twunk.exe – trojan Scar

February 27, 2011 by NightWatcher
Filed under: Malware 
: Solved!

You should Download Removal Tool here...

The file twunk.exe is identified as the Trojan Program that is used for stealing bank information and users passwords.
To delete twunk.exe we recommend you to use UnHackMe:

Malware Analysis of twunk.exe
Executed: Extrato_Pedencias_Serasa.exe
Removed: twunk.exe. Full path: C:\Program Files\Common Files\twunk.exe

Detected by UnHackMe:

Item Name: twunk
Author: Unknown
Type: Registry Run

Removal Results: Success
Number of reboot: 1

How to quickly detect malware presence?

Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run\twunk
Value: “C:\Program Files\Common Files\twunk.exe”

C:\Program Files\Common Files\1
C:\Program Files\Common Files\twunk.exe

Antivirus Version Last Update Result
F-Secure 9.0.16160.0 2011.02.23 Trojan.Generic.KD.139367
Kaspersky 2011.02.23 Trojan.Win32.Scar.doge
Microsoft 1.6502 2011.02.23 -
NOD32 5899 2011.02.23 Win32/Qhost.OGI


MD5 11979d5e54ef0f2d411710f3a5377ea5

SHA1 cdcdd780075cb80102f5c649b014518d09071eb4

SHA256 f4bdcaa14bf3d0430bdadaf08f2adb1e9e4ff35e1e8acd6c9ba6c3c3f707ef7f


When the program is executed, it creates the following registry subkeys and values:

Keys added:1

Values added:1
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\twunk: “C:\Program Files\Common Files\twunk.exe”

Files added:2
C:\Program Files\Common Files\1
C:\Program Files\Common Files\twunk.exe

Total changes:4

Recommended software:
UnHackMe anti-rootkit and anti-malware
RegRun Security Suite (Good choice for removal and protection)

Recommended: UnHackMe anti-rootkit and anti-malware

Premium software: RegRun Security Suite (Good choice for removal and protection)

Written by

Malware Hunter.


One Comment on twunk.exe – trojan Scar

  1. removal Trojan.scar on Mon, 28th Feb 2011 3:20 pm
  2. THANK YOU a million times over! I used these instructions to rid myself of this trojan with success! I’ve come across this one before, but not to the degree that it wouldn’t let me open my Task Manager or Programs. This was so helpful!!

Tell me what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.