About Gog distributing Malware

Completely on the side: I was browsing the Zorin website and came upon a page about Gog: Play Games - Zorin Help

I just wanted to let you know that only one week ago I downloaded M1TankPlatoon II from there and it installed 8 pup's and no game, three virusscanners (Avast, AVG and some other one), 2 browsers, a browserplugin and some app that I don't know. Windows defender did nothing but Mbam removed 23 threats and mrt (built-into the Windows shell) removed one more afterwards. I am still trying to remove traces in the registry, startup-items and default applications which are very sturdy.

Maybe they're hacked or whatever, but the downloads are not safe there.

Just been searching and found this GOG website article:

and this:

I know, seen those too, also on reddit.

But really: 9 different applications have been installed on my laptop and mbam detected 23 and those were not false positives, I never asked for AVG or Avast or Ccleaner, just wanted the game.

I ended up buying it from Steam because it wasn't even in "the package" on Gog.

Have you tried reporting the issue? Are you accessing GoG via Steam?

Yes I reported it to Gog and to myabandonware dot com who described that the game is no longer abandonware. I was willing to pay and went to Gog and downloaded the file.
Maybe I have been redirected to a wrong URL but myabandonware dot com is a trustworthy site too, at least: two years ago I downloaded over 10 games from there without any problems.

Please know that I did not know anything about Steam nor Gog, never used them, never been there. In the end I installed Steam, paid and downloaded the file, then deleted the Steam-app because it took 2gb. and I basically only want the game.
So I copied the game from the Steam directory to another partition, unistalled Steam and now I play it flawlessly using DXWND with some minor adjustments, full screen, no issues, just how it's supposed to be.

I am starting to become a bit confused now about where that malicious file precisely came from, might be related to my noobyness with Gog. I don't understand why you would play online when you can play local too, but that whole gamers-community thing is not for me either.

I only play games from Synaptic as far as Linux goes. I have downloaded from GoG in Windows 7 without any issues. My main online gaming is PS4 Pro only. I soon stopped playing online with Windows around the time Homeworld was released. In under 5 minutes someone had stolen my online name in game chat. If you want to play online then Consoles offer the best option and Playstation consoles use Linux.

1 Like

I know this situation, because it happened to me at least once on Windows, you proceeded to the game installation without denying the consent to the installation of third parties software (so you could avoid them by unchecking something like I agree to the installation of additional software) or they were simply included in the terms and conditions (so they had to be installed along with the game). Personally I think that the most common way to have unexpected software is the first reason. I must say that the fact that the game wasn't installed at all is weird, usually despite the unexpected installations the intended software is installed.

I did uncheck all other options.
But I could have known, after looking around on different sites I noticed that this file was way smaller than the other downloadable files I have seen, that should have triggered me...
But I am completely sure that it came from Gog, they are not immune you know, nobody is and since it's a popular site the risk of some zero-day exploit in there is pretty realistic.

This was a small puploader, directly after execution it downloads and installs several apllications and adds itself and them to all kinds of registers as the startup-apps, the default-apps and temp-directories. If you try to remove these applications it reinstalls them just like that. Luckily Mbam was able to stop the mainprocess and kill the rest. I had to do many cleanups afterwards and still there are traces all over the place that I can't get rid of, extremely annoying on a one week fresh install of W11.

I know one thing for sure: I'll avoid Gog completely.

1 Like

I'm not saying GoG isn't to blame, but it's the base platform that you are using that allowed it. This wouldn't happen in linux as each application would have to have permission to install and linux would ensure you know what is being installed.