Kombilo Virus warning Trojan:Win32/Vagger!rfn
Posted: Wed Sep 27, 2017 9:40 am
Today Windows Defender detected a trojan virus (Win32/Vagger!rfn) in the kombilo.exe
True threat or false positive?
True threat or false positive?
Life In 19x19
Life in 19x19. Go, Weiqi, Baduk... Thats the life.
https://lifein19x19.com/
Kombilo Virus warning Trojan:Win32/Vagger!rfn
Page 1 of 1
Re: Kombilo Virus warning Trojan:Win32/Vagger!rfn
Posted: Wed Sep 27, 2017 10:04 am
The check with uploading the executable to www.virustotal.com shows no threat.
Re: Kombilo Virus warning Trojan:Win32/Vagger!rfn
Posted: Wed Sep 27, 2017 10:45 am
Thanks for the notice.Gomoto wrote:Today Windows Defender detected a trojan virus (Win32/Vagger!rfn) in the kombilo.exe
True threat or false positive?
I am very confident that this is a false positive, as far as the installer is concerned: I checked that the exe files which can be downloaded from u-go.net have not been compromised (same md5sum as my local copies). In particular, they have not changed recently.
Also, the Windows build process runs in an isolated environment (not on one of my computers, but in an AppVeyor container - this is a service which offers a Windows build environment in isolated virtual machines). It seems very unlikely that a trojan got into the installer in that way. It is even more unlikely that it has not been noticed for several months.
(I did not find any substantial information on the Vagger trojan. Could it have infected the system and Kombilo at a later point, i.e., after the installation was finished?)
If someone knows more, further information is of course appreciated.
Best regards, Ulrich
Re: Kombilo Virus warning Trojan:Win32/Vagger!rfn
Posted: Tue Oct 03, 2017 9:27 am
Thanks for your reply.
The message was only shown once in the windows defender history and windows defender did not show any further warning or current threats.
The microsoft website about this special threat was also offline after a day.
With the negative virustotal check and your feedback I think it was a temporary false positive for now.
Time will tell
The message was only shown once in the windows defender history and windows defender did not show any further warning or current threats.
The microsoft website about this special threat was also offline after a day.
With the negative virustotal check and your feedback I think it was a temporary false positive for now.
Time will tell
Re: Kombilo Virus warning Trojan:Win32/Vagger!rfn
Posted: Tue Oct 03, 2017 9:40 am
the "Windows Defender" alert message.
Re: Kombilo Virus warning Trojan:Win32/Vagger!rfn
Posted: Sun Oct 08, 2017 9:13 am
Today i wanted to start kombilo.exe, but it is actually still put in quarantine by microsoft defender.
I checked again with http://www.virustotal.com and get a detection rate of 10/64:
https://www.virustotal.com/de/file/f014 ... 507481768/
The last check by somebody else three month ago showed a detection rate of 8/64.
Windows defender does not detect any threat at this moment.
I checked again with http://www.virustotal.com and get a detection rate of 10/64:
https://www.virustotal.com/de/file/f014 ... 507481768/
The last check by somebody else three month ago showed a detection rate of 8/64.
Windows defender does not detect any threat at this moment.
Re: Kombilo Virus warning Trojan:Win32/Vagger!rfn
Posted: Wed Oct 11, 2017 1:23 pm
I want to use this thread (also the place seems somewhat inappropriate) to express my gratitude to Ulrich Goertz for the fine Kombilo database program.
There is no alternative in my opinion to Kombilo that provides such a great go learning environment for every go enthusiast.
It feels like always having pro teachers available when you analyse your tactics with this excellent go tool.
Thank you!
There is no alternative in my opinion to Kombilo that provides such a great go learning environment for every go enthusiast.
It feels like always having pro teachers available when you analyse your tactics with this excellent go tool.
Thank you!