InstallerRegVer.exe Malware Problem

August 2, 2011 at 14:03:23
Specs: Windows Vista, 2gb
Right, I found THIS ( and thats all the info I could find. The dude who owns the computer (which is a Vista OS), has also had his email hacked. I've had a look with Hijack this, and hitman pro 3.5.9.
Hitman told me its in the hidden AppData\Local\TempImages and I found out it was a scam that he fell for and payed for some nasty software that has now, been believed to have allowed peoplke to hack his email..
I've removed something similar from the registry when I had a problem a few years ago with something like this. But not this complex. Any Help?

See More: InstallerRegVer.exe Malware Problem

August 2, 2011 at 14:26:52
What control do you have over the machine? Are you able to access any system admin tools i.e. Regedit, TaskManager, cmd.exe?

If not, download the sysinternals suite - you are after ProcMon, Process Explorer and Autoruns. When you have these downloaded, you *may* need to rename them to match "whitelisted" binaries (it's not actually a whitelist, but it's the easiest way to describe it), so explorer.exe, services.exe, firefox.exe, iexplore.exe, svchost.exe etc.

Let me know if you have issues with any of the above, as we may be able to find something via an alternate profile.

Report •

August 3, 2011 at 00:02:09
easiest way to sort out this issue is to save all files to an external sourcs and do a factory restore,
then download msse and malwarebytes, scan the old files before restoring them, do all updates, and install any programs that user uses.

i hate computers!
but cant help myself....

Report •

August 3, 2011 at 03:54:23
I don't really think that's a viable solution. These issues are easily reperable.

Report •
Related Solutions

Ask Question