BreadCrumbs: What is this program
What is this program
From Luke Jackson
(Difference between revisions)
Revision as of 19:31, 11 April 2007 (edit) Ljackson (Talk | contribs) ← Previous diff |
Revision as of 19:45, 11 April 2007 (edit) Ljackson (Talk | contribs) Next diff → |
||
Line 9: | Line 9: | ||
Please keep in mind that there are viruses that use similar tactics to conceal them selfs. If the file is not exactly as described above it is most likely a virus. Please only use this as a reference and conduct your own investigation on the suspect file(s). | Please keep in mind that there are viruses that use similar tactics to conceal them selfs. If the file is not exactly as described above it is most likely a virus. Please only use this as a reference and conduct your own investigation on the suspect file(s). | ||
+ | |||
+ | == Sources == | ||
+ | |||
+ | http://forums.majorgeeks.com/archive/index.php/t-43052 | ||
+ | http://forums.majorgeeks.com/archive/index.php/t-43052 | ||
+ | |||
[[Category:Windows XP]] | [[Category:Windows XP]] | ||
[[Category:Windows 2003 Server]] | [[Category:Windows 2003 Server]] |
Revision as of 19:45, 11 April 2007
Dog icon, 169k in size, random filenames, C:\Windows\Temp folder
This is an extension of the Trend Micro Office Scan application. It runs in this manner to protect it's self from attack. You can be sure this is a Trend Micro file by the following criteria:
- Randomized and capitalized 6 character alphanumeric filename ending in .EXE
- Process icon is a brown running dog
- File size is 169 kilobytes
- Location is C:\Windows\Temp\
Please keep in mind that there are viruses that use similar tactics to conceal them selfs. If the file is not exactly as described above it is most likely a virus. Please only use this as a reference and conduct your own investigation on the suspect file(s).
Sources
http://forums.majorgeeks.com/archive/index.php/t-43052 http://forums.majorgeeks.com/archive/index.php/t-43052