Yuioup Posted September 10, 2016 Share Posted September 10, 2016 Hi, I downloaded the mod today from the official site. When I ran the setup, almost immediately Windows 10 popped up with a message that malware was deteced and removed. This is what it found (information in Dutch, but you can figure it out): PWS: Win32/Lineage.gen!C.dam De volgende fout is opgetreden: Foutcode 0x80508023. Op deze computer zijn geen malware en andere mogelijk ongewenste software gevonden. Categorie: Wachtwoorddief Beschrijving: Dit programma is gevaarlijk, het slaat gebruikerswachtwoorden op. Aanbevolen actie: Deze software onmiddellijk verwijderen. Items: file:C:\GOG\Planescape Torment\setup-ddrawfix.exe Meer informatie over dit item online verkrijgen. https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?name=PWS%3aWin32%2fLineage.gen!C.dam&threatid=2147583492&enterprise=0 I don't know if this is a false positive or if your site is compromised. I would double-check. Link to comment
Yuioup Posted September 10, 2016 Author Share Posted September 10, 2016 It's probably a false positive. Link to comment
Jarno Mikkola Posted September 10, 2016 Share Posted September 10, 2016 I don't know if this is a false positive or if your site is compromised. I would double-check. Well it is, the setup-*modname*.exe is a version of renamed weidu.exe, you can try to pass this error by downloading the latest one from here(it's in the Windows Binary) and hope the idiot that made the virus detection program has set that version to the exception list. Link to comment
AL|EN Posted September 10, 2016 Share Posted September 10, 2016 Items: file:C:\GOG\Planescape Torment\setup-ddrawfix.exe ddrawfix is not Widescreen Link to comment
Jarno Mikkola Posted September 10, 2016 Share Posted September 10, 2016 Items: file:C:\GOG\Planescape Torment\setup-ddrawfix.exe ddrawfix is not Widescreen Yeah, but were you to start one, the Anti-virus program could look the other as it would be replaced(because weidu.exe updates all the files to the same version) and thus give the "there's a breach, kill everything". Link to comment
aqrit Posted September 21, 2016 Share Posted September 21, 2016 I don't know if this is a false positive or if your site is compromised. I would double-check. I just doubled checked my site... the setup-ddrawfix.exe I'm distributing from bitpatch.com is: Identical to the one in my backup from 4 years ago. Identical to the one preserved by the Internet Archive. http://web.archive.org/web/20130515000000*/http://www.weidu.org/~thebigg/WeiDU-Windows-231.zip ¯\_(ツ)_/¯ Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.