Jump to content

Malware detected! PWS: Win32/Lineage.gen!C.dam


Yuioup

Recommended Posts

Hi,

 

I downloaded the mod today from the official site. When I ran the setup, almost immediately Windows 10 popped up with a message that malware was deteced and removed.

 

This is what it found (information in Dutch, but you can figure it out):

 

PWS: Win32/Lineage.gen!C.dam

De volgende fout is opgetreden: Foutcode 0x80508023. Op deze computer zijn geen malware en andere mogelijk ongewenste software gevonden.
Categorie: Wachtwoorddief
Beschrijving: Dit programma is gevaarlijk, het slaat gebruikerswachtwoorden op.
Aanbevolen actie: Deze software onmiddellijk verwijderen.
Items:
file:C:\GOG\Planescape Torment\setup-ddrawfix.exe
Meer informatie over dit item online verkrijgen.

https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=PWS%3aWin32%2fLineage.gen!C.dam&threatid=2147583492&enterprise=0

I don't know if this is a false positive or if your site is compromised. I would double-check.

Link to comment

I don't know if this is a false positive or if your site is compromised. I would double-check.

Well it is, the setup-*modname*.exe is a version of renamed weidu.exe, you can try to pass this error by downloading the latest one from here(it's in the Windows Binary) and hope the idiot that made the virus detection program has set that version to the exception list.

Link to comment
Items: 
file:C:\GOG\Planescape Torment\setup-ddrawfix.exe

ddrawfix is not Widescreen

Yeah, but were you to start one, the Anti-virus program could look the other as it would be replaced(because weidu.exe updates all the files to the same version) and thus give the "there's a breach, kill everything".

Link to comment
I don't know if this is a false positive or if your site is compromised. I would double-check.

 

I just doubled checked my site... the setup-ddrawfix.exe I'm distributing from bitpatch.com is:

Identical to the one in my backup from 4 years ago.

Identical to the one preserved by the Internet Archive.

http://web.archive.org/web/20130515000000*/http://www.weidu.org/~thebigg/WeiDU-Windows-231.zip

 

¯\_(ツ)_/¯

Link to comment

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...