notedad.exe - Avast didn't pick it up?

I’ve searched the Avast website and this forum but found no information regarding this virus/Trojan/worm…

I Googled the exe and it appears to me, a computer nincompoop, that it is a password stealing Trojan that is used to steal gaming passwords. I couldn’t find too much more about it, other than it looks like the virus has been spreading recently.

First, the Trojan (or whatever) appeared (became active) immediately after I did a full “thorough”" Virus Scan, including archive files with Avast. I had updated the program and definitions immediately before scanning. The virus scan came up clean and I shut the computer down…well, I tried anyway…the computer instead gave me a warning that a file “notedad.exe” was having trouble shutting down.
I cancelled the shutdown procedure and brought the computer back up to see what was up and immediately, Avast shut off, without allowing the resident shield to re-start. I was able to bring the virus scan back online, but it was foiled three times in a row after only a few minutes worth of scanning, only getting a little way through.

Basically, the trouble wasn’t going to go away…then, in the middle of the fourth scan, some odd internet radio talkshow type of thing started coming out of the speakers so I immediately pulled that computer off the network. The sound went away right then.

Any idea why Avast didn’t pick it up OR should it have? If not, should I be running another program alongside Avast to catch stuff like this? We recently lost another computer to a virus…it was running Avast as well…

Here you can read about the removal of this pest:
http://fileinfo.prevx.com/fileinfo.asp?PXC=b35683681052

polonus

I will look into that link closely so thanks for replying!

A couple questions though:
First, was this just sheer coincidence that this issue came up immediatly after the virus scan? Shouldn’t the scan have caught this???

Second, if Avast isn’t enough to catch this issue, which many deem small and simple, is there a different program I should have?

Again, thanks for your reply.

Hi Red Bull RockIt,

No anti-virus will catch every virus- this is because there are now hundreds of viruses and variants emerging every day.

To check which anti-virus programs detect the virus you have, you could submit the file to VirusTotal for analysis: this will tell you which anti-virus programs detect the file and which don’t. (Some detect more files than others, but all miss some files at some point.)

This is why it is vital to avoid viruses in the first place.

Do not click on files downloaded as email attachments, links in emails, links in IM messages or links in any other sort of message- for example in an online game.

Keep your system up to date to avoid silent installation of malware- vulnerable software can be exploited to install Trojans etc. without you even clicking on a file.

When you have cleaned up your computer, scan for out-of-date and insecure software using Secunia Software Inspector and update any vulnerable software: this will help to prevent future infections.

As to the clean up, you could also try the following:

Try a scan with DrWeb CureIT!

Try the usual free adware/spyware scanners.

AVG Anti-Spyware Free (Requires Win2k/XP)
Ad-Aware Free
Spybot Search & Destroy
SUPERAntiSpyware Free
a-Squared Free

Download, install and update all the programs. Disconnect from the internet (pull the plug) before running scans in Safe Mode if possible.

Always select the option to quarantine any malware found rather than delete it, then you will be able to restore files or registry entries wrongly identified as malware- a rare but not unknown event for any malware scanner.

Try some online scans. (Disable avast! while scanning.)

F-Secure
BitDefender
Panda
Trend Micro Housecall

Look for and remove rootkits (hidden malware):

Panda Antirootkit
Blacklight
AVG Anti-Rootkit

If still having problems, post a HijackThis! log.

Good luck!

Thanks for that extra info…that’s helpful for sure. The computer that got infected is my son’s (12 YO) and he only uses it for gaming. Luckilly, what’s on his computer isn’t really important. What scared me was Avast ddn’t catch it and if that’s the case, I want to make sure I shouldn’t be looking at some other protection program if there’s one better. I have two computers running XP, Win Defender, and Avast, all updated every day. We surf as safely as possible (practacalitywise) as well as avoiding downloading stuff from e-mail and such if we suspect it. Still, even the most careful gets nailed from time to time, but I was just surprised that Avast missed something like that, and still hasn’t caught it on re-scan. When we made the jump from AVG to Avast, Avast picked up a couple of trojans that had been buried for a long time on one of my kid’s computers…I was surprised AVG had missed it, but I guess I shouldn’t have been, Norton hadn’t caught it either, we had that before AVG.

I guess it just comes down to luck in some cases…you can’t cover everything!

Does Avast Pro or the other upgraded versions protect from more virus/worms/trojans than the free version?

I guess it just comes down to luck in some cases...you can't cover everything!

Luck is not involved in getting infected, only bad judgement or bad practice. Both are avoidable.

Talk to your son about how viruses can arrive on his computer: make sure he knows not to download or click on suspicious files.

Stress that while playing online games he may be offered files to download, offering game “cheats” or modifications, updates etc. These may well be classic “Trojan horses”: a malicious program masquerading as a useful program. Only download game updates etc. from the publishers site.

There is more information here:

http://www.microsoft.com/protect/default.mspx

Run Secunia Software Inspector on his computer regularly and make sure there is no insecure software present.

Does Avast Pro or the other upgraded versions protect from more virus/worms/trojans than the free version?

No. This is true for AntiVir and AVG but not avast!

As for better detection, you could try AntiVir or Active Virus Shield (AOL/Kaspersky). These two have very good detection of malware, but still not 100%. They may of course have disadvantages compared to avast!

You can compare detection rates at http://www.av-comparatives.org/

Please, be sure you did not let remains of Norton while using avast. Both antivirus will conflict.

  1. Remove NAV through Add/Remove programs from Control Panel. Boot.
  2. Use Symantec removal tool following the three steps defined in the SymNRT tool info or here.
  3. Boot.
  4. Install avast! Boot.
  5. See what you get.

It is for sure there is no AVG or Norton on any of our computers. Every 6-8 months, we wipe the hard drives on all the computers and re-install Windows and our other programs. Each time, I look to see what seems to be working best securitywise and make the jump to that, with ALL of the computers.

Thanks for the advice.