scammed victim, a valued client of mine – identity protected by request.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an anti-spam), the admin…
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…
Suggested Courses

569 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question