Fake Notepad++ website
-
I just unwittingly downloaded notepad-main.zip from
notepad DOT di-kr DOT comand executed the exe file in it. Nothing happened. I scanned my PC using windows defender and malwarebyte and it did not detect anything. Can you advise what should I do?moderator edit: change the URL to a hint about the site instead of a link, to avoid directing a lot of traffic to that other site; no need to boost the numbers on a non-official source
-
Delete it. Only install Notepad++ from official sources. Even if you were lucky enough to not get a virus or malware, the Notepad++ developers do not support copies of Notepad++ downloaded from anyplace that’s not on the official github repo (https://github.com/notepad-plus-plus/notepad-plus-plus/) or from the notepad-plus-plus.org domain (https://notepad-plus-plus.org/downloads/ or http://download.notepad-plus-plus.org/repository/).
-
@Marvin-Lorenzo said in Fake Notepad++ website:
unwittingly downloaded
This is dubious.
You knew what you were doing.
If you are going to download Notepad++, why would you not go to its site and do it there? -
@Alan-Kilborn at that time, that fake notepad++ website was first in the google search result. The download page looks exactly the same and I didn’t bother check the url.
-
Ah, okay, that makes more sense I suppose.
I would seriously suspect that your system is compromised now, perhaps very compromised. -
Hmm, I just did two searches, in both Google and DuckDuckGo on
Notepad++and both had the listing on the left start with the official site, plus on the right hand a link to the official site with some Wikipedia information.What kind of search are you using? What was the search term? Also, what are your settings and what is the browser you’re using? I don’t use anything but Mozilla Firefox with adblocking.
-
@Lycan-Thrope said in Fake Notepad++ website:
Hmm, I just did two searches, in both Google and DuckDuckGo on
Notepad++and both had the listing on the left start with the official site, plus on the right hand a link to the official site with some Wikipedia information.What kind of search are you using? What was the search term? Also, what are your settings and what is the browser you’re using? I don’t use anything but Mozilla Firefox with adblocking.
This is major.
I just did what original poster did. And I used google search.
printscreen attached.
I can now only hope that my AV solution stopped this thread as it said it did.
but it was a multiple minute fight between my AV and this file. -
and threat detected is
\Desktop\Notepad++Setup\Notepad++Setup_1.exe has been detected as infected with Gen:Suspicious.Cloud.4.@xZ@ayqe0Kni. -
@Ajdin-Alibegovic ,
I should have mentioned, that I also use DuckDuckGo, instead of Google, most of the time, anyway…just because of that kind of tomfoolery.
As you’ll notice from my below screenshots, both using FireFox with AdBlock on, using Google and DuckDuckGo, I get basically the same result. Besides the misname sites, I hate Ads on the wire I pay for on the computer I pay for…and if my wife would let me, I’d cancel Philo on the Roku because I have to pay for that, and I get ads. Could you tell I hate ads free riding on my dime? :)Google:
DuckDuckGo:
I hope this will help other users to start being proactive about avoiding phishing links in a commercially motivated search site. :) DuckDuckGo, won’t even let you open a window when you right click on one that is listed as an “ad”. :)
-
Another hint: If I google for Notepad++, the first result I get is
https colon slash slash notepaad dot masterkariyer dot com slash
Does anybody know anything about this website?edit: moderator obfuscated link to potentially dangerous external website
-
@datatraveller1 said in Fake Notepad++ website:
Does anybody know anything about this website?
it’s not Notepad++'s official website, and thus you shouldn’t visit it.
And please do not post links to suspect websites in the forum. That just increases their “score” for search engines, and directs more traffic to them.
-
@Ajdin-Alibegovic , @datatraveller1 , and others:
I cannot replicate your search results. Whether I use my normal Chrome instance (which has all my cookies) or whether I use an Incognito Chrome (which has no cookies, and the Google search engine thus thinks I’m a fresh victim) or whether I use a Firefox In Private window (again, no cookies, so the search engine sees an unknown user), or whether I use a portable browser that doesn’t have any cookies set from any normal site, I get an official Notepad++ URL as the first result on Google, without any of those ads for dangerous sites.
(I might say that in Chrome, it might be because my adblocker software protects me; but I just confirmed that in the Firefox In Private window, there are no extensions/plugins/etc installed, so it cannot be an ad-blocker there; and my portable browser doesn’t have such, either.)
The only thing I can think is that your collection of cookies in your browser of choice, plus your browsing history on Google, has trained the Google-AI that you like going to those dangerous sites, and you like getting the ads for spoof download sites. So my advice to you would be to clear your browsing history, cache, and cookies… and see if you can convince Google to forget your search history, and see if you can start with a blank slate and see if your search results get cleaned up. (This has the negative side effect of requiring you to re-login to a bunch of sites, and will clear your Wordle stats, which would be rather unfortunate. But it might be worth the hassle if it cleans up your search results. Maybe try from an Incognito/Private window first, before doing something that drastic). If it doesn’t clean up your search results, then you might want to install (better) adblocker software on your browser and (better) antivirus/antimalware on your computer, and to start taking an active approach in not clicking on links that don’t look like the official site for the application.
-
Hi @PeterJones
Yes, strangely I also don’t get these “Ad” links anymore I used to get a few hours ago with my google search. -
@datatraveller1 said in Fake Notepad++ website:
Hi @PeterJones
Yes, strangely I also don’t get these “Ad” links anymore I used to get a few hours ago with my google search.I think you can “report” such ads to Google, and they can take action, because it is in Google’s best interests to not be advertising dangerous sites and malware-“copies” of real software. presumably something like that happened. In the future, you might look into the ▼ menu that Google provides on such ads, and see if it has a “report” option.
-
This post is deleted! -
These were paid ads… malware developers sometimes buy advertising on Google
