BolehVPN Support
BolehVPN Support => Installation Support => Topic started by: vpnacc on December 03, 2016, 02:12:52 AM
-
Hi,
I have tried to install bolehgui305.exe after your migration, and in doing so had windows defender flag the file as the detplock trojan multiple times.
Is there a way around this? Or is there a problem with the .exe itself?
Thanks
-
I believe I read something somewhere regarding this, don't worry it's not a trojan or infected that will mess up your system.
I'd recommend online scanning it, I'm curious too, to see what results you get;
https://www.virustotal.com/
It would also be good for BolehVPN to know these results to see how many scanners it's setting off to correct the code.
-
There's mention in 'Status' page.
"These are some of the common issues that have cropped up:
False positive on some antivirus on the new installer. You can verify the installer by going to virustotal.com which should show you that it’s a false positive."
-
Hi,
I can confirm Windows10 Defender reports
Category: Trojan:Win32/azden.A!d
Description: This program is dangerous and executes commands from an attacker.
Recommended action: Remove this software immediately.
Items:
file:C:\Users\XXXX\Downloads\Unconfirmed 120573.crdownload
VIRUS TOTAL info
Get more information about this item online. Virus total info
SHA256: 6e1facf67221435f3a137a1da9ba065645502acf90c0420c2f9cce5a243e4c46
File name: BolehGUI305.exe
Detection ratio: 1 / 55
Analysis date: 2016-12-03 05:58:48 UTC ( 6 hours, 38 minutes ago )
CrowdStrike Falcon (ML) malicious_confidence_61% (D) 20161024 was the only scanner to report issues
File identification
MD5 0c9f81c1ccda66a12a8a3024e1be46fe
SHA1 cfdd51fa9a6f8eed77ce56e69107a042708e1830
SHA256 6e1facf67221435f3a137a1da9ba065645502acf90c0420c2f9cce5a243e4c46
ssdeep98304:BP2VuYvkpWS3lW/ZAFojCL3eB5do+JLUQDcfjDw2mgs7y8rCfoUcGtu/ORq:BguYvob3uRJjcLsRbrscz/ORq
authentihash 18a0ba91a6f612cb8c62741f7f8bcd5dc1712b7edb0ea1e852db0658b27ab192
imphash b1a57b635b23ffd553b3fd1e0960b2bd
File size 7.1 MB ( 7473754 bytes )
File type Win32 EXE
Magic literalPE32 executable for MS Windows (GUI) Intel 80386 32-bit
TrID Win32 Executable MS Visual C++ (generic) (42.2%)
Win64 Executable (generic) (37.3%)
Win32 Dynamic Link Library (generic) (8.8%)
Win32 Executable (generic) (6.0%)
Generic Win/DOS Executable (2.7%)
Tagsnsis peexe overlay
VirusTotal metadata
First submission 2016-12-01 19:41:16 UTC ( 1 day, 16 hours ago )
Last submission 2016-12-03 05:58:48 UTC ( 6 hours, 38 minutes ago )
File names bolehgui305.exe
BolehGUI305.exe
-
@maxbudin thanks...
@majorclatto it's ok it's not a trojan...
-
We recently released a software signed version with the correct version of setting.ini inside. This version should also fix the false positive issue.
https://www.bolehvpn.net/downloads/BolehGUI305.exe
-
the new version 3.0.5 syill shows up with a false positive on windows defender (windows 7)
edit: cleared cache too but download continues tol show up as false positive
-
the new version 3.0.5 syill shows up with a false positive on windows defender (windows 7)
edit: cleared cache too but download continues tol show up as false positive
Could you right-click on the file, select Properties and click on the Digital Signatures tab? If you do not have this, you are probably still on the old version.
The SHA-1 Checksum for this file is: 3A8558D615BB5128B7FBC65DFF342F5A46679C14