Author Topic: Seeking help to remove TNT2user.exe and  (Read 17905 times)

Offline flywelder

  • Comodo Family Member
  • ***
  • Posts: 99
Seeking help to remove TNT2user.exe and
« on: December 16, 2012, 11:39:06 AM »
SO some how I have something called  and TNT2user.exe   I hope I am posting in the correct forum,  if not  please move this to the correct forum  or instruct me how to.
I  discovered this when comodo informed me that these were attempting to connect to another computer and gain access to some important part of my computer.  and if I didn't want this or want to allow this I should block it or allow to partially open in sand box.  I choose sand box.  well now that was a mistake  because  for 10 days now  I have been blocking the request.  However it continues to come up and  running a virus scan does not locate it or remove it!  Frustrating!

 I searched in Control panel and add or remove programs, and found  a program called  and I choose to remove it, but that has not completely happened for some reason, and i am now getting TNT2user.exe  !! 
Plus, I now have  at the top of my screen , every time I go online, an area the size of a tool bar  that will not fill with the page I am currently viewing, but instead shows a part of my desktop image.??   I'm very concerned, and unsure what to do!...and so I am here at this forum seeking answers and guidance.

HELP!   what is happening and what can I do to remove this and get back to normal? 
Obviously, I am not a comp. expert  but a novice and just a home desk top user. Yet I can follow directions if they are detailed and laid out in steps.    Thanking  you all now for your assistance!

Offline EricJH

  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 24272
Re: Seeking help to remove TNT2user.exe and
« Reply #1 on: December 16, 2012, 01:14:06 PM »
Try scanning with the following scanners and see if they can get rid of it:
Malwarebytes Anti Malware
Super Antispyware
Hitman Pro
Norton Power Eraser

Let us know if that did the trick for you or not.

Offline robertpri

  • Newbie
  • *
  • Posts: 1
Re: Seeking help to remove TNT2user.exe and
« Reply #2 on: December 16, 2012, 05:58:48 PM »
I have been chasing this problem for two days, and have tried all those virus/malware programs including several more not mentioned. The closest I got to a fix was to backup the reg, then delete every reference to TNT2User, and reboot. Then found the default profile this monster created:

opening that file with notepad and it directed the hijacked homepage to and set the new tab to TNT2User.exe.

I deleted this file [with FF closed] and reopened. It went to the hiacked home page, but I reset it to my choice. Then change new tab. This worked perfectly, and closed\reopened FF. Perfect.

But...closed opened again, and the hijacked pages are back. i have no idea what to try next.

Offline flywelder

  • Comodo Family Member
  • ***
  • Posts: 99
Re: Seeking help to remove TNT2user.exe and
« Reply #3 on: December 17, 2012, 10:35:13 AM »
Now for An update.

I have downloaded and run the programs suggested.  Only super anti spy ware fond anything!   I still have  the original issue!
And every time I log onto the internet, and before my home page will lad, Comodo  comes on and informs me off the attempts that  wants to connect to the internet  shall I allow it to do so or not?  and I always choose block.  then immediately  the same question is out to me  about  TNT2user.exe  and I choose to block.    only then am I allowed access to the web.  ?
Should I just allow these, and then deal with them if I don't want them or they are malicious?   help.

And  Is the reason  I am having this trouble simply because I chose to open them in sand box and i have not completed the steps for sand box?... I don't understand how to properly use sand
I'm attaching  screen shots of my monitor so that you can see what my screen looks like.  perhaps it wil help you with helping me.  Can I attach any thing else that would help?

[attachment deleted by admin]

Offline flywelder

  • Comodo Family Member
  • ***
  • Posts: 99
Re: Seeking help to remove TNT2user.exe and
« Reply #4 on: December 17, 2012, 11:10:36 AM »
Additional update info.

SO right after I posted my update,  the internet took me to a comodo forum page  where I read about a program called PSC.exe     posted by M_____,  I believe a comodo guru, general.

I read the great replies about it.   So I down loaded it to a folder on my desk top, and ran it,  the program ran really fast, all I saw was a black screen! then it was over.  but I am not seeing any log that it says it created and placed where I launched from ? {which would be the folder on my desk top}    please advise.
Thank you

PS:  on  my earlier posting I forgot to explain that  when you look at the 'screen shot of my monitor',  look at the top and around the comodo icon,  you should see  several words, sentences etc of programs I just used and closed!  plus  other unidentifiable images, which are the very top portion of my desk top image!...which is a picture of a steam loco.  this is the missing tool bar sized area  that started my  search to discover what is wrong with my computer.

Offline BoredNow

  • Comodo's Hero
  • *****
  • Posts: 354
Re: Seeking help to remove TNT2user.exe and
« Reply #5 on: December 17, 2012, 11:33:05 AM »
Search is a browser hi-jacker.
Here are some instructions...

Strangely, Emsisoft doesn't seem to consider it dangerous...

Also, I would also do a system restore.

Click on the Start button and type  -  system restore  -  into the search pane
Choose - restore system files and settings from a restore point
Choose  - choose a different restore point  -
Click the little box that says "Show more restore points" to open a list of restore points
Choose a point before you started to have your problem
and then proceed to restore your system
« Last Edit: December 17, 2012, 12:17:22 PM by BoredNow »
Home built gaming rig
Windows 7 Home Premium 64-bit SP1
Sandboxie 5.6

Offline flywelder

  • Comodo Family Member
  • ***
  • Posts: 99
Re: Seeking help to remove TNT2user.exe and
« Reply #6 on: February 06, 2013, 11:13:34 PM »
Thanks for your help!   the issue is now corrected!. and I'm happy !   :)


Free Endpoint Protection
Seo4Smf 2.0 © SmfMod.Com Smf Destek