What is insidminer.exe and trii.exe?

Today I was helping out a guy with some malware removal. We found a file called insidminer.exe on his computer. The file properties shows another filename: trii.exe.

I don’t know what it does, but it is malware for sure. Check out the results from the anti-virus scanners:

  • Avast Win32:Malware-gen
  • Ikarus Win32.SuspectCrc
  • Commtouch W32/Trojan.GOEZ-4180
  • Comodo UnclassifiedMalware
  • AhnLab-V3 Trojan/Win32.Agent
  • NANO-Antivirus Trojan.Win32.Stealer.brdryl
  • VIPRE Trojan.Win32.Generic!BT
  • Kaspersky Trojan.Win32.Agent.zzet
  • DrWeb Trojan.PWS.Stealer.715
  • Emsisoft Trojan.GenericKDV.950289 (B)
  • MicroWorld-eScan Trojan.GenericKDV.950289
  • BitDefender Trojan.GenericKDV.950289
  • F-Secure Trojan.GenericKDV.950289
  • GData Trojan.GenericKDV.950289
  • Symantec Trojan.Gen
  • PCTools Trojan.Gen
  • TrendMicro-HouseCall TROJ_SPNR.08E513
  • TrendMicro TROJ_SPNR.08E513
  • Panda Trj/CI.A
  • AntiVir TR/Kazy.165574
  • K7AntiVirus Riskware
  • K7GW Riskware
  • McAfee RDN/Generic PWS.y!ly
  • McAfee-GW-Edition RDN/Generic PWS.y!ly
  • Fortinet MSIL/Kryptik.JC
  • Sophos Mal/Generic-S
  • Norman Inject.RAT
  • AVG Generic32.BSUW
  • ESET-NOD32 a variant of MSIL/Kryptik.JC

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s