Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 351
  • Last Modified:

W32.Pinfi Problem With Explorer

My Computer illiterate family has somehow got a virus in their computer. A quick scan through reveals the computer being infiltrated by W32.pinfi. I deleted the String from explorer and ran the VirusScan stuff. Apparently when ever someone clicks on something on the desktop,tries to open a Folder or file, or try to use Internet Explorer, The explorer.exe shuts down and restarts and the message "Windows cannot find C:\Windows\System32\cmd32.exe cannot be found" i know cmd32.exe is a virus and it not being found is a good thing, meaning my norton deleted it sucessfully.... but i do not understand why explorer keeps trying to open that program and i can't get it working... help please!!! I'm sorta desperate but i do not have points enough to give 500.. Hope someone has pity to give me an answer.. THANK YOU!
0
Frostwolf
Asked:
Frostwolf
  • 4
  • 3
  • 2
  • +2
2 Solutions
 
IceRavenCommented:
Hi Frostwolf,

Go edit the registry, back it up first of cource :)

Find the Key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

It will probably say:

explorer.exe c:\windows\system32\cmd32.exe

Change it to:

explorer.exe

Cheers,
IceRaven
0
 
Tim HolmanCommented:
Ask them to download and run Stinger:

http://vil.nai.com/vil/stinger/

Should save them manually having to do this.

0
 
sunray_2003Commented:
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
FrostwolfAuthor Commented:
IceRaven i found the key but i did not find the explorer.exe at all

Thanks a ton sunray it helped alot i searched out one key with the virus and deleted it but apparently the computer is STILL infected with it and the same message comes up...

Tim_holman im still working on the Stinger.. its scanning right now so i'll be back to update and see how it goes...

The explorer still dies out on me...
0
 
QualiflowCommented:
If you run Win Xp or Me, you may temporarily turn off System Restore. Windows XP and Me uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.
Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations.
Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat.
Howto turn off system restore on Windows XP : http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?
Howto turn off system restore on Windows ME : http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001012513122239?

Then you may be able to remove the virus.
0
 
IceRavenCommented:
Search the registry for cmd32.exe

See what you come up with.

Cheers,
IceRaven.
0
 
FrostwolfAuthor Commented:
okay new problem... apparently its not the cmd32.exe thats messing up the system.. i got rid of it thanks iceraven.... the persisting problem now is that... the explorer disappears whenever i click anything on the desktop... try to open internet explorer... OR try to open a folder... help!!!
0
 
IceRavenCommented:
If you have cleaned your computer against viruses with stinger.  The next step is your computer may have spyware/adware/malware.  This infection software is often not picked up by anti-virus software and needs specific cleaning software.  The software I recommend is downloaded from www.safer-networking.org and is called Spybot S&D.   You will need to download, install, search for updates and then scan your computer for the little software nasties.  Once you have done so, reboot your computer and see if the problems are gone.  If not, download a program called Hijack This from www.spywareinfo.com/~merijn/downloads.html this program produces a log file.  Post the log file here and someone should be able to tell you what to do.

Cheers,
IceRaven.
0
 
Tim HolmanCommented:
Run stinger in safe mode !
0
 
FrostwolfAuthor Commented:
Its still not working.....
0
 
FrostwolfAuthor Commented:
Thanks all for helping me... somehow my brother magically got it working.... but ur help was VERYYYYYY appreciated
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

  • 4
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now