Community
    • Login

    Notepad++ 7.2.1 Detected as W32.670B0FC09E.ab2 in Cisco Sourcefire AMP

    Scheduled Pinned Locked Moved General Discussion
    2 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Tyler GundersonT
      Tyler Gunderson
      last edited by

      Hello!

      It looks like since the release of 7.2.1, Sourcefire AMP is detecting Notepad++ as W32.670B0FC09E.ab2

      It also looks like it sets off a few more alarms in other anti-virus programs as well
      7.2.1:
      https://www.virustotal.com/en/file/670b0fc09e835e91ee66ece0db20d337d73c22d598e21e3d209c75ed87e858f3/analysis/1479852361/
      7.2:
      https://www.virustotal.com/en/file/3283d667aba040858163c58c0c83b6487ce7db88f6265af022d4ee954bc3bdb2/analysis/1479852416/

      I can put it in our whitelist, but I thought I would mention this in case something can be done about this, or if anyone else finds the same thing!

      1 Reply Last reply Reply Quote 0
      • Trevor AndersonT
        Trevor Anderson
        last edited by

        Yes, we are running into this same issue as well.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        The Community of users of the Notepad++ text editor.
        Powered by NodeBB | Contributors