Re: WinDirStat detected as trojan … rightly so

Submitted the trojanized file to a number of AVs and they are catching up as can be witnessed on VirusTotal.

Hope not too many unsuspecting users fell for this. Whatever the source of the file may be.

// Oliver

This entry was posted in Project news. Bookmark the permalink.

8 Responses to Re: WinDirStat detected as trojan … rightly so

  1. Julie B says:

    Hey Oliver, I am just wondering, could you compile a non-installer (portable) version? Basically, just self-contain in a single directory. That would make this immensely useful in a corporate environment where often you are not allow to install or run program that would install to C drive.

  2. Oliver says:

    Hi Julie. Yes, this is in the works right now. The future release will allow to store the settings in the INI file or in the registry. There will likely be another method, using Lua scripts to modify the logic of how WDS reads the config ;)

    And btw, I intend to move from NSIS to MSI … one for x64 (64bit) and one for x86 (32bit), although the idea is to also create a version containing both of those as a bundled NSIS installer. I have gathered all the necessary experience to pull this off, but the guy who promised to author the MSI is a bit busy at the moment. I’ll poke him to see how far this has progressed.

  3. Oliver says:

    For now you can use 7-Zip to extract the NSIS installer. By default the windirstat.exe will be the Unicode version. I don’t expect you’ll even want the ANSI version, so this should be sufficient.

  4. Julie B says:

    Thanks Oliver! I think storing the settings in the INI file inside WinDirStat’s own directory would be best! Storing it on registry is would be blocked on most corporate environment since it would modify the registry.

  5. Steph Locke says:

    Just downloaded WinDirStat (awesome btw) from FossHub which was the main big link from the site windirstat.info – just want to make sure that this is the legit site and download portal since I’ve already downloaded and installed?

  6. Oliver says:

    @Steph: yes, it’s legit and we have checked the files just this week after an alleged report of one corrupt download. All files there were genuine. But please check the hashes after download on your own :)

  7. Steph Locke says:

    I would if I could without significant googling! Will give it a go at some point, and will run a full virus scan to be sure.

    Plus side is, I blogged about the benefit off the prog, and someone else has already downloaded it and considered it far superior to the one they downloaded just last week :smile:

  8. Pawan says:

    I love using WinDir tool in my daily adminstration task. This tool is awesome.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>