Hi robertthomas,

What program detected W32.Pinfi?  That is a very old threat, dating from 2001.  If you are using the Smart Definitions, I suppose it might be possible to be infected by an old file containing this threat that may have been laying around.  But I would certainly want to check that this was not a false positive before drawing any conclusions.  You can upload the file to VirusTotal to see if other AV vendors also find it to be malicious or not.

https://www.virustotal.com/

This virus infected a new PC which I had assembled on the month of October 2011, with Windows 7 operating system.

All the software ie., MS Office and EA games installed are Original (NO pirated software) and a few freeware software like VLC, Acrobat etc.,

I have an upgraded version of Norton 2012 internet security installed with 1 year subscription ending in 236 days.

I had installed a few OBD trial software from the net in  the month of Jan 2012, after that some of the programs stopped running giving a error message it has been corrupted, I installed windows on a new second hard disk with norton and did a complete scan,

Below is the Stat.

Scan Statistics:   Scan Time: 1,01,249 seconds   Scan Targets: Entire computer   Counts:    Total items scanned: 40,82,641    - Files & Directories: 40,77,438    - Registry Entries: 143    - Processes & Start-up Items: 4,394    - Network & Browser Items: 661    - Other: 5    - Trusted Files: 3,292    - Skipped Files: 1,00,699

   Total security risks detected: 193    Total items resolved: 183    Total items that require attention: 10

Resolved Threats: 4 Tracking Cookies  Type: Anomaly  Risk: Low (Low Stealth, Low Removal, Low Performance, Low Privacy)   Categories: Tracking Cookies  Status: Fully Resolved  -----------  4 Tracking Cookies Cookie:sumoja@2o7.net/ - Deleted Cookie:sumoja@2o7.net/ - Deleted Cookie:sumoja@m.webtrends.com/ - Deleted  - Deleted

W32.Pinfi  Type: Anomaly  Risk: High (High Stealth, High Removal, High Performance, High Privacy)   Categories: Virus  Status: Restart Required

 19 Registry Entries HKEY_CLASSES_ROOT\CLSID\{A10AFF8B-F60D-4E71-89A0-522EAF8B676E} - Restart Required HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{A10AFF8B-F60D-4E71-89A0-522EAF8B676E} - Restart Required HKEY_USERS\S-1-5-21-1296481345-3592373604-3212001647-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel->{871C5380-42A0-1069-A2EA-08002B30309D}:0 - Restart Required HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel->{871C5380-42A0-1069-A2EA-08002B30309D}:0 - Restart Required HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel->{871C5380-42A0-1069-A2EA-08002B30309D}:0 - Restart Required HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel->{871C5380-42A0-1069-A2EA-08002B30309D}:0 - Restart Required HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{23KLN5J0-4OPM-11WE-AAX5-24EF1F387232} - Restart Required HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\->DisableSR:0 - Restart Required HKEY_USERS\S-1-5-21-1296481345-3592373604-3212001647-1000\Software\Microsoft\Windows\CurrentVersion\Explorer->PINF - Restart Required HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer->PINF - Restart Required HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer->PINF - Restart Required HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer->PINF - Restart Required HKEY_LOCAL_MACHINE\Microsoft\Windows\CurrentVersion\Run->lov3ly - Restart Required HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->Windo Servic Agents 32 - Restart Required HKEY_USERS\S-1-5-21-1296481345-3592373604-3212001647-1000\Software\Microsoft\Windows\CurrentVersion\Run->Windo Servic Agents 32 - Restart Required HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->Windo Servic Agents 32 - Restart Required HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->Windo Servic Agents 32 - Restart Required HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run->Windo Servic Agents 32 - Restart Required HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices->Windo Servic Agents 32 - Restart Required

though this virus is quite old it has maneged to enter a system a do a lot of damage to the exe files, all my importent documents a safe , and three of my network computers running AVAST is running fine, I did a scan with Norton over the network and it had found no virus on them.

Hi robertthomas,

I am not sure what to make of this.  It is odd that Norton "found" such an old threat on a relatively new installation, that a Norton scan would find this, and yet Auto-Protect did not, that all of the entries seem to be registry keys with no associated infected files.  And 193 security risks found??  It's all sort of unusual.

thats not the complete log file, I have posted just part of it.

more then 180 programs stopped responding (infected) though NIS reported as repaired.

the following keys in the regisitry is added by the virus .,

HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer->PINF - Restart Required

HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer->PINF - Restart Required HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer->PINF - Restart Required

etc..,

and lots of files.,

c:\microcontrollers\plc\plc- programmable logic controller training- allen bradley(2)\plc- programmable logic controller training- allen bradley\interactive simulator\simsetup.exe - No action taken

c:\microcontrollers\plc\plc- programmable logic controller training- allen bradley(2)\plc- programmable logic controller training- allen bradley\interactive simulator\simsetup.exe - Repaired

c:\microcontrollers\software\mikroc 8.2.0.0\crack\mikroc.exe - Repaired

c:\microcontrollers\p2psetup1955.exe - Repaired

c:\microcontrollers\software\mikroc 8.2.0.0\mikroc_8_2_0_0.exe - Deleted

c:\microcontrollers\software\mp661\mplabv~1 (2).exe - Repaired

c:\microcontrollers\software\mp661\mplabv~1.exe - Repaired

c:\microcontrollers\micro_07\mplab_ide_8_53\setup.exe - Repaired

c:\microcontrollers\software\picp-0.6.7-exe\picp.exe - Repaired

c:\microcontrollers\software\ponyprog.exe - Repaired

c:\microcontrollers\software\ponyprogv206f\setup.exe - Repaired

c:\microcontrollers\software\ponyprog_v207c\setup.exe - Repaired

c:\microcontrollers\software\picbasic pro 2.45\pbpw.exe - Repaired

c:\microcontrollers\software\ponyprog_v207c.exe - Repaired

c:\microcontrollers\software\sdradio_099.exe - Repaired

c:\microcontrollers\software\sdradio_v100_setup.exe - Repaired

c:\microcontrollers\software\mpasmwin520\mpasmwin.exe - Repaired

c:\microcontrollers\software\tinybld198\tinybld198\tinybldwin.exe - Repaired

c:\microcontrollers\software\tinybld198\tinybldwin (2).exe - Repaired

c:\microcontrollers\software\tinybld198\tinybldwin.exe - Repaired

c:\microcontrollers\software\topwin5.exe - Repaired

c:\microcontrollers\software\topwin5a.exe - Repaired

c:\microcontrollers\software\topwin6.exe - Repaired

c:\microcontrollers\software\topwin63.exe - Repaired

c:\microcontrollers\software\topwinen3x.exe - Repaired

c:\microcontrollers\software\bascom-avr_45490\setup (2).exe - Repaired

c:\microcontrollers\software\bascom-avr_45490\setup.exe - Repaired

c:\microcontrollers\software\bascom-avr_45490\_isdel (2).exe - Repaired

c:\microcontrollers\software\bascom-avr_45490\_isdel.exe - Repaired

c:\microcontrollers\micro cont\pic\mplab_v8\install_mplab_v8 (2).exe - Repaired

c:\microcontrollers\software\cdm 2.04.16.exe - Repaired

c:\microcontrollers\micro cont\pic\mplab_v8\install_mplab_v8.exe - Repaired

c:\microcontrollers\micro cont\pic\mplab_v8\instmsia (2).exe - Repaired

c:\microcontrollers\micro cont\pic\mplab_v8\instmsia.exe - Repaired

c:\microcontrollers\micro cont\pic\mplab_v8\instmsiw (2).exe - Repaired

c:\microcontrollers\micro cont\pic\mplab_v8\instmsiw.exe - Repaired

etc..,

right now I am scanning the PC with McAfee Internet Security which I have download from their web site, I will post the details as soon as it has finished. (I have about 2.5 terabyte of data)