Tuesday, September 26, 2006

TOPIC: Yellow dog icon - Is the Scotty doggie safe?
Speaking of viruses...
We just had a slight crisis in the IT department. All of a sudden one of the guys starts asking questions about a little yellow dog icon attached to an EXE file in his C:\WINDOWS\TEMP folder. He deleted the file, but it came back -- with a different filename. Red flag #1. He tracked down the Windows XP Registry entry and deleted it. Upon reboot, the file was recreated (with a different filename) and the registry entry was back. Red flag#2. The file was running as a Network Service -- from the Temp folder. Red flag #3.
To make a long story short... After some intense research, we found that the little Scotty dog icon represents an executable used by Trend Microicon. TM uses this file as part of its security application to keep would-be attackers from killing the browser anti-hijack program. So, if you see a little yellow dog icon in your C:\WINNT\TEMP or C:\WINDOW\TEMP folder, check it out. BUT, if you can't find the culprit AND you (or your company) use Trend Micro, rest assured. Your PC is safe. Anytime you want to be sure, visit a site like TrojanScan or Trend Micro's Housecall to run an online scan (always up-to-date).

No comments: