HeroicGamesLauncher
HeroicGamesLauncher copied to clipboard
Heroic-Games-Launcher
Trojan:Win32/Znyonm
Describe the bug
happened just now as of writing, heroic was open and running
Add logs
The app was automatically deleted.
Steps to reproduce
- Go to '...'
- Click on '...'
- Scroll down to '...'
- See error
Expected behavior
Not have this problem.
Screenshots
Heroic Version
Latest Stable
System Information
Windows 10 64-bit
Additional information
No response
same here. Workaround: gogdl.exe has been added to the list of names in windows defender.
I ask because the portable version is not signed yet, only the setup is. So might be that some antiviruses detect it as a virus because of that.
The problem with antiviruses on windows is that most of them when does not know the file because the lack of signing or because they don't recognize the file type is that they say is a virus.
Might be good for the user to be honest but lead to false positives as well.
I am running the setup version on Windows 11 and got this from Windows Defender also.
We will try to sign gogdl, legendary, nile from the next release to see if these errors are gone.
But they are definitely false positives from windows defender since Heroic is a signed app and before signing the authority always checks for viruses, malmware, etc.
You can help also by reporting this to the antivirus as a safe.
Virustotal also detecting 9/73. https://www.virustotal.com/gui/file/cdbc96a95eb029f8a59e7a6aeb4b5dda9d6296328dc666655f7bbe2196cf2f06
I found a solution for this issue untill gogdl.exe isn't signed officially. First you need to restore gogdl.exe if defender already quarantined or removed it. After that follow this guide - https://youtu.be/zGiNGnX5dYg?si=XQaKWWn2e2CWYpPJ Instead of adding folder to exclusion, you need to select file to add to exclusion list. After clicking file you will be asked to select file to add to exclusion list. Locate file in this directory ( C:\Users"YourUserName"\AppData\Local\Temp\nsuB633.tmp\7z-out\resources\app.asar.unpacked\build\bin\win32 ). In this directory you will find gogdl.exe click on it and click on open. 👍 🎉Hurray your file is added in defender's virus definition list. :( be cautious while adding file or folder other than gogdl.exe if you accidentally selected a virus defender will skip to scan it. And your data will be compromised. Enjoy🎉
Virustotal also detecting 9/73. https://www.virustotal.com/gui/file/cdbc96a95eb029f8a59e7a6aeb4b5dda9d6296328dc666655f7bbe2196cf2f06
nile.exe even worse, 11 red in VT https://www.virustotal.com/gui/file/b05cac62bc4b4615ca6eb4e1ff03d379a34ede7ff71bcab7e427e672e4682eec
How can you people advise other to whitelist files with such negative scores? This is shady
We've explained this situation many times.
Legendary, Nile and gogdl are all python programs packaged using pyinstaller. Since python code is in plain text, anti virus programs flag it after seeing it makes http connections. This is a false positive
If you are concerned about all this you can always verify the checksums of binaries compared to the ones our CI builds. And if you don't find it trustworthy you can audit the source code of each tool and even build the binaries yourself.
We've explained this situation many times.
Legendary, Nile and gogdl are all python programs packaged using pyinstaller. Since python code is in plain text, anti virus programs flag it after seeing it makes http connections. This is a false positive
If you are concerned about all this you can always verify the checksums of binaries compared to the ones our CI builds. And if you don't find it trustworthy you can audit the source code of each tool and even build the binaries yourself.
what does gogdl affect?
Same for me. Opened fortnite with heroic yesterday and Windows Defender came up with it. I am using setup version
