CastleCops, Internet Crime Fighters
Need help? Click here to register for free! Absolutely zero advertisements on this site!

$9736.22 of $21422.68
left sidedonated so farneed $11686.46 donated to reach our goalright side, our goal
Help CastleCops serve the community on new servers, Donate Here to reach our goal.

Donation/Premium
spacer
Donations. Become Premium Today! Premium Icon
block bottom
Security Central
spacer
· Home
· PIRT/Fried Phish
· MIRT
· SIRT
· Deutsch
· Wiki
· Newsletter
· O16/ActiveX
· CLSID List
· Contest2007
· Downloads
· Feedback (send)
· Forums
· HijackThis
· Hijacktrend
· LSPs
· My Downloads
· O18
· O20
· O21
· O22
· O23
· O9
· Premium
· Private Messages
· Proxomitron
· Reviews
· Search
· StartupList
· Stories Archive
· Submit News
· WsIRT
· Your Account
· Acceptable Use Policy
block bottom
Survey
spacer
Was 2007 a good year?

Yes it was a wonderful year
Yes, but there is always room for improvement
Status quo
It was a challenge
Other (leave comment)



Results
Polls

Votes: 937
Comments: 25
block bottom
spacer spacer
 Forum FAQForum FAQ   SearchSearch   UsergroupsUsergroups   ProfileProfile   Login to check your private messagesLogin to check your private messages   LoginLogin   Your Favorite ForumsSelect FavForums 

Dot.exe in StartUp

 
Post new topic   Reply to topic       All -> FavForums -> Startup Programs [del.icio.us!] [digg it!] [reddit!]
View previous topic :: View next topic  
Author Message
swatkat

Security Expert


Joined: Mar 04, 2005
Posts: 2036
Location: India
MVP RootKit Detection Hosts Rootkit Experts Security Experts

PostPosted: Mon Apr 11, 2005 8:10 pm    Post subject: Dot.exe in StartUp
Reply with quote

While inspecting a HijackThis log, i came across this file named dot.exe which was a 04 entry in HijackThis.
Kaspersky Online file scanner detected it as AdWare.180Solutions. And, Norton AV also detected it as 180Solutions. I searched the Startup list, and i did not find this file, so i thought of putting this here!

Link to original thread
Back to top
View users profile Send private message Visit posters website
TonyKlein

Site Moderator
Microsoft MVP

Joined: Oct 15, 2002
Posts: 13113
Location: Netherlands
MIRT Moderators MVP Premium Security Experts

PostPosted: Tue Apr 12, 2005 5:27 pm    Post subject:
Reply with quote

Thanks, but I need to know a little more before I can add it to the List.

For starters we need to make sure this isn't an executable sporting a random file name.

A good start would be a link to the forum topic that has the log in question.

Thanks! Smile


_________________
Tony image CLSID List
Back to top
View users profile Send private message
swatkat

Security Expert


Joined: Mar 04, 2005
Posts: 2036
Location: India
MVP RootKit Detection Hosts Rootkit Experts Security Experts

PostPosted: Tue Apr 12, 2005 7:23 pm    Post subject:
Reply with quote

Yes, there is a possibilty that it may be a random filename!
Link is give above, but it's in another forum (if you dont mind!) Smile


_________________
Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.
- Albert Einstein
Back to top
View users profile Send private message Visit posters website
TonyKlein

Site Moderator
Microsoft MVP

Joined: Oct 15, 2002
Posts: 13113
Location: Netherlands
MIRT Moderators MVP Premium Security Experts

PostPosted: Tue Apr 12, 2005 7:41 pm    Post subject:
Reply with quote

I overlooked the link, sorry about that...

There's not (yet) a single Google hit for that startup combination, so I suggest we wait a little until maybe another few instances will surface. Smile


_________________
Tony image CLSID List
Back to top
View users profile Send private message
Display posts from previous:   
Post new topic   Reply to topic       All -> FavForums -> Startup Programs All times are GMT
Page 1 of 1

 
Quick Reply:
Username: 

Quote the last message
Attach signature (signatures can be changed in profile)
 
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001 phpBB Group
2002-2008 © Computer Cops LLC dba CastleCops®. All rights reserved.
Acceptable Use Policy. Use signifies your agreement.
98ppm 0.415s (0.13s)
Making cybercriminals unhappy since 2002*
In Memory of Trpm
spacer spacer