If you are looking to download the very popular Notepad replacement called Notepad2, be careful of sites created to look official, but actually distribute Notepad2 as an adware bundle.
Today while researching a story on Windows 10 bug with file associations, I needed to download Notepad2 on Windows 10. As this was a fresh install on a virtual machine, I fired up Edge and performed a search for Notepad2 in Bing.
When the search results came back, the first result was for a site called Notepad2.com, which I promptly clicked on. I fully missed that even though Bing was listing this site as the first search result, their knowledge card was stating that the official site is flos-freeware.ch.
It has been a while since I downloaded Notepad2 and while the site looked different and more markety, I just assumed that the developer created a dedicated site for it. The only odd thing I noticed was that the logo they were using was one that was similar to the one for Notepad++.
It wasn’t until I tried to download the executable and ESET blocked the file from being downloaded did I realize something was fishy.
Of course, feeling like a putz for falling for what I always warn people about, I decided to take a look into the site. It wasn’t until I scrolled to the very bottom of the page did I see a statement that this was an “unofficial website dedicated to the opensource software.” It was at that point that I realized the site was clearly created to distribute adware bundles in order to generate a few bucks for the developer.
When downloaded, the installer has the fairly innocent name of Notepad2-x64_1746715231.exe. When executed, though, it is quickly apparent that this is an adware bundle.
When you click Next, you will be shown various offers. On the Windows 10 machine, I was offered Opera and on an Any.Run install I was offered the game War Thunder.
When done installing the offers, it will download a zipped copy of Notepad2 and save it in the Downloads folder.
So what’s the takeaway from this?
That even if think you know how to spot scams, have good knowledge about computer security and malware, and try to be diligent, you can still get yourself in trouble online. Thankfully, I had ESET installed and it was able to block the setup as I would have ruined my freshly installed virtual machine that I had not created a snapshot of as of yet.
So be careful out there, and unlike me, do more research before downloading software unless you know it’s coming from a reputable source, which is preferably the developer’s site.