Panda Security Quarantining Update 8.9g

Apoc_Golem · April 1st, 2020, 11:16 AM

Hi. I've tried to download update 8.9g twice now for HLC and Panda Security keeps marking it as a virus, I guess because one of the files is listed as Exploit.exe? Is that meant to be there? Seems like a weird name to give a .exe file, but if you guys say it's supposed to be there I trust you. If that'st the case though, can anyone tell me how to list it as an exception to the antivirus? I'm digging around in the settings and I can't figure it out.

Dami · April 1st, 2020, 03:10 PM

LW probably won't have an answer on how a third party antivirus works. You could email support and they might have a suggestion, but you are probably better looking at Panda's website/forums or emailing them to see how to mark a file as a false positive, or an exception.

Parody · April 1st, 2020, 07:17 PM

Apoc_Golem, do you mean HLExport.exe or HLExport64.exe? There shouldn't be an Exploit.exe in the installer.

DaveM · April 2nd, 2020, 09:54 AM

We at Lone Wolf recently needed to update our code signing certificate, and have noticed that since then some virus checkers are marking our app for quarantine now. We are working on a more generic solution, but for the time being the best we can suggest is to whitelist our application (if that option is available) or temporarily turn off virus checking during installation.

Duggan · April 2nd, 2020, 09:52 AM

Agreed. That is not a file that should be present. Are you downloading the executable from the Lone Wolf website, or installing via Hero Lab update?

Parody · 02:35 PM

Edge (Chromium) also complains about the HL installer when you download it from the website. You can pick ignore a bunch of times to download and run it, but someone from Lone Wolf may want to tell Microsoft that it's legitimate.

Also I should probably install some other browsers in my Windows Insider VM.

Apoc_Golem · April 2nd, 2020, 06:33 PM

@Parody: No, it's definitely named exploit.exe, or at least that's what it shows up as when Panda shows it in the quarantine area. Not sure why that's happening if it's not meant to be there. I would assume if someone was trying to sneak a virus into the HL update, I wouldn't be the only one seeing this so now I'm really curious what's actually going on.

Thread Tools
Show Printable Version Email this Page
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode

Parody Senior Member Join Date: Jan 2013 Location: Rochester, MN Posts: 1,487 April 1st, 2020, 07:17 PM	Apoc_Golem, do you mean HLExport.exe or HLExport64.exe? There shouldn't be an Exploit.exe in the installer. Michael Miller ESG Labs - Realm Works Locations App - Convention Events
#3

DaveM Member Lone Wolf Staff Join Date: May 2018 Posts: 53 April 2nd, 2020, 09:54 AM	We at Lone Wolf recently needed to update our code signing certificate, and have noticed that since then some virus checkers are marking our app for quarantine now. We are working on a more generic solution, but for the time being the best we can suggest is to whitelist our application (if that option is available) or temporarily turn off virus checking during installation.
#4

Duggan Senior Member Volunteer Data File Contributor Join Date: Nov 2009 Posts: 1,500 April 2nd, 2020, 09:52 AM	Agreed. That is not a file that should be present. Are you downloading the executable from the Lone Wolf website, or installing via Hero Lab update?
#5

Apoc_Golem Junior Member Join Date: Jan 2019 Posts: 11 April 2nd, 2020, 06:33 PM	@Parody: No, it's definitely named exploit.exe, or at least that's what it shows up as when Panda shows it in the quarantine area. Not sure why that's happening if it's not meant to be there. I would assume if someone was trying to sneak a virus into the HL update, I wouldn't be the only one seeing this so now I'm really curious what's actually going on.
#7