Trojan:Win32/Woreflint.A!cl Please Help

 [KoH]FC1_Trainer


Join Date: 17 July 2007
Posts:18
Posted 25 January 2021 - 4:40 am
Hello Voobly team,

a couple of weeks ago I made the latest Microsoft Windows 10 update.
Since then the Microsoft virus software detects a Trojan/Virus in the Voobly software.
I tried to deinstall and reinstall voobly but this didnt fix the issue.
As soon as I reinstalled voobly, the microsoft antivirus dected the trojan again:
Trojan:Win32/Woreflint.A!cl

containerfile: C:\Program Files (x86)\Voobly\voobly-update.exe
file: C:\Program Files (x86)\Microsoft Games\Age of Empires II\age2_x1\anticheat2.dll
file: C:\Program Files (x86)\Microsoft Games\Age of Empires II\anticheat2.dll
file: C:\Program Files (x86)\Voobly\voobly-update.exe->(inno#000007)

Can anyone please help me?
I made screenshot via microsoft snipping tool attached.

Thank you.
Attachments:
snip2.JPG (file size: 75.05 KB)
snip1.JPG (file size: 70.61 KB)

Link | Reply | Quote
 +hassan


Join Date: 14 July 2007
Posts:828
Posted 25 January 2021 - 11:03 am
Hello there.

Please read carefully this thread : https://www.voobly.com/forum/thread/333898 where everything is explained with solutions to try.

Don't hesitate if you need help about any step. Sorry for the inconvenience.
Link | Reply | Quote
 +[email protected]


Join Date: 3 October 2007
Posts:9888
Posted 25 January 2021 - 11:50 am
This post explains how to update the virus signatures of your Windows Defender:
https://www.voobly.com/forum/thread/333898/:1405739#post1405739
Link | Reply | Quote
 [KoH]FC1_Trainer


Join Date: 17 July 2007
Posts:18
Edited 25 January 2021 - 4:04 pm by [KoH]FC1_Trainer
Hello Hassan & Chris,

so I did the following:

run cmd as administrator and put in the following commands (copy & paste):
cd c:\Program Files\Windows Defender
MpCmdRun.exe -removedefinitions -dynamicsignatures
MpCmdRun.exe -SignatureUpdate

(it said signature updated sucessful)

afterwards I ran quick scan which still detected the "Trojan"
maybe this is due to old detections of previous searches?

Can you please try to help me here? I am no programmer or anything so please keep it as simple as possible.

Thanks.
Link | Reply | Quote
 +[email protected]


Join Date: 3 October 2007
Posts:9888
Posted 25 January 2021 - 4:39 pm
Which version of Windows are you running? Click Start > type "winver" > hit Enter.
Link | Reply | Quote
 [KoH]FC1_Trainer


Join Date: 17 July 2007
Posts:18
Posted 25 January 2021 - 4:48 pm
please see attached, i always do all updates so it should be the latest version + i update windows defender at least once per day
Attachments:
snip3.JPG (file size: 35.64 KB)

Link | Reply | Quote
 +D0om


Join Date: 14 September 2011
Posts:176
Posted 26 January 2021 - 12:04 pm
Hi,

Instead of using :
Code:
MpCmdRun.exe -RemoveDefinitions -DynamicSignatures

Use:
Code:
MpCmdRun.exe -RemoveDefinitions -All
Quote:
Restores the installed Security intelligence to a previous backup copy or to the original default set


After this:
Code:
MpCmdRun.exe -SignatureUpdate

Once finished Restart your PC and scan again.
Link | Reply | Quote
 gerandtjan


Join Date: 22 March 2020
Posts:1
Posted 26 January 2021 - 5:21 pm
me sucedio algo parecido, pero se soluciono solo, despues de un par de dias, me dio la impresion que fue se habia colado un troyano y luego se dieron cuenta
Link | Reply | Quote
 [KoH]FC1_Trainer


Join Date: 17 July 2007
Posts:18
Posted 27 January 2021 - 1:43 pm
It looks like the issue has been fixed now, although the code said rollback.... error (see attached)

Afterwards I rebooted my computer and deinstalled + reinstalled voobly without receiving notifications from microsoft antivirus/ Windows Defender. However the old virus messages and notification are still there.

Is there any way to get these out of the system or rechecked so that it updates them and does not consider them as threats anymore? 2nd and 3rd attachment.
Thanks for your help & support so far.

Best regards,

Matthias
Attachments:
26-01-2021.JPG (file size: 51.54 KB)
27-01-2021.JPG (file size: 43.46 KB)
27-01-2021-2.JPG (file size: 70.71 KB)

Link | Reply | Quote
 +[email protected]


Join Date: 3 October 2007
Posts:9888
Posted 27 January 2021 - 2:31 pm
Run this in an administrator command prompt
Code:
dism /online /cleanup-image /scanhealth dism /online /cleanup-image /checkhealth dism /online /cleanup-image /restorehealth sfc /scannow
Link | Reply | Quote
 [KoH]FC1_Trainer


Join Date: 17 July 2007
Posts:18
Posted 28 January 2021 - 6:50 pm
i have done it, thanks for your help.

Hope, that everything is fine now.
Attachments:
snip29-01.2021.JPG (file size: 80.85 KB)




Link | Reply | Quote
[1]
Displaying 1 - 11 out of 11 posts
Forum Jump:
1 User(s) are reading this topic (in the past 30 minutes)
0 members, 1 guests