Solved

best way to remove the pnt.com virus/trojan in my PC

Posted on 2008-10-16
5
641 Views
Last Modified: 2013-11-22
On the attached image is an attrib from command prompt. Please assist me on ways to remove the trojan since several Antivirus has been unable to assist.
untitled.JPG
0
Comment
Question by:karechio
5 Comments
 
LVL 8

Expert Comment

by:-Mystique-
ID: 22739067
This apparently new malware sure didn't waste any time in victimizing you!
Unfortunately, very little appears to be known about it yet.  PREVX appears at this time to be the only site that has information on it.  
http://www.prevx.com/filenames/X493243875405717633-0/PNT2ECOM.html
http://spywaredlls.prevx.com/spywaredlls.asp?FXC=AIEG045113084
First seen: Oct 15 2008 (GMT)
http://spywaredlls.prevx.com/spywaredllsmore.asp?FXC=AIEG45113084

There is a possibility that pnt.com is part of a bigger problem.
I would suggest you download hijackthis and run it and then have the log analyzed, to see what else there may be on your pc that is involved with your infection.

Hijackthis is freeware, download at:
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis

Online hijack this log analyzers
http://hjt.networktechs.com/
http://www.hijackthis.de/
http://www.prevx.com/hijackthis.asp
http://www.help2go.com/component/detective/
http://www.2-spyware.com/hjt.php

FREEWARE HIJACK THIS READER

http://www.hollmen.dk/content/view/69/31/
This is the only Hijackthis log analyzer I've ever seen that you can DOWNLOAD and run to analyze HJT logs. And its FREEWARE.

http://www.majorgeeks.com/HijackReader_d5385.html
Hijack Reader can also be downloaded here, and the description here probably is more informative.
Here are some key features of "HijackReader":
· Automatically reads HijackThis logs
· Gives advice on what to fix
· Can output the report to text (txt) or web (html) format
· The web report includes a link, for quick Google searching, based on the object in question
· Requires no installation or DLL files. Does not write any settings to the registry or create any files, unless the user wants it to
· Completely portable. Can be run from a USB-flash drive, CD, etc.
· No internet connection required (unless you want to check things using the Google function)

Also offered at Merjin, the original developer of hijackthis, s a freeware StartupList program, which will show you every process that runs on startup.
StartupList: A simple tool that lists all and every auto starting program on your system. You might be surprised what it finds, this is way better than Msconfig. Commonly used to troubleshoot malfunctioning systems, trojan/viral infections, new spyware/malware breed and the likes.
http://www.merijn.org/programs.php


If you want to use an excellent freeware anti-spyware program, I recommend Spybot Search & Destroy.
http://www.safer-networking.org/
Spybot also has an extra feature called Tea Timer, that offers excellent real-time protection. Tea Timer alerts you to any attempts to change or modify your system and settings, and allows you to either permit or block the changes.
Safer Networking also has some other very useful freeware apps for analyzing your files, system, running processes, network, etc.

A HOSTS FILE and HOSTFILE MANAGER FREEWARE will also do amuch to help prevent you from exposure to a lot of malware and hijacker tactics.
Free hostfile manager
HostsMan
http://www.abelhadigital.com/
freeware hosts file manager and editor

Best free hostsfile list I've seen (available here)
Blocking Unwanted Parasites with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm

Below is the reason I suggested you to run hijackthis and have the log analyzed.
This is a link to a page translated through google, from Spanish to English, which shows a discussion of
and a hijack-this log result where pnt.com was part of a bigger problem.

http://translate.google.com/translate?hl=en&sl=es&u=http://www.forospyware.com/t204573.html&sa=X&oi=translate&resnum=1&ct=result&prev=/search%3Fq%3Dmalwarebytes%2B%2Bpnt.com%26hl%3Den%26sa%3DG

After all this, if you still haven't found a solution, this site may be able to help you.
http://www.spywareguide.com/product_list_full.php
The SpywareGuide List of Products is one of the single largest source of Greynet intelligence. This is a continual list of spyware, adware, malware, keyloggers, trojans, dialers and more. If you are looking for information on a product that you have found on your PC, this is the place to start.
If you have discovered something puzzling or a strange product you do not recognize on your computer that we do not have listed, or would like to file a review request that is listed please contact us.

If I find anything else to help you, I will let you know.  Once you run hijackthis,. if you post your log results here, others as well as I, should be able to also help you interpret the results and ferret out the problems and their sources.



0
 
LVL 27

Expert Comment

by:David-Howard
ID: 22741956
You might have some luck with malwarebytes. I'm not sure if the definition files are covering this variant yet but it may be worth a try.
You can get it free from www.malwarebytes.org
Once downloaded, update the program and then reboot into Safe Mode (F8 at startup) and then run it.
David
0
 
LVL 24

Expert Comment

by:fridom
ID: 22828949
Well the safer way is reinstalling everything. And it might be a good idea not to use Windows for normal web browsing. There are now so many excellent emulators that it might be worthwhile to instlal e.g Linux as base system and just run Windows as guest. Up till now I'm not aware of any Virus targeting Linux, but I may be wrong of course

Regards
Friedrich
0
 

Accepted Solution

by:
ee_auto earned 0 total points
ID: 26016261
Question PAQ'd, 125 points not refunded, and stored in the solution database.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

A while back when OPSMGR 2012 was released we were very excited about getting it into our environment and upgrading our 2007 implementation,  we started our planning and we then proceeded with our implementation. All went as planned & our system …
Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Learn the basics of lists in Python. Lists, as their name suggests, are a means for ordering and storing values. : Lists are declared using brackets; for example: t = [1, 2, 3]: Lists may contain a mix of data types; for example: t = ['string', 1, T…
The viewer will learn how to dynamically set the form action using jQuery.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now