Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

Notepad.exe


Recommended Posts

Hi Folks,

 

IMF v3.3 has detected "notepad.exe" as an intruder. Following, I am copying the scan register:

OS: Windows XP

Version: 3.3.0.8

Database Version: 1483

Scan Mode:Manual

Time Elapsed: 01:00:21

Objects Scanned: 62332

Threats Found: 1

Save Time: 7/10/2015 09:29:06 a.m.

 

|Name|Type|Description|ID|

Trojan.Agent, FILE, C:\WINDOWS\system32\NOTEPAD.EXe, 4101673

 

Any comment about it?

Is it a "false-positive"? I think so...

 

Regards,

 

Fraulf

Oct. 07, 2015 - 1042H

Link to comment
Share on other sites

Hi fraulf, welcome to IObit Forum! :-)

 

Although notepad.exe is a genuine MS file and it may be false positive, the capital letters in your file (NOTEPAD.EXe) makes me suspicious.

 

Please upload the file to VirusTotal and give the link of the report in your next post.

 

Also, for further investigation by IObit, load the file to Wikisend (compressed as a zip file with password infected) and give the link in your next post.

 

Cheers.

Link to comment
Share on other sites

Hi Enoskype,

 

 

Thinking in that way, the first time when IMF reported the same situation, I copyied the file from another computer, WXP SP3, and "checked" it as you saw: renamed it with capital letters but one, in order to know if the detection is or not a false-positive.

 

Is there any way to warn/correct IMF to do not detect "notepad.exe" again as a Trojan Agent? I mean, as a some kind of "exception".

 

Thank you so much for your help.

 

Regards,

 

 

Fraulf

Link to comment
Share on other sites

  • 3 years later...
  • 4 months later...

Hi Enoskype,

 

 

Thinking in that way, the first time when IMF reported the same situation, I copyied the file from another computer, WXP SP3, and "checked" it as you saw: renamed it with capital letters but one, in order to know if the essay typer tool detection is or not a false-positive.

Is there any way to warn/correct IMF to do not detect "notepad.exe" again as a Trojan Agent? I mean, as a some kind of "exception".

 

Thank you so much for your help.

 

Regards,

 

 

Fraulf

 

I have found a similar issue on malwarebytes forum. I can send you a PM with the solution, because somehow the link cannot be saved here in the thread. Alternatively, you may install DDS and try it as well. It's available on bleepingcomputer or other relevant forums, just google and the first link will be the official one.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...