search

Heroic-Games-Launcher / HeroicGamesLauncher

A games launcher for GOG, Amazon and Epic Games for Linux, Windows and macOS.
https://heroicgameslauncher.com
GNU General Public License v3.0
8.25k stars 431 forks source link

ESET NOD32 reporting nile.exe & gogdl.exe as suspicious. #4097

Open olivergrovez opened 1 week ago

olivergrovez commented 1 week ago

Describe the bug

Installed the latest Heroic version 2.15.2 and nile.exe & gogdl.exe are being flagged as suspicious by NOD32. Scanning the file directly before installing reports it clean, only after installing do I get the suspicious activity messages.

Add logs

05/11/2024 19:12:02;Real-time file system protection;file;C:\Users\OG\AppData\Local\Programs\heroic\resources\app.asar.unpacked\build\bin\x64\win32\gogdl.exe;Suspicious Object;cleaned by deleting;DESKTOP-FBEKG5C\Radial;Event occurred during an attempt to access the file by the application: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (801262E122DB6A2E758962896F260B55BBD0136A).;1DE5E028EE0D9D94C7F07DA08ECDDCD45FA60D4A;05/11/2024 19:11:48
05/11/2024 19:12:28;Real-time file system protection;file;C:\Users\OG\AppData\Local\Programs\heroic\resources\app.asar.unpacked\build\bin\x64\win32\nile.exe;Suspicious Object;cleaned by deleting;NT AUTHORITY\SYSTEM;Event occurred during an attempt to access the file by the application: C:\Windows\System32\CompatTelRunner.exe (D07D4A069DA619803594796C2EF34DA84C57A6CF).;2A4FEEA7A18048F0BFAED3F201FECDAFBF927170;05/11/2024 19:11:48

Steps to reproduce

  1. Install from latest executable.
  2. NOD32 Real-time file system protection detects suspicious objects & deletes them.
  3. Error attached.

Expected behavior

No detection issues.

Screenshots

No response

Heroic Version

Latest Stable

System Information

Additional information

No response

Creat commented 13 hours ago

Getting the same two files flagged on version "Heroic 2.15.2 HOTFIX #2", but in my case it's by WebRoot SecureAnywhere CE 24.4 as the malware scanner.