Str_insdr.exe

I have recently encountered this "virus" which installs itself in the registry run folder, thereby attempting to launch the .exe and related .bat files stored in the temp directory.


This was not detected by BitDefender Antivirus 2008 and I can find very little info on the web relating to this and its removal. For now, I have renamed the .exe and am seeking a way of proper removal and cleaning up the registry and msconfig files.


This is my first posting on this forum :unsure:

Comments

  • I have recently encountered this "virus" which installs itself in the registry run folder, thereby attempting to launch the .exe and related .bat files stored in the temp directory.


    This was not detected by BitDefender Antivirus 2008 and I can find very little info on the web relating to this and its removal. For now, I have renamed the .exe and am seeking a way of proper removal and cleaning up the registry and msconfig files.


    This is my first posting on this forum :unsure:


    Please attach the file as a zip archive with the "infected" password for analysis.


    Thank you.

  • stylpet
    edited December 2019


    danton said:




    Please attach the file as a zip archive with the "infected" password for analysis.


    Thank you.




    I have password protected this zip file but using unregistered version of WinRar therefore protection may not be active.


    Thanks


     


    /applications/core/interface/file/attachment.php?id=19807" data-fileExt='zip' data-fileid='19807'>Str_insdr_Malware.rar.zip

  • alexcrist
    alexcrist
    edited June 2008

    Topic moved to the correct section.


    Read here: Welcome On Malware Talk


    Cris.

  • I have also discovered related files that get added to C:\WINDOWS\Installer\24ha12


    Plus files with root hvNrt


    Connecting my external USB drive also triggers the auto instal of these files but fortunately these are caught by windows register edit security


    Would still love to find the moved files?