Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I Dont Know What This Is But I Think It's Bad


  • Please log in to reply
13 replies to this topic

#1 brentthing

brentthing

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 12 July 2006 - 09:15 AM

I saw this when i was looking through WINDOWS and saw this i didnt recognise it so i tried to delete it

I want to know if this is a virus

Posted Image

BC AdBot (Login to Remove)

 


#2 Xpert

Xpert

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Location:Sunderland England
  • Local time:01:50 AM

Posted 12 July 2006 - 09:31 AM

Please re-upload the image.

#3 brentthing

brentthing
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 12 July 2006 - 09:33 AM

im sorry i dont know what you mean

#4 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:06:50 PM

Posted 12 July 2006 - 09:35 AM

Associated with BLACKMAL.C WORM.
twunk_32.exe
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#5 brentthing

brentthing
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 12 July 2006 - 09:36 AM

Thank you but do you know how i can get rid of it

#6 Xpert

Xpert

  • Members
  • 97 posts
  • OFFLINE
  •  
  • Location:Sunderland England
  • Local time:01:50 AM

Posted 12 July 2006 - 09:50 AM

On the link tg1911 posted, at the bottom it has a link called -
Removal Instructions: How to remove a Trojan, Virus, Worm, or other Malware

#7 brentthing

brentthing
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 12 July 2006 - 11:00 AM

i actually tryed that twice but there was no registry for that

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,076 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:50 PM

Posted 12 July 2006 - 11:04 AM

If your running Win XP/2000, download and scan with Ewido Anti-Spyware v4.0 in "SAFE MODE".
Print out the Ewido Install and Scan Instructions.

Then perform these online Virus scans:
[Watch the Address bar in IE. You may receive alerts that "This site might require the following ActiveX control...Click here to install...". Click on that alert and then Click Install ActiveX component.]
Trend Micro Housecall Scan
Panda ActiveScan
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 brentthing

brentthing
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 12 July 2006 - 11:29 AM

ok i ran the scan in safe mode and heres the report

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 12:23:12 PM 7/12/2006

+ Scan result:



C:\Documents and Settings\temp1\Cookies\temp1@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\temp1\Cookies\temp1@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\temp1\Cookies\temp1@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\temp1\Cookies\temp1@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\temp1\Cookies\temp1@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\temp1\Cookies\temp1@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\temp1\Cookies\temp1@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\temp1\Cookies\temp1@trafic[1].txt -> TrackingCookie.Trafic : Cleaned.
C:\Documents and Settings\temp1\Cookies\temp1@reduxads.valuead[2].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\temp1\Cookies\temp1@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\temp1\Cookies\temp1@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\temp1\Cookies\temp1@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.


::Report end

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,076 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:50 PM

Posted 12 July 2006 - 11:53 AM

Ewido found and cleaned cookies. So do the online scans.

BTW, anytime you come across a suspicious file your not sure about you can go to jotti.org or to virustotal.com.
Browse to the location of the suspicious file and submit [upload] it for scanning/analysis.
The results of the file analysis you tell you if the file is bad.

For info on legit twain and twunk files, see here.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 brentthing

brentthing
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 12 July 2006 - 12:00 PM

it appears the Twunk and twain files were completely legit

But there is still a problem with the other computer i have and it cant get internet conectivity and nothing works so could you possibly tell me how to fix that

Thanks

#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,076 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:50 PM

Posted 12 July 2006 - 12:16 PM

From a computer with Internet access download Sysclean Package and save it to a usb stick or CD. Then download the latest Virus Pattern Files (lptXXX.zip) and save it to your usb stick as well.

If your running Win XP/2000, also download Ewido Anti-Spyware v4.0 and the Ewido Full database installer with all current ewido signature files from here. Save these to your usb stick. Then print out the Ewido Install and Scan Instructions.

Download WinSockFix from here or here and save to your usb stick. Print out the Winsock Repair Tutorial
Tutorial with graphics

Transfer WinSockFix, the Sysclean Package, Ewido and the definition files to the infected computer. Install Ewido following the instructions you printed out but do not perform a scan just yet.

Then follow the instructions you printed for using WinSockFix.

For the Sysclean Package do this:
1. Create a new folder on drive "C:\" ("C:\New Folder") and rename it Sysclean.
2. Place the sysclean.com inside that folder.
3. Extract the lptXXX.zip pattern file into the same folder you created for sysclean.com.
4. Close all open applications and DISABLE your current anti-virus software. Some anti-virus programs such as Avast will alert you to a virus attack when running sysclean so it's best to disable them first.

Reboot in "SAFE MODE" and perform a scan with Ewido, again following the instructions you printed out.

Then open the Sysclean folder and double-click on sysclean.com to run. It will take some time to complete. Be patient and let it clean whatever it finds.

Exit when done, reboot in normal mode and re-enable your anti-virus program.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#13 brentthing

brentthing
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:07:50 PM

Posted 12 July 2006 - 03:06 PM

i ran the programs and followed the directyions (they solved many problems) but i still ant get the internet

Just a reminder my computer has WIRELESS INTERNET sorry i forgot to mention that earlier

#14 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:07:50 PM

Posted 12 July 2006 - 05:22 PM

If you are using XP (with SP2) open your control panel and run the Wireless Network wizard.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users