Trojan:Trojan.GenericKD.3016333 - Ransomware
twgiu last edited by
After submitting the notepad ++. Exe file to virustotal.com, this one informed the executable contains a virus (Trojan.Malware.7164915.susgen), does anyone know if this is true or a false positive?
Notepad++ v7.9 (32-bit) ou 7.9.1
Based on information collected on the internet and some antivirus, the version 7.9 and 7.9.1, contain ransoware malware. Development alone cannot do encryption. It is only done if another file exists in the operating system. I recommend that you watch this video (https://www.youtube.com/watch?v=zWkYjmgsnAU) and, if you think it’s relevant, remove both installers.
Hi @twgiu I just downloaded the 32-bit version of Notepad++ from the official website (https://notepad-plus-plus.org/downloads/v7.9.1/) and sent notepad++.exe to virustotal. One of the 72 engines detected malware (Trojan.Generic.giteg). I also uploaded the 64-bit version and it was clean.
Being only one engine, named Jiangmin, that detected the virus I’d would be inclined to say that it is a false positive. If possible you can test the 64-bit version and if it results clean, then use that version?
For peace of mind you can also post an issue in github (https://github.com/notepad-plus-plus/notepad-plus-plus) where notepad++ developers could confirm whether the downloads are legit or not.