I consistently receive computers for my stake without the self-provisioning software pre-installed. That, in and of itself, is it's own problem.
Today, I prepared to set up a new computer by downloading the churchsupportselfprovision.exe file from the link in the clerk computer setup wiki, and received a notification from my personal computer's antivirus software that the file I was trying to download was infected with a trojan Win/Polazert.A
Has anyone else received this notice from any other antivirus software? Is it just me? I run very strict privacy controls on my browser, but I don't think that's the problem.
Virus infection of churchsupportselfprovision.exe
-
- New Member
- Posts: 1
- Joined: Sun Mar 03, 2024 1:14 pm
- Mikerowaved
- Community Moderators
- Posts: 4786
- Joined: Sun Dec 23, 2007 12:56 am
- Location: Layton, UT
Re: Virus infection of churchsupportselfprovision.exe
I just now uploaded the churchsupportselfprovision.exe tool to VirusTotal for analysis and 5 of 75 security vendors flagged it as malicious. It kind of makes sense, since it has similar activities with some malicious programs. For example, it does the following:
The file is digitally signed by the following:
Of course, it uses all the above tools to setup Windows exactly as they want it.VirusTotal wrote: Matches Rules:
PowerShell Create Local User
Winlogon Helper DLL
User Added to Local Administrator Group
Powershell Detect Virtualization Environment
Powershell LocalAccount Manipulation
File Download From Browser Process Via Inline URL
PSScriptPolicyTest Creation against Applocker.
Suspicious Get Local Groups Information
Local User Creation
A Member Was Added to a Security-Enabled Global Group
The file is digitally signed by the following:
In my opinion, this is a safe file to use and can be trusted to get the job done.VirusTotal wrote: Signers
Intellectual Reserve, Inc.
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
DigiCert Trusted Root G4
DigiCert
Counter Signers
DigiCert Timestamp 2023
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA
DigiCert Trusted Root G4
DigiCert
x509 Certificates
DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1
Intellectual Reserve, Inc.
DigiCert Timestamp 2023
DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA
DigiCert Trusted Root G4
So we can better help you, please edit your Profile to include your general location.