Home Malware Programs Backdoors Backdoor.Pontoeb

Backdoor.Pontoeb

Posted: December 30, 2011

Threat Metric

Threat Level: 6/10
Infected PCs: 58
First Seen: December 30, 2011
OS(es) Affected: Windows

Pontoeb is a backdoor Trojan that has gained recent attention due to its usage of fake Diablo 3 cracks as installation files. SpywareRemove.com malware analysts warn that Pontoeb infections should be considered high-level threats to any Windows computer's security as a consequence of Pontoeb's backdoor functions, which allow Pontoeb to enable access and control over your PC by remote criminals. Other than unauthorized changes to your Windows Firewall, there may be few symptoms of Pontoeb on your computer even while Pontoeb is active, and SpywareRemove.com malware experts recommend that you use appropriate anti-malware scanners to detect and delete Pontoeb. Regardless of its discretion, allowing Pontoeb to remain on your computer can be considered equivalent to handing your computer over to hackers, which may result in a wide range of invasive attacks.

Don't Be Too Hasty to Grab That Crack – It Might Just Be Pontoeb

Pontoeb's primary propagation method is to conceal itself in .exe files that are inaccurately-named after cracks, key generators, trials and other types of utilities for popular-and-upcoming games like Dota 2 and Diablo III (for example, 'diablo3-crack.exe'). As long as you acquire your gaming-related files from appropriate sources, the possibility of being exposed to Pontoeb is slim, although P2P networks and pirate software sites are highly-likely to be populated by copies of Pontoeb.

Launching these Pontoeb-contamined executables will cause Pontoeb to install itself and run automatically as a background process, although there may be no visible symptoms of this consequence. Initial actions by Pontoeb include gathering basic system information that can be used to identify your PC for future attacks – this information is sent back to Pontoeb's hacker partners without your consent, and during the process, aspects of your network and firewall security are inevitably-compromised.

The Ultimate Results When Eagerness to Play Leads to Pontoeb Attacks

Because attacks by Pontoeb can be configured for a variety of ill effects, SpywareRemove.com malware researchers advise you to be on the lookout for even the worst possibilities, which can include:

  • Disabled security and anti-malware programs.
  • Browser redirect attacks that force your browser to load malicious or fraudulent content.
  • Changes to your computer's network ports and firewall that make their security settings useless for the purposes of blocking future assaults.
  • Loss of system resources that are diverted to illegal activities (such as DDoS attacks, AKA traffic-flooding attacks on websites).
  • Loss of personal information from keylogging, phishing techniques and other spyware attacks – this can include bank account information, Social Security numbers and credit card numbers.
  • The installation of other types of PC threats such as worms, viruses or rogue security programs.

Pontoeb can be detected by the aliases of Trojan.MulDrop3.21941, Backdoor.MSIL.Agent.fyc and Backdoor:MSIL/Bafrus.J. However, SpywareRemove.com malware researchers note that backdoor variants of Pontoeb shouldn't be confused with slightly-older variants of Pontoeb, Backdoor:MSIL/Pontoeb.B and Backdoor:MSIL/Pontoeb.A, which are both worms that propagate via compressed archives (such as .zip files).

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Backdoor.Pontoeb may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



Builded.exe File name: Builded.exe
Size: 28.16 KB (28160 bytes)
MD5: 91768143d6c9909c3d36508a495263c8
Detection count: 44
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 2, 2012
The_Lost_Watch_3D_Screensaver.scr File name: The_Lost_Watch_3D_Screensaver.scr
Mime Type: unknown/scr
Group: Malware file
unupx.dll File name: unupx.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
pstc.exe File name: pstc.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
crstk.exe File name: crstk.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
wtsx.exe File name: wtsx.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
uTorent.exe File name: uTorent.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
uodbs.dll File name: uodbs.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
taskhostt.exe File name: taskhostt.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
systemup.exe File name: systemup.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Oik6C8D0B8D.sys File name: Oik6C8D0B8D.sys
File type: System file
Mime Type: unknown/sys
Group: Malware file
netbt.sys File name: netbt.sys
File type: System file
Mime Type: unknown/sys
Group: Malware file
mkqiq.exe File name: mkqiq.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
inlisw32.dll File name: inlisw32.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
deep_freeze_standard_6_2.exe File name: deep_freeze_standard_6_2.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
ctfmonqdd.exe File name: ctfmonqdd.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
ctfmonipa.exe File name: ctfmonipa.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
CR-WR311.EXE File name: CR-WR311.EXE
File type: Executable File
Mime Type: unknown/EXE
Group: Malware file
Counter-Strike Source.exe File name: Counter-Strike Source.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
commctl32.dll File name: commctl32.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
AppleMainInit.dll File name: AppleMainInit.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
9719831.exe File name: 9719831.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
verupd.exe File name: verupd.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
onetsw32.dll File name: onetsw32.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
inetsw32.dll File name: inetsw32.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
wb.exe File name: wb.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
WUDHost.exe File name: WUDHost.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
svchost.exe File name: svchost.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
win32rundll.exe File name: win32rundll.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
dwm.exe File name: dwm.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
audiohd.exe File name: audiohd.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
waudiohd.exe File name: waudiohd.exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

Related Posts