Trojan Dropper - Page 1 - Computers, Gadgets & Stuff

Original Poster

91,609 posts

289 months

Monday 24th May 2004

This is odd. Three times today I've had a NAV alert for Trojan Dropper pop up, yet I wasn't doing anything on the internet. Yes, I'm on broadband, but I wasn't surfing or receiving e-mail.

It says it's in Windowssystem32 otepad.exe. I can find the file (24Kb) I'm not sure if I should delete it.

I wasn't even using Notepad when the alert happened. Can anyone tell me what's going on?

BrianTheYank

7,585 posts

274 months

Monday 24th May 2004

try clearing out your temporary internet files
find it under tools=> internet options

I was getting this alert for a trojan a few times and hour a while back and when I cleared it out it worked.

Original Poster

91,609 posts

289 months

Monday 24th May 2004

Thanks Brian - I've just loosed Window Washer 5.0 so we'll see what heppens tomorrow!

KITT

5,345 posts

265 months

Wednesday 26th May 2004

I had this one yesterday. Unfortunatly my boss is too tight to buy the company a decent virus checker so we're stuck with some ancient version of Norton Antivirus which didn't pick it up. So I downloaded AVG (which is free!) and hey presto picked up 40

infected files and fixed them all

_dobbo_

14,619 posts

272 months

Wednesday 26th May 2004

KITT said:
I. So I downloaded AVG (which is free!) and hey presto picked up 40 infected files and fixed them all

If it's on your work PC then it's not free - it's only free for non commercial use....

BrianTheYank

7,585 posts

274 months

Wednesday 26th May 2004

Simpo, you got it all fixed now?

Original Poster

91,609 posts

289 months

Wednesday 26th May 2004

BrianTheYank said:
Simpo, you got it all fixed now?

Seems OK so far - thanks!
Odd.

KITT

5,345 posts

265 months

Wednesday 26th May 2004

_dobbo_ said:
If it's on your work PC then it's not free - it's only free for non commercial use....

Hence I persauded my boss it's a good idea to buy it for all our PCs (only 5 of them!)

I figured it was going to take an actual virus attack for him to realise that we weren't adequately protected

Original Poster

91,609 posts

289 months

Thursday 27th May 2004

The damn thing is back - the alert appeared when I went to Canford Audio's website, but this may be coincidental.

The infected file is notepad.exe, but at only 24Kb I can't think it's an exe *and* a virus? Perhaps it's a spoof file?

It won't let me delete it, and it's dated 25 May 2004 - much later than the surrounding files.

Suggestions anyone?

anonymous-user

78 months

Thursday 27th May 2004

Safe mode and run a full system scan.

If that doesn't pick it up, delete it whilst in safe mode.

Original Poster

91,609 posts

289 months

Thursday 27th May 2004

Thanks Lex, I used safe mode and put it in the recycle bin.

Thing is, now Notepad doesn't work. Can I just get a friend to send me a replacement notepad.exe (zipped)? I have WordPad - perhaps I can afford to lose NotePad?

Norton can't repair the file.

KITT

5,345 posts

265 months

Thursday 27th May 2004

I had to reinstall media player after it was attacked by the dropper virus. WIth notepad you can simply copy a mates notepad.exe but make sure it's from the same version of Windows as I think they differer slightly.

anonymous-user

78 months

Thursday 27th May 2004

This should sort you out: http://support.microsoft.com/default.aspx?scid=kb;en-us;286363

_dobbo_

14,619 posts

272 months