Community

    • Login
    • Search
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Search
    1. Home
    2. Security
    Log in to post
    • Newest to Oldest
    • Oldest to Newest
    • Most Posts
    • Most Votes
    • Most Views
    • Gary Collier

      License Fee
      • Gary Collier

      6
      0
      Votes
      6
      Posts
      145
      Views

      Coises

      @Gary-Collier said in License Fee:

      installation of unpaid and unlicensed software is prohibited.

      Who (allegedly) prohibits it? If it is an entity within your company, perhaps a more fruitful avenue would be to ask them to clarify their position on Free and Open Source Software, as the policy you were taught appears ambiguous. If the intent is to claim that it is prohibited by law, then the training material should be clarified, as it can be misunderstood to encompass Free and Open Source Software (installation of which is most certainly not prohibited by law).

      Note that not all free software is Free and Open Source Software. Some products are free for personal use but require a license when used in business, government, etc. The trainers might have intended to indicate that it is your responsibility to be sure any software you install does not require a license to be used in the applicable context, even if it would be free for your personal use. Clarification would still be in order.

    • Robbert Jan van der Meer

      .bak file - security risk
      • Robbert Jan van der Meer

      2
      0
      Votes
      2
      Posts
      171
      Views

      Ekopalypse

      @Robbert-Jan-van-der-Meer

      Then don’t upload it?!!
      And storing passwords in plain text in files is not what you should do anyway.

    • Bgnm Indo

      fake web site and trojan
      • Bgnm Indo

      3
      0
      Votes
      3
      Posts
      162
      Views

      balonchino

      @Bgnm-Indo, what did you do to clean your system?.
      Thanks

    • Marvin Lorenzo

      Fake Notepad++ website
      • Marvin Lorenzo

      15
      1
      Votes
      15
      Posts
      814
      Views

      PeterJones

      @datatraveller1 said in Fake Notepad++ website:

      Hi @PeterJones
      Yes, strangely I also don’t get these “Ad” links anymore I used to get a few hours ago with my google search.

      I think you can “report” such ads to Google, and they can take action, because it is in Google’s best interests to not be advertising dangerous sites and malware-“copies” of real software. presumably something like that happened. In the future, you might look into the ▼ menu that Google provides on such ads, and see if it has a “report” option.

    • zeta orionis

      is it false positive?
      notepad++ • • zeta orionis

      2
      0
      Votes
      2
      Posts
      139
      Views

      PeterJones

      @zeta-orionis ,

      Viruses often masquerade themselves as installers (or embed themselves into standard installer executables or msi’s, like the NSIS installer that Notepad++ uses). So sometimes virus scanners associate the “signature” of normal/safe code of an NSIS installer as part of that virus, which then means the antivirus will flag any NSIS-based installer, like Notepad++. Usually they get enough complaints of false-positives that they fix their definitions pretty quickly. But it doesn’t always happen.

      (Either that, or you didn’t download the Notepad++ from an official source – either from the “announcements” thread in this forum, directly from https://notepad-plus-plus.org/downloads/, or from https://github.com/notepad-plus-plus/notepad-plus-plus/ . Anyplace else is not supported and not guaranteed or warranteed.)

    • Adriana Maria Pardo Maldonado

      Trojan.Rozena.Win32.164323_npp.8.4.6.Installer.x64.exe
      • Adriana Maria Pardo Maldonado

      4
      0
      Votes
      4
      Posts
      530
      Views

      Adriana Maria Pardo Maldonado

      @PeterJones Hi Peter,
      Thanks for the answer, I downloaded the file from this URL:
      https://notepad-plus-plus.org/downloads/

    • Michelle Chen

      My company wants to disable note++ as admin
      • Michelle Chen

      5
      0
      Votes
      5
      Posts
      426
      Views

      Michelle Chen

      @Terry-R Thank you for answering my questions.
      Though my company recently took away our PC administrator right, I can see the files which I was allow to view in the windows explore. So I guess that I do not need to tun Notepad++ as “admin” in order to be able to search key words crossing files as I always do.

      I do not need to search any network drivers mapped.

    • ?

      Why can't I sign up with a Notepad++ Forum Account?
      • A Former User

      4
      0
      Votes
      4
      Posts
      305
      Views

      PeterJones

      The original user appears to have deleted their account.

      Had they stayed, my response would have been that privacy is addressed in the FAQ. And as mentioned there, it is simple enough to sign up for an account with one or more of the OAUTH providers that gives the OAUTH provider no private information, so that the OAUTH provider cannot provide this Community Forum with any private information.

      For future readers: changing the password does nothing, because there is no username/password login available. (The forum software will not allow us to hide that setting)

    • timint01

      Community Digest fails SPF, DKIM DMARC
      • timint01

      2
      0
      Votes
      2
      Posts
      287
      Views

      No one has replied

    • UraniumCookie

      Notepad++ - Fake website ?
      • UraniumCookie

      2
      2
      Votes
      2
      Posts
      717
      Views

      PeterJones

      @uraniumcookie ,

      That is an impersonation/spoof site. Do not trust downloads of Notepad++ from anyplace but notepad-plus-plus.org or github.com/notepad-plus-plus/notepad-plus-plus

    • jonathandl2

      Compare plugin detected as malicious by both JoeSandbox and Crowdstrike Falcon
      • jonathandl2

      5
      0
      Votes
      5
      Posts
      971
      Views

      jonathandl2

      @rdipardo said in Compare plugin detected as malicious by both JoeSandbox and Crowdstrike Falcon:

      …it unpacks portable versins of sqlite3 and git2, which it needs to function; but these are flagged as potentially malicious “stowaways”:

      Persistence and Installation Behavior

      Drops PE files

      Source: C:\Windows\SysWOW64\7za.exe
      File created: C:\Users\user\Desktop\extract\ComparePlugin\sqlite3.dll

      Source: C:\Windows\SysWOW64\7za.exe
      File created: C:\Users\user\Desktop\extract\ComparePlugin\git2.dll

      Source: C:\Windows\SysWOW64\7za.exe
      File created: C:\Users\user\Desktop\extract\ComparePlugin.dll

      Yes. It appears the sqlite3.dll and git2.dll files are the ones actually causing the Hybrid-Analysis sandbox to register the whole .zip as malicious as well. Not sure the best way to test them to verify they are good…

    • Serge Adourian

      notepad.exe keeps running in Task Manager
      • Serge Adourian

      4
      0
      Votes
      4
      Posts
      548
      Views

      ?

      @serge-adourian Don’t download NPP from an unofficial site

    • Digital Streaming

      VirusTotal.Com Analysis of npp.8.1.9.2.Installer.x64.exe Reports "Detects executables signed with stolen, revoked or invalid certificates"
      • Digital Streaming

      11
      0
      Votes
      11
      Posts
      1183
      Views

      Digital Streaming

      @imspecial said in VirusTotal.Com Analysis of npp.8.1.9.2.Installer.x64.exe Reports "Detects executables signed with stolen, revoked or invalid certificates":

      Maybe this has something to do with this?

      https://www.bleepingcomputer.com/news/security/malicious-notepad-plus-plus-installers-push-strongpity-malware/

      If that is the case, then that is on the user for not downloading it from official/reputable places and has nothing to do with Notepad++ really, as it has no control on where the user get these files from.

      Actually I was just addressing what I quoted above. I thought it would be a good idea to get your feedback on the file’s hash and the location of the download which I included in the original post.

      Thx

    • Hart BrownYT

      Log4j Vulnerability
      • Hart BrownYT

      4
      0
      Votes
      4
      Posts
      4220
      Views

      Hart BrownYT

      @peterjones Thanks!

    • pjamesburwell

      Where did always open in Administrator Mode go in the later Notepad++ Context Menu?
      • pjamesburwell

      2
      0
      Votes
      2
      Posts
      409
      Views

      PeterJones

      @pjamesburwell ,

      Sorry, I don’t recall in my decade or more of using Notepad++ ever seeing an always-open-in-administrator-mode right-click option.

      If you want that to always be the case, you might be able to use Windows OS techniques to accomplish it: right click on the Notepad++.exe executable, and go to the Compatibility tab, and select the appropriate checkbox on that tab. I think that will make it so Notepad++ will always open in Admin mode, even called from a shortcut or a right-click context “open file”/“open file with” action. But Admin mode is controlled by the OS, not by the application, so the final word has to come from the OS.

    • vmars vernon

      How to NOT show STX code on text page ?
      contro characte stx • • vmars vernon

      4
      0
      Votes
      4
      Posts
      1615
      Views

      vmars vernon

      @PeterJones
      or by using the newer way (which is so much easier) of just having the image in your copy buffer and pasting it in your reply, which will host the image on our server, so IT departments will be less likely to block it – and that way it would still be a valid image

      264174d9-dacd-4da7-9f4e-39cac0b30413-image.png

      Thanks Peter

    • Michael L.E.

      Checksums
      • Michael L.E.

      2
      0
      Votes
      2
      Posts
      495
      Views

      Terry R

      @Michael-L-E said in Checksums:

      Can anybody tell me why the SHA1, SHA256, and MD5 checksums aren’t available to compare with the downloads?

      There does appear to be SHA256 info available for the 8.1.3 version. Look here, about half way down the site’s page. Titled Integrity & Authenticity validation.

      Terry

    • Mike Geubel

      Prevent access to local drives or command prompt
      • Mike Geubel

      2
      0
      Votes
      2
      Posts
      224
      Views

      Alan Kilborn

      @Mike-Geubel

      Not 100% sure of what you’re asking, but it sounds like you want Notepad++ to be the shepherd of access to other things on the PC it is installed upon?

      If so, it is not reasonable. That’s the operating system’s job. You should look into setting that up via the OS.

    • Jnoel111

      Need someone to validate 2 files from notepad ++ updater
      • Jnoel111

      2
      0
      Votes
      2
      Posts
      222
      Views

      PeterJones

      @Jnoel111 ,

      Last-modified dates can be changed for reasons that don’t seem like the file being “modified” to mere mortals.

      I found no documentation on this change

      The executables and DLLs that ship with Notepad++ (including the updater and the plugin list) generally get updated with every release.

      v7.8.7 was released June 8, 2020 . The zipfile version of the v7.8.7 downloads shows dates of 6/4/2020 for those files. But, like I said, the install process itself, or otherwise touching the files even if they weren’t modified, may have changed the dates.

      If you’re worried that your files have been changed from the official distribution, you could download the zipfile version (make sure to grab the correct 32bit or 64bit, depending on your current installation) from the official download page, and do a comparison of the “modified” files vs the files in the zipfile – or just overwrite the files in your installation with the files from the zipfile to be sure.

      Or just grab the most recent v7.9.5 download and install the newest version to get the most recent enhancements and bug fixes.

    • Aleksandr Baghramyan

      VirusTotal Detects a Malware in the Official npp.7.9.5.Installer.x64.exe
      • Aleksandr Baghramyan

      9
      4
      Votes
      9
      Posts
      1074
      Views

      PeterJones

      I just told https://www.virustotal.com/gui/file/4881548cd86491b453520e83c19292c93b9c6ce485a1f9eb9301e3913a9baced/detection to re-scan, and this time it came up clean, but the Zillya scanner is no longer listed… so presumably sites that still use the zillya scanner will continue to get false positives.

      @b00kgrrl , I don’t know if it’s possible to update your Windows Security / Windows Defender / whatever’s doing the scan, but maybe you could scan the installer again, and see if you can make it work without triggering Windows Security alert.

    Copyright © 2014 NodeBB Forums | Contributors