Notepad++ v7.5.2 is detected as Trojan
-
Notepad++ v7.5.2 x86 is detected as Trojan from Malwarebytes Premium v3.2.2 using Windows 10 Fall Creators Update x64.
Scan results
Registry Key: 1
Trojan.FakeNPP, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Notepad++, No Action By User, [3199], [65982],1.0.3363File: 2
Trojan.FakeNPP, C:\PROGRAM FILES (X86)\NOTEPAD++\UNINSTALL.EXE, No Action By User, [3199], [65982],1.0.3363
Trojan.FakeNPP, C:\USERS\DAVID\DOWNLOADS\NOTEPAD++ V7.5.2.RAR, No Action By User, [3199], [65982],1.0.3363 -
The results at virustotal.com say 1/67 i.e. detected as Trojan.FakeNPP by Malwarebytes but not detected by 66 other engines.
SHA-256 4d8970e13c7d93eede4f460ce9dd49979ff5230d63583cc06a569060e33ff275
Sounds like a false positive by Malwarebytes at this stage.
-
If it false result by Malwarebytes then why doesn’t it detect any from notepad++ v7.5.1. I’ve downgraded until the author fixes the trojan problem.
-
@David-Tee
even 7.5.1 triggers a false positiveupload your current notepad++ xml.xml file to www.virustotal.com (Notepad++\plugins\APIs\xml.xml)
Webroot will find W32.Rogue.Gen, even though it is just a clean, pure text, xml filefor the fun of it, you could edit a copy of your xml.xml file and reupload it to virustotal, to find out which text part triggers this false alarm
-
may I ask you from where you’ve downloaded notepad++?
The reason why I’m asking is that, afaik, you only get a .zip, .7z or .exe
from the official download page but no .rar.Cheers
Claudia -
Hi,
I had the same issue as David, and there were more detection at Virustotal, but not enough to worry.
My download was a .exe fileSo, it might be a false alarm, but… I deleted it and rolled back to the previous version, and then I ran a high level scan with Kaspersky
Have a Nice Day Yves.
-
@Claudia-Frank I downloaded from it official site as .exe file and with every programs I use I always zip it with winrar and keep them as backup. I can’t install v7.5.2 at all. I also had submitted a report about this to Malwarebytes as well.
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login