Homepage › Forums › Technical Support › Trojan:Win32/Fuerboos.B!cl
- This topic has 8 replies, 4 voices, and was last updated Dec 27, 2017 12:39am by Ralf.
-
AuthorPosts
-
Dec 25, 2017 at 3:30pm #169102nilezParticipant
getting this immediately after updating, can you confirm this is false flag or not?
3 install files got flagged and quarantined and setup file got flagged.
Dec 25, 2017 at 3:37pm #169103RalfKeymasterYes, trojan/virus messages with vorpX always are a false positive.
Probably due to vorpX injecting other program some AV-programs notoriously flag each new version as malicious when they do their apparently less than perfect guesswork.
Ideally please report the issue to your AV vendor as false positive so they can address the problem.
In the meantime please exclude the vorpX program folder from scanning if it allows you to do so.
If you use anything else than Windows Defender, consider to switch. While that isn’t a 100% guarantee for avoiding false vorpX positives (happened once there too so far), it’s a lot less likely than experiencing this with some of the more invasive AV programs like BitDefender, Kaspersky etc.
Dec 25, 2017 at 3:39pm #169105nilezParticipantAffected items:
startup: C:\ProgramData\Microsoft\Windows\Start Menu\vorpX ….
vorpX.ink
file: C:\Program Files (x86)\Animation Labs\vorpX\vorpControl.exe
file: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vorpX\Sta …
vorpX.Ink(the 2x … -> somehow the windows threat report cuts off a tiny part of the right side of filepath so I don’t know whats in the …)
Dec 25, 2017 at 3:40pm #169106nilezParticipantits windows defender that flagged it
thanks for quick replyDec 25, 2017 at 3:42pm #169107RalfKeymasterAdd the C:\Program Files (x86)\Animation Labs\vorpX\ folder to the exclusion list and see whether that helps.
The better contact in such a case is your AV vendor. They should have some procedure in place to report false positives for their users.
Brief update: no issue with the latest Windows Defender definitions (1.259.764.0) here. If you don’t have that yet, try to update manually, that will probably suffice to solve the issue.
Dec 26, 2017 at 10:20pm #169216quisutdeusParticipantI just had Windows Defender recognizing vorpControl.exe as infected with Win32/Fuerboos.B!cl trojan.
Didn’t happen before update.I just added vorpx to exclude list.
I trust you Ralf, but don’t mess with my cryptos :D
Dec 26, 2017 at 10:59pm #169227RalfKeymasterThat can happen with a new release unfortunately. Judging from prior releases it should be gone soon. Microsoft is usually fast fixing false positives.
Until then excluding the vorpX program folder from scanning is the right thing to do.
Dec 27, 2017 at 12:35am #169240sumvorpxParticipantI am having the same problem. I am going to wait until Windows defender clears it as a false positive. Thanks!
Dec 27, 2017 at 12:39am #169242RalfKeymasterYou can also report the issue as false positive to MS.
https://www.microsoft.com/en-us/wdsi/filesubmission
Until they fix it, excluding the vorpX program folder is the right thing to do.
-
AuthorPosts
- You must be logged in to reply to this topic.