1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Tb_ani~1.exe

Discussion in 'Windows XP' started by Warped, Oct 16, 2003.

Thread Status:
Not open for further replies.
Advertisement
  1. Warped

    Warped Thread Starter

    Joined:
    Oct 16, 2003
    Messages:
    3
    Hello, All;

    I am new to this group, and of course, joined with the intent of asking a question. So, here it is.

    I have PC's on my network that are starting to get an error message indicating that the above file (or one of its components) cannot be found. From some searching I did through Google, I was able to determine that this might be virus related, but nothing concrete. Does anyone have any info on this, including resolutions? Any help is appreciated.

    Thanks.
     
  2. pileyrei

    pileyrei

    Joined:
    Sep 16, 2003
    Messages:
    594
    Hi

    Havent seen this virus/file before.
    Has anything gone "funny" on your pc?

    Do a search on your pc for the file. Where is it located? Is it under a normal system file?

    Things to try:

    1. Have your pc scanned free online: http://housecall.trendmicro.com/

    2. Download Spybot from www.downloads.com

    3. Download Hijackthis from...? somewhere and post a log here....someone will know if any bad shows!


    Good luck

    Pileyrei
     
  3. gotrootdude

    gotrootdude

    Joined:
    Feb 19, 2003
    Messages:
    8,812
    It's accociated with some animated cursor programs that contain spyware. Spyware are programs installed unknowingly on the PC in order to allow spying on the habits of the user. We can remove the spyware, but you need to download and run HijackThis from http://www.lurkhere.com/~nicefiles/ on one machine at a time and post the log results.. From there we can inform you what to remove..
     
  4. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    "Tutorial bridge" is the programs name but as root says,its definately spyware.......we have seen a few instances and none of the posters had installed it,so posting a H/T log is a good idea.
    Read the instructions for H/T before posting and post it in the security forum.
    ;)
     
  5. Warped

    Warped Thread Starter

    Joined:
    Oct 16, 2003
    Messages:
    3
    Unfortunately, my companies policies, and HIPPA guidelines, prohibit me from posting the logs here.:mad: Do you think that editing the registry would suffice?
     
  6. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    Difficult to advise as there are so many things that can be seen with HijackThis that you could not possibly find with anything else.
    But the file itself should be easy to find and delete.
    But if you click on the "here" link at the bottom of my post you will find programs that will help.

    ;)
     
  7. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,196
    First Name:
    Derek
    Well in that case, your company should examine it's policies carefully and you should have your company's computer technical support look at all the computers straight away,

    In every case that I have seen that file recently, there has been at least one trojan that has the potential to leak confidential information.

    If your company is so concerned with privacy & security, then it should be impossible for these parasites or trojans to be installed on the comapany's systems.

    The ONLY way that spyware/trojans or viruses get installed on the computer is either due to lax & incorrectly set security settings or by allowing users to install applications or programs them selves.

    If your company's policies are as strict as you make them out to be then you should be prohibited from installing any software yourself which would include automatic cleaning programs such as those in $teve's signature.
     
  8. Warped

    Warped Thread Starter

    Joined:
    Oct 16, 2003
    Messages:
    3
    Thanks for your reply, dvk01. I do appreciate the comments. However, I think that you have misunderstood my situation a little. I am part of my companies computer technical support, albeit the most junior member.

    I would most readily agree that my companies security practices are obviously not what they should be, or we would not be having the issues we are. However, that is no excuse for me to go along breaking those guidelines myself. Furthermore, I do not feel this is the place to discuss this, nor was that the reason for my posting here. I thought that this would be a good place to gain information regarding what I was potentially up against, as well as some recommendations from my peers as to what I might do to address the issue. I also do not appreciate your tone in the statement, "If your company's policies are as strict as you make them out to be...". Are you daft? Do you think that i have nothing better to do than post at tech sites asking questions and then provide no answer like some sort of tease? Get over yourself.

    I do appreciate everyone else's attempt to help rather than critique. I was able to at least edit the register and remove the entries that I found, which I followed up with Stinger. Everything seems to be fine, but again, if anyone has any information regarding this 'bug', please let me know.
     
  9. $teve

    $teve

    Joined:
    Oct 9, 2001
    Messages:
    9,396
    Your welcome...............Any time.
    Actually Derek pm`d me Asking whether I thought he`d been too Hard on you..................And I said no:D
    Those of us at T.S.G know some peoples definition of "Tech support" is a little diferent than our own.
    This is indeed the best place for T/S on the net and like I said,your very welcome to glean as much as you like here.

    Good luck;)
     
  10. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,196
    First Name:
    Derek
    There is absolutely no way anyone can advise you on what to fix if we don't know the problem.

    As I said earlier this TB-ani file has been seen in every case with known trojan files so without looking at a log of the system we can't determine whether "editing the registry" and just removing tbani references willl cure the problem , I personally doubt it, because with these trojans there are other start ups and entries not by the same name.

    Also with many of these parasites just removing the registry start up entry without removing ALL files associated with it will not solve the problem, a user can & most likely will click on it's exe file and run it manually. The .exe file most probablu=y is called by a totally different name to the registry start up entry for tb-ani
     
  11. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/172333

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice