IFinst27.exe - anyone know what this is?

T

Tony

I had to do an XP System Restore after having some weird problems with
Powerstrip, and afterwards notices this file in my C:\Windows directory.
Searched on Google and Yahoo but could find no ID for it. Can anyone tell me
what it is?
 
M

Malke

Tony said:
I had to do an XP System Restore after having some weird problems with
Powerstrip, and afterwards notices this file in my C:\Windows
directory. Searched on Google and Yahoo but could find no ID for it.
Can anyone tell me what it is?
Click to expand...

I don't know how you searched, but I just did a Google for
"IFinst27.exe" and got 43 links. Not a lot, but enough to see that it
is malware. Here are general removal steps:

http://www.elephantboycomputers.com/page2.html#Removing_Malware

Malke
 
T

Tony

Malke said:
I don't know how you searched, but I just did a Google for
"IFinst27.exe" and got 43 links. Not a lot, but enough to see that it
is malware. Here are general removal steps:

http://www.elephantboycomputers.com/page2.html#Removing_Malware

Malke
--
MS-MVP Windows User/Shell
Elephant Boy Computers
www.elephantboycomputers.com
"Don't Panic"
Click to expand...

I did a Google Groups search. I did a web search and also got a bunch of
hits. But I did not find anything in looking over any of the links that
proves it's malware. I had previously CWShredder, Adaware, and Spybot and
got nothing. I also submitted the file to

http://virusscan.jotti.org/

and got back the "it might or might not be a suspicious file" response. So
far everything I've tried has been less than conclusive. And the only place
the file name shows up in my Registry is in the MUICache key.
 
F

Fitz

Have you installed a game called "Seal" something or other? I found a
reference in Google that said when someone tried to uninstall the game that
it referenced IFinst27 as not a valid win32 app. Have you right clicked on
the file to see what the properties are, e.g. manufacturer, version, etc.?
 
T

Tony

No, I haven't installed anything like that. This popped up after I had to do
a System Restore to a previous instance of my Registry (only one day
previous). It came about because after that I had to reinstall a couple of
programs (Photoshop CS being the main culprit). After I was all done I
noticed this file.

Under the Summary panel for File/Properties none of the fields (Source,
Author, etc) have any entries.

I moved the file to a temp area on another drive and removed the MUICache
entries in the Registry, and nothing seems to have broken. Weird.
 
F

Fitz

I don't know what it is then. I'd suggest watching it or maybe renaming it
to see if anything breaks. My best guess is that it's some type of malware.
Have you run all your anti scumware programs in Safe Mode?
 
T

Tony

Yes, all run in Safe mode. Since I moved the file and removed the Registry
entries I have seen no recurrence of this filename in the Registry, so I'm
hoping that whatever it was is not very bad.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

IE Autocomplete has problems. Please help. 1
MidiDef32.exe- WHAT IS IT? 6
What is mciole16.exe ? 4
msxml2r32.exe? what is this? 1
smsogx32.exe - what is this?? 15
Single File Restore - what is it? 3
Is this a virus / trojan / worm ? 3
Does anyone know what this is? 1

Top