[FIXED] Boxifier.exe flagged as malicious by Webroot SecureAnywhere?!

FYI, Webroot SecureAnywhere v9.0.7.46 now flags boxifier.exe in path c:\users\userID\appdata\roaming\boxifier as a malicious trojan and automatically quarantines the file. Note that I’ve been running both these programs together for many months with no problems, so it must be some new update in webroot’s identification system. I’m assuming that boxifier isn’t actually a trojan, so I’ve told the webroot UI to allow boxifier.exe permanently.

However there is an odd new behavior: boxifier.exe will suddenly disappear from my running tasks a few seconds after launch, the taskbar icon will go away, and windows right-click context menu says boxifier is not running… but all the sync functionality still remains in my boxified folders located outside of dropbox’s folder! Dropbox icons on boxified folders remain up-to-date, and dropbox runs real-time syncs with boxified folders just as if boxifier is running… but there is definitely no ‘boxifier.exe’ in windows task manager. I can literally watch it disappear from taskman, but all of its functions are still active. Very strange… any thoughts?

cheers!

Yes, a recent update of Webroot falsely detects Boxifier. Some of our customers contacted us regarding this and they also contacted Webroot which informed them about this being a false alarm. Here is the response that one of our customers received from Webroot:

Hello,

Thank you for submitting your report. We have examined the logs from
your system and found that the detected items were the result of a false
positive, and are not a threat. We have updated our security
definitions to address this.

You may un-quarantine and restore the file that was quarantined by the
Webroot SecureAnywhere software if you have not already done so. To
restore the file:

  1. Open on the cog icon next to PC Security.
  1. Click the Quarantine tab.
  1. Click the check box next to the filename, then click Restore.

Now that this change is in effect, we request that you run another scan
of your computer (click “Scan My Computer” on the main overview window).
If the same detection occurs, please let us know immediately.

Thank you,

Webroot Advanced Malware Removal Team

Could you try updating Webroot to the latest security definitions and post your results here?

However there is an odd new behavior: boxifier.exe will suddenly
disappear from my running tasks a few seconds after launch, the taskbar
icon will go away, and windows right-click context menu says boxifier is
not running… but all the sync functionality still remains in my
boxified folders located outside of dropbox’s folder! Dropbox icons on
boxified folders remain up-to-date, and dropbox runs real-time syncs
with boxified folders just as if boxifier is running… but there is
definitely no ‘boxifier.exe’ in windows task manager. I can literally
watch it disappear from taskman, but all of its functions are still
active. Very strange… any thoughts?

Probably Webroot is still blocking it somehow and kills the Boxifier.exe process. Could you try disabling Webroot and let us know if it still happens?

The reason sync is not affected and still works is because Boxifier has several components and only the graphical interface is affected by this.

Thanks for the confirmation. Yes, I forgot to mention that if webroot isn’t running, boxifier operates normally. Everything’s up to date, so I guess this is a webroot issue. Would you be able to provide a list of all the boxifier services/processes so I can add each of them to webroot’s whitelist? thanks!

Whitelisting Boxifier.exe should be enough.

many thanks. Webroot has recommended that I uninstall and reinstall boxifier… probably just a canned response, but is there a way to do this without having to buy another license from you guys? I already bought a 2nd when I migrated computers, which i don’t mind… but having to get a 3rd because of webroot’s mistake seems lame.

cheers

No worries, you should have no issues installing it again and it will use the same license.