Community
    • Login

    Notepad v8.8.2 32-bit installer: virus or malware detected

    Scheduled Pinned Locked Moved Security
    4 Posts 4 Posters 8.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Brian DickensB
      Brian Dickens
      last edited by

      When downloading the installer for the 32-bit version of Notepad, Firefox popped up a warning that it contains a virus or malware.

      I put the installer through Virustotal.com and got 27 detections out of 72 scanners: https://www.virustotal.com/gui/file/179613870a9ffc646b77918701481c8ffdae1c82e06cbc7ea7d42af3d1c9e5e2

      Is this a false positive or is something actually going on?

      xomxX 1 Reply Last reply Reply Quote 0
      • xomxX
        xomx @Brian Dickens
        last edited by

        @Brian-Dickens

        https://community.notepad-plus-plus.org/post/102220

        As I said, without the N++ digital signature, stupid AVs go nuts.

        The number of false positives from AVs is so high because in the past, many attackers probably have also used the free, open source NSIS for their purposes.

        1 Reply Last reply Reply Quote 4
        • PeterJonesP PeterJones forked this topic on
        • PeterJonesP PeterJones referenced this topic on
        • PeterJonesP PeterJones referenced this topic on
        • TaviT
          Tavi
          last edited by

          Could you please confirm if this issue is related to the notepad++ hijack news dated 2nd Feb 2026?

          PeterJonesP 1 Reply Last reply Reply Quote 0
          • PeterJonesP
            PeterJones @Tavi
            last edited by PeterJones

            @Tavi ,

            As far as I can tell, they were unrelated. Scanners such as VirusTotal look at the executable itself, and last year were being triggered by the lack of signing and the self-signing of the executable.

            please confirm if this issue is related to the notepad++ hijack news dated 2nd Feb 2026?

            The issue you are referring to, as linked here and described in detail here specifically said,

            the compromise occured at the hosting provider level rather than through vulnerabilities in Notepad++ code itself.

            This was a website hack, and VirusTotal and other such AV scans do not detect website hacks, as far as I understand them.

            1 Reply Last reply Reply Quote 1
            • First post
              Last post
            The Community of users of the Notepad++ text editor.
            Powered by NodeBB | Contributors