n>tepad.exe

H

Hitman_T

Veteran XX
I opened IE and found this running in the processes. No file can be named n>tepad.exe so wondering what it is. I am going to clean it off but thought I would post this since Google turned up nothing on n>tepad.exe.

Glad I use firefox :)
 
Searched reg for it. Checked HD but since > cannot be used in a filename it was worthless. I ran Spybot (after updates) and then Ad Aware. Each found no more than 3 items. Started IE and n>tepad.exe showed up. Ended it, came back, ended it again and it came back. Dunno how long it has been there but it gets up to around 22MB in resources at a time. I am going to try HiJack This later.
 
Fubar said:
my plan is working beautifully...
Click to expand...


HAHAHAHAHAHAHAHA Man should have seen your signature all over it :p

BTW, searching *pad.exe will return EVERY EXE on your PC. You must mean ??tepad.exe right?

Search in reg for tpad.exe only showed Notepad.exe. I will kill it eventually but I wanted to let you peeps know it is out there. Dunno what it does.
 
If its IE6 you can check the add-in manager. I also recall seeing a registry key that allowed you to specify additional shit to launch with IE when its run.
 
if it is running, it will be in your temp files, delete it there and most spyware out there is stored in the documents and settings folder
 
I would be moving towards virus/trojan activity at this point.

Tell me you have some sort of virus protection installed...
 
The reason why you see a > in the file name is because the virus has added > to a valid win32 character by altering the system font file. What you must do in order to remove this evil virus is go into word and locate your system font file. Next, go through every valid win32 character 1234567890qwertyuiopasdfghjklzxcvbnm.QWERTYUIOPASDFGHJKLZXCVBNM!@#$%^&*()_+-=\|]]}}[[{{;:'"?/, and see if any of those produce a >. When you do locate that character that does a > you will then want to go into rededit and do a search using the char that represents > in place of the >. Once you perform that, you should call techsupport on your manual or a techsupport in the yellowpages and ask them to assist in the removal of that virus. It might cost you 3 - 600 dollars.
 
[57th]cneal said:
The reason why you see a > in the file name is because the virus has added > to a valid win32 character by altering the system font file. What you must do in order to remove this evil virus is go into word and locate your system font file. Next, go through every valid win32 character 1234567890qwertyuiopasdfghjklzxcvbnm.QWERTYUIOPASDFGHJKLZXCVBNM!@#$%^&*()_+-=\|]]}}[[{{;:'"?/, and see if any of those produce a >. When you do locate that character that does a > you will then want to go into rededit and do a search using the char that represents > in place of the >. Once you perform that, you should call techsupport on your manual or a techsupport in the yellowpages and ask them to assist in the removal of that virus. It might cost you 3 - 600 dollars.
Click to expand...

genius, pure genius
 
You must log in or register to reply here.
Back
Top