7 replies to this topic

[swagger]

I am almost afraid to reboot my computer... Noticed this file in the "Startup" section of CCleaner... It's set to RunOnce and I've never heard of or seen it before.

c:\windows\is-icdra.exe /REG is the startup value with the name being InnoSetupRegFile.0000000001.

No information is easily found through google; I uploaded it to Jotti and it came back as clean. Any clues?

swagger

[Maniac]

Everything is fine! The file is legitimate.
http://www.bleepingcomputer.com/startups/I...0001-16618.html

[swagger]

Is the filename randomly generated then? Because that entry at BC has a different file name...

[Maniac]

The file name doesnt matter, the important thing in this case is the value name - InnoSetupRegFile.0000000001. Don't worry!

[AdvancedSetup]

See if you can locate the file in your Windows directory InnoSetupRegFile.0000000001
You should be able to open it with Notepad and look and see what it's trying to do.

[swagger]

Maniac, on Apr 3 2009, 06:46 PM, said:

The file name doesnt matter, the important thing in this case is the value name - InnoSetupRegFile.0000000001. Don't worry!

I understand... I'm not panic worried as my computer has been up for over a week and I am sure I have installed 2-3 programs that could be related to this entry. Just would like more information on this.

AdvancedSetup, on Apr 3 2009, 06:47 PM, said:

See if you can locate the file in your Windows directory InnoSetupRegFile.0000000001
You should be able to open it with Notepad and look and see what it's trying to do.

No file by that name in the Windows directory.. There is a is-ICDRA.lst and is-ICDRA.msg however.

[AdvancedSetup]

Well it is unlikely dangerous, but since the file does not appear to be there (do you have file set to show hidden files? )

Reconfigure Windows XP to show hidden files:
To enable the viewing of Hidden files follow these steps:

* Close all programs so that you are at your desktop.
* Double-click on the My Computer icon.
* Select the Tools menu and click Folder Options.
* After the new window appears select the View tab.
* Put a checkmark in the checkbox labeled Display the contents of system folders.
* Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
* Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
* Remove the checkmark from the checkbox labeled Hide protected operating system files.
* Press the Apply button and then the OK button and exit My Computer.
* Now your computer is configured to show all hidden files.


If you have not installed anything recently and have rebooted recently then the item should have already been removed on it's own. If it has not then you can remove it on your own. It is set in RunOnce just as the key name implies ONCE, not every time you boot the computer.

[swagger]

Yeah, hidden files/folders, protected system files was shown already... I believe it could be related to CDBurnerXP. I think that was the only program that I have installed in the last week or so since my last shutdown/reboot. I understand it's only going to run once but I wanted to make sure that it should run at all. Cause I have never heard of it or seen it before prior to today and that was just by coincidence (checking CCleaner).