W32.Pinfi & Hacktool.Rootkit

Discussion in 'malware problems & news' started by Kamakazi187, Nov 7, 2005.

Thread Status:
Not open for further replies.
  1. Kamakazi187

    Kamakazi187 Guest

    I don't know what's happening to me lately! All the bad luck started when i bought a new sitting room that I can't afford! :oops: And then my fighter fish got sick, and lastly my computer at home crashed! :( What am i supposed to do now? I can't sit in my living room because i don't like it! I can't watch my sick fish, because he makes me sick! and I can't sit on my computer for comfort anymore!!! :p

    Anyway, here is what happened with me! My operating system is Win XP pro, and i have always had Norton Internet Security and Norton Anti Virus, always the most recent ones! In this case, they were 2005 constantly updated. All of a sudden Norton Antivirus asks me for an activiation key after having the software running on my computer for more than 7 months! As i was looking for the keygen to get the code again, norton gave me an error and gave me a minute! The msg was from NT Authority/System or something like that. My computer shutdown after the minute was over and as I turned it on again, Norton did not start, i tried to start it but it kept closing automatically. I hit cnrl+alt+del for taskmgr and it kept closing automatically too! I felt something fishy there. I restarted and i ran Norton from Safe Mode! It found 190 viruses, mostly Hacktool.Rootkil and W32.Pinfi. There were other stuff too, but the rest was cleaned and my problem remained mostly with W32.Pinfi. I read over the internet on way to remove this virus, but nothing really worked with me! I removed the registry entry Pinfi from the explorer registry. I deleted the tmp files on my computer. Norton does not run in normal mode, and in safe mode it doesn't see any viruses anymore! I tried ending the process of explorer.exe and running the anti virus, but still that didn't resolve anything! The only way that i can end explorer.exe process is by making spyboot search&destroy run on startup before any process start and i run the task manager and end it! That is the only way that i could find. And when i do that my computer runs fine! Of course all of exe files are destoried and i need to reinstall most of my programs but that i can take care of after the full removal of the w32.pinfi from the computer.

    Any advise would be greatly apreciated! If nothing works, i guess i will format the hard disk and start from scratch because i have no restore points on my computer :(
     
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
Thread Status:
Not open for further replies.