Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer

Notepad.exe


Recommended Posts

Hi Folks,

 

IMF v3.3 has detected "notepad.exe" as an intruder. Following, I am copying the scan register:

OS: Windows XP

Version: 3.3.0.8

Database Version: 1483

Scan Mode:Manual

Time Elapsed: 01:00:21

Objects Scanned: 62332

Threats Found: 1

Save Time: 7/10/2015 09:29:06 a.m.

 

|Name|Type|Description|ID|

Trojan.Agent, FILE, C:\WINDOWS\system32\NOTEPAD.EXe, 4101673

 

Any comment about it?

Is it a "false-positive"? I think so...

 

Regards,

 

Fraulf

Oct. 07, 2015 - 1042H

Link to comment
Share on other sites

Hi fraulf, welcome to IObit Forum! :-)

 

Although notepad.exe is a genuine MS file and it may be false positive, the capital letters in your file (NOTEPAD.EXe) makes me suspicious.

 

Please upload the file to VirusTotal and give the link of the report in your next post.

 

Also, for further investigation by IObit, load the file to Wikisend (compressed as a zip file with password infected) and give the link in your next post.

 

Cheers.

Link to comment
Share on other sites

Hi Enoskype,

 

 

Thinking in that way, the first time when IMF reported the same situation, I copyied the file from another computer, WXP SP3, and "checked" it as you saw: renamed it with capital letters but one, in order to know if the detection is or not a false-positive.

 

Is there any way to warn/correct IMF to do not detect "notepad.exe" again as a Trojan Agent? I mean, as a some kind of "exception".

 

Thank you so much for your help.

 

Regards,

 

 

Fraulf

Link to comment
Share on other sites

  • 3 years later...
  • 4 months later...

Hi Enoskype,

 

 

Thinking in that way, the first time when IMF reported the same situation, I copyied the file from another computer, WXP SP3, and "checked" it as you saw: renamed it with capital letters but one, in order to know if the essay typer tool detection is or not a false-positive.

Is there any way to warn/correct IMF to do not detect "notepad.exe" again as a Trojan Agent? I mean, as a some kind of "exception".

 

Thank you so much for your help.

 

Regards,

 

 

Fraulf

 

I have found a similar issue on malwarebytes forum. I can send you a PM with the solution, because somehow the link cannot be saved here in the thread. Alternatively, you may install DDS and try it as well. It's available on bleepingcomputer or other relevant forums, just google and the first link will be the official one.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...