1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: W32.Pinfi.B Activity

System Infected: W32.Pinfi.B Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects Trojan.Travnet activity on compromised system.

Additional Information

This Trojan may be dropped by document files containing exploits. (Trojan.Mdropper)

When the Trojan is executed, it creates the following files:

%UserProfile%\Start Menu\Programs\Startup\netmgr.lnk
%UserProfile%\Start Menu\Programs\Startup\netmgr.lnk

Next, the Trojan steals files with the following extensions:


It may also steal email user names and passwords.


  • Various windows platforms
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube