Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

W32.Pinfi Problem With Explorer

Posted on 2004-05-02
11
Medium Priority
?
348 Views
Last Modified: 2010-04-11
My Computer illiterate family has somehow got a virus in their computer. A quick scan through reveals the computer being infiltrated by W32.pinfi. I deleted the String from explorer and ran the VirusScan stuff. Apparently when ever someone clicks on something on the desktop,tries to open a Folder or file, or try to use Internet Explorer, The explorer.exe shuts down and restarts and the message "Windows cannot find C:\Windows\System32\cmd32.exe cannot be found" i know cmd32.exe is a virus and it not being found is a good thing, meaning my norton deleted it sucessfully.... but i do not understand why explorer keeps trying to open that program and i can't get it working... help please!!! I'm sorta desperate but i do not have points enough to give 500.. Hope someone has pity to give me an answer.. THANK YOU!
0
Comment
Question by:Frostwolf
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 7

Expert Comment

by:IceRaven
ID: 10974320
Hi Frostwolf,

Go edit the registry, back it up first of cource :)

Find the Key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

It will probably say:

explorer.exe c:\windows\system32\cmd32.exe

Change it to:

explorer.exe

Cheers,
IceRaven
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 10976220
Ask them to download and run Stinger:

http://vil.nai.com/vil/stinger/

Should save them manually having to do this.

0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 10977003
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:Frostwolf
ID: 10983292
IceRaven i found the key but i did not find the explorer.exe at all

Thanks a ton sunray it helped alot i searched out one key with the virus and deleted it but apparently the computer is STILL infected with it and the same message comes up...

Tim_holman im still working on the Stinger.. its scanning right now so i'll be back to update and see how it goes...

The explorer still dies out on me...
0
 

Assisted Solution

by:Qualiflow
Qualiflow earned 90 total points
ID: 10984792
If you run Win Xp or Me, you may temporarily turn off System Restore. Windows XP and Me uses this feature, which is enabled by default, to restore the files on your computer in case they become damaged. If a virus, worm, or Trojan infects a computer, System Restore may back up the virus, worm, or Trojan on the computer.
Windows prevents outside programs, including antivirus programs, from modifying System Restore. Therefore, antivirus programs or tools cannot remove threats in the System Restore folder. As a result, System Restore has the potential of restoring an infected file on your computer, even after you have cleaned the infected files from all the other locations.
Also, a virus scan may detect a threat in the System Restore folder even though you have removed the threat.
Howto turn off system restore on Windows XP : http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?
Howto turn off system restore on Windows ME : http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001012513122239?

Then you may be able to remove the virus.
0
 
LVL 7

Expert Comment

by:IceRaven
ID: 10984838
Search the registry for cmd32.exe

See what you come up with.

Cheers,
IceRaven.
0
 

Author Comment

by:Frostwolf
ID: 11000998
okay new problem... apparently its not the cmd32.exe thats messing up the system.. i got rid of it thanks iceraven.... the persisting problem now is that... the explorer disappears whenever i click anything on the desktop... try to open internet explorer... OR try to open a folder... help!!!
0
 
LVL 7

Accepted Solution

by:
IceRaven earned 285 total points
ID: 11001436
If you have cleaned your computer against viruses with stinger.  The next step is your computer may have spyware/adware/malware.  This infection software is often not picked up by anti-virus software and needs specific cleaning software.  The software I recommend is downloaded from www.safer-networking.org and is called Spybot S&D.   You will need to download, install, search for updates and then scan your computer for the little software nasties.  Once you have done so, reboot your computer and see if the problems are gone.  If not, download a program called Hijack This from www.spywareinfo.com/~merijn/downloads.html this program produces a log file.  Post the log file here and someone should be able to tell you what to do.

Cheers,
IceRaven.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 11003615
Run stinger in safe mode !
0
 

Author Comment

by:Frostwolf
ID: 11073296
Its still not working.....
0
 

Author Comment

by:Frostwolf
ID: 11474332
Thanks all for helping me... somehow my brother magically got it working.... but ur help was VERYYYYYY appreciated
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question