Solved

Z@!1.tmp trojan--anyone have success removing this?

Posted on 2008-10-20
5
1,045 Views
Last Modified: 2009-03-03
I keep running into this file when I run security task manager.  Many of the virus scanners have not picked this up and there is only a 1 paragraph blurb on the internet about it which really says nothing.
0
Comment
Question by:OLMECIAN
5 Comments
 
LVL 23

Expert Comment

by:Admin3k
ID: 22771687
Try  Malwarebytes Antimalware http://www.malwarebytes.org/mbam.php

download, install, update & run a full scan


if the infection persists, please download Hijack this , install , perform a scan and post the hijack this log here

http://www.trendsecure.com/portal/en-US/threat_analytics/hijackthis.php


if you  have he physical file, you can check it at http://www.virustotal.com/
to identify what different AV engines detect it as.

hope this helps
0
 

Expert Comment

by:cberinger
ID: 23184480
I had the same problem.  I booted into safe mode and began to kill Processes until I was able to delete the Z@1.tmp.  The Process that seemed to be keeping it alive was an svchost.exe running under the System and using about 16,xxx of Mem.  This is really vague I know and you have to be careful killing Processes, but this is how I was able to remove it.  Hope this helps
0
 
LVL 2

Expert Comment

by:stefmahoney
ID: 23339307
I'm working on a system with this now.  Process Explorer shows it not only involved with 2 instances of svchost but also 16 other processes.  Including iexplore.exe, explorer.exe and Mctray.exe.  It's into a lot of stuff.

I'm still trying to figure out what it does.
0
 

Accepted Solution

by:
OLMECIAN earned 0 total points
ID: 23339462
My bad.... its actually a process for Bomgar which is a remote connection tool such as LogMeIn.  If you have it on your pc it was probably installed by the IT department.  If you run the new version of Security Task Manager it will show you the updated info.
0
 

Expert Comment

by:wizzardz
ID: 23745539
This file is part of the Bomgar Remote Support solution. this file should be signed by Bomgar in newer versions of the software (check file properties)
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VPN is causing router to be non-PCI compliant 4 83
Identity hacked! can I notify FBI? 14 1,150
Xiaomi and MIUI 7 136
How to lock email accounts when notebook stolen 9 73
You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
I've been an avid user and supporter of Malwarebytes Premium Version 2.x for years. It's an excellent product that runs alongside just about any Anti-Virus application without issues. It seems to have an uncanny ability to pick up many things that A…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question