win32.pinfi

  • Thread starter Thread starter Tim923
  • Start date Start date
T

Tim923

I got this virus. Norton didn't detect it until after it was run, and then
it was too late. What went wrong? Nasty thing. It first took out my
Internet Explorer and then my email. Tim
 
Tim923 said:
I got this virus. Norton didn't detect it until after it was run, and
then it was too late. What went wrong?
Click to expand...

Several possibilities:
1. your Norton (version unknown) is out of date
2. the virus morphed and the current is not in your database
2a. it is an old virus, from 2001
2b. it morphed on November 10, 2009
3. you got a file in email and didn't scan it
Nasty thing. It first took out my Internet Explorer and then my
email. Tim
Click to expand...

<http://www.google.com/search?en&q=win32.pinfi>
<http://www.symantec.com/security_response/writeup.jsp?docid=2003-011708-2030-99>
see also the Technical Details and Removal tabs

"Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me,
Windows NT, Windows XP"

Get a better anti-virus program.
Get an operating system that is not affected by such nonsense.
 
From: "Tim923" <[email protected]>

| I got this virus. Norton didn't detect it until after it was run, and then
| it was too late. What went wrong? Nasty thing. It first took out my
| Internet Explorer and then my email. Tim



To answer what went wrong... In short, Norton is party to blame. It just isn't that
good.

Replace it with Avira AntiVir.
 
Tim923 said:
I got this virus. Norton didn't detect it until after it was run, and
then it was too late.
Click to expand...

Anyone can take an old virus and repackage it and send it out as a
trojan. Such a trojan dropper, once executed, can drop a virally
infected file onto your file system and be "picked up" by your file
scanner - or not - and then end up infecting more files.

I suspect that such a thing has happened, do you have the original "bad"
executable (trojan) as well as some virally infected ones?
What went wrong?
Click to expand...

I'm guessing that your Norton failed to recognize a trojan dropper and
yet was able to detect at least one of the dropped programs as being
infected with Pinfi. I suppose it is also possible that Norton failed to
recognize one iteration of Pinfi but was successful on the next
iteration, but your statement about having run something successfully
before the detection makes me think trojan.
 
I see that it's an old version, Norton 2003, but I believe I was up to date
in updates. It sure did detect win32.pinfi, but it was too late. It wasn't
email related. I downloaded something that didn't come from a nice official
webpage. So I'm partly to blame. I have to ask, would AVG free have done a
better job? Tim
 
From: "Tim923" <[email protected]>

| I see that it's an old version, Norton 2003, but I believe I was up to date
| in updates. It sure did detect win32.pinfi, but it was too late. It wasn't
| email related. I downloaded something that didn't come from a nice official
| webpage. So I'm partly to blame. I have to ask, would AVG free have done a
| better job? Tim

Just about any other would be an improvement over Norton and Avira AntiVir stands above
their shoulders.
 
Tim923 said:
I see that it's an old version, Norton 2003, but I believe I was up to date
in updates. It sure did detect win32.pinfi, but it was too late. It wasn't
email related. I downloaded something that didn't come from a nice official
webpage. So I'm partly to blame. I have to ask, would AVG free have done a
better job? Tim
Click to expand...

If you download a file and want to check it against a number of AV products

http://www.virustotal.com/

There is a file uploader available to make this even easier

http://www.virustotal.com/metodos.html


John
 
Do virus scanners see what's in zip and rar files before they are
uncompressed, or is it just after?
 
From: "Tim923" <[email protected]>

| Do virus scanners see what's in zip and rar files before they are
| uncompressed, or is it just after?


Depends on who the vendor is and what the settings are. Most will default to seeing
within non-password protected RAR and ZIP files.
 
Tim923 said:
Do virus scanners see what's in zip and rar files before they are
uncompressed, or is it just after?
Click to expand...

Just after. The difference is that they do the decompression for you,
behind the scenes, if you enable that option. Not only do they support
many archive types (most that you don't even use) but other types of
encoding - decoding schemes.
 
Tim923 said:
I see that it's an old version, Norton 2003, but I believe I was up to
date
in updates. It sure did detect win32.pinfi, but it was too late. It
wasn't
email related. I downloaded something that didn't come from a nice
official
webpage. So I'm partly to blame. I have to ask, would AVG free have
done a
better job? Tim
Click to expand...

I don't think that there's an answer for that one.

Bottom line, they all suck - they can't be relied upon to make sure
executables that you download from untrusted sources are benign.

They *can* be useful in the "verify" part of "trust yet verify" when you
download from a source that you *do* trust.

I know, it sounds crazy, - why would anyone need to scan files obtained
from trusted sources?

Answer - viruses. Much of the rest can be avoided by policy.

Most of these so-called security programs are really just 'absence of
security' clean-up tools (some are very good at what they do). I
suggest, for those poeple feeling they must download and execute
untrusted programs from the internet, a good recovery plan (avoidance
won't work). When I was one of those, I used several computers (some
isolated) and disk images. Now, most people use virtual machines to test
in.
 
Tim923 said:
I got this virus.

What went wrong?
Click to expand...

You got too horny thinking about the porn you were about to look at when
you accepted the offer to download and install the codec being offered.
 
The Scrutinizer top-poasted:
Norton 2003 was 6 years out of date.
Click to expand...

Doesn't matter, because it (and even NAV 2002) can be brought completely
up-to-date with a download of Symantec's Intelligent Updater package.
 
FredW said:
Norton 2003 is still recommended for Windows98, being almost the
only anti-virus program available (and updating) for that (older)
Windows.
Click to expand...

WRONG !!!!!

Even though NAV 2003 will run on win-98, it's not recommended because
the bloat that Norton became notorious for started with that product.
Also starting with that version is a more complex way for NAV to not be
easily re-installed to gain another year of functionality without having
to pay for it. With NAV 2002, that is very easy to do.

NAV 2002 can still be easily brought up-to-date by running the Symantec
Intelligent Updater package. Symantec claims that the package is for
NAV 2003 and higher, but it works just fine on NAV 2002.

So that's why NAV 2002 is the recommended AV product for Win-98, not NAV
2003. I even have it installed on a few XP machines.
 
Back
Top