After activating OpenVPN (2.3.14 & 2.4-rc1 64-bit) as a windows 10 service I get a message from defender telling me that file:C:\Program Files\OpenVPN\bin\openvpnserv2.exe, service:OpenVpnService is infected with a Trojan Win32/Codinx.B!cl
Installed via the Win-Installer available at https://openvpn.net/index.php/open-sour ... loads.html
As I see it this is:
a) probably Microsoft being over-enthusiastic and a false-positive
b) possibly a sign that I've actually got an infection coming from somewhere else
c) not worth taking a risk on
So - is this a known issue? Or am I unique and it's therefore something to worry about? Google didn't find anything useful in this context - which is a bit worrying ...
Thanks for any info!
Windows Defender finds Trojan Codinx.B!cl in openvpnserv2.exe
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
-
mikef
- OpenVpn Newbie
- Posts: 2
- Joined: Fri Dec 09, 2016 11:06 am
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11138
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Windows Defender finds Trojan Codinx.B!cl in openvpnserv2.exe
You are the only person to make such a claim .. perhaps your download was intercepted ?
that's what I see 
Code: Select all
SHA256(openvpn-install-2.3.14-I601-x86_64.exe)=
43771970958a1e39471065e011c980b8e36fd43aec91684c4ae35d2cca73e044
SHA256(openvpn-install-2.4_rc1-I601.exe)=
1435769a97ad18bb9d321a3fc22b06cd73dc457bd4350204db99d94de9b67975-
mikef
- OpenVpn Newbie
- Posts: 2
- Joined: Fri Dec 09, 2016 11:06 am
Re: Windows Defender finds Trojan Codinx.B!cl in openvpnserv2.exe
Odd
- I've downloaded the (SHA1) signature and key on another system, using a different OS, internet connection and vpn server and used an existing trusted installation of gpg - which validated it correctly
- A full system sweep (in safe mode, command prompt only) gave me no other issues
Any thoughts how else I could put my mind at rest? - I'm tempted to trust openvpn more than microsoft but would rather not have to choose ...
- I've downloaded the (SHA1) signature and key on another system, using a different OS, internet connection and vpn server and used an existing trusted installation of gpg - which validated it correctly
- A full system sweep (in safe mode, command prompt only) gave me no other issues
Any thoughts how else I could put my mind at rest? - I'm tempted to trust openvpn more than microsoft but would rather not have to choose ...
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11138
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Windows Defender finds Trojan Codinx.B!cl in openvpnserv2.exe
Good.mikef wrote: I've downloaded the (SHA1) signature and key on another system, using a different OS, internet connection and vpn server and used an existing trusted installation of gpg - which validated it correctly
Report it as a false positive to Microsoft .. Let us know what they have to say. (As ever, make sure your system is fully up-to date)mikef wrote:Any thoughts how else I could put my mind at rest? - I'm tempted to trust openvpn more than microsoft but would rather not have to choose
Openvpn is Free Open Source Software, so if you verified your downloads then I would not worry about it any further.