Page 1 of 1

BitDefender Quarantining StarTools

PostPosted: Wed Oct 21, 2015 5:48 pm
by MarkoT
HI,

BitDefender doesn't seem to get along with the latest alpha release (1_4_312_alpha) and specifically the 32bit version. BT doesn't have any issues with the 64bit version. BT claims that the 32bit .exe contains this "Gen:Trojan.Heur.TP.@GW@bWjK8rfi"

I'm running Win 10 64bit and BitDefender version 1.0.21.1099.

Re: BitDefender Quarantining StarTools

PostPosted: Thu Oct 22, 2015 2:13 am
by admin
It's a known issue with BitDefender (here and here). A StarTools/BitDefender user has actually gone to the trouble of getting BitDefender to white list StarTools, only for the false positive to popup a few months later. Gen:Trojan.Heur. is a big clue and the issue is their extremely lazy scanning of software for 'generic' malicious behaviour;

http://internet-security-suite-review.t ... tion-.html

In other words the false positive is generated by a detection method that uses a heuristics engine, which cannot be and is not perfect (as opposed to a signature-based detection). An example of a heuristic is to mark any file that identifies itself as 'StarTools' malicious, because there is a key logger out there that is also called 'StarTools'.

Sometimes giving a virus scanner control of your system can be just as annoying as getting a virus in the first place... :evil:

As a more general remark about StarTools' software safety; Windows malware has very little chance for the simple reason that the StarTools development station is a Linux machine (which is of course incapable of running Windows viruses) and no Windows machines (virtual or otherwise) are used anywhere in the development, uploading or publishing of the software. Furthermore, the platform and servers that serves the website are also homebrew/custom, which means that the website is immune to popular mass-exploits (allowing for any potential malware insertio) for Wordpress, Drupal, etc. (a hacker or malware insertion tool would have to be written specifically for our custom platform, which is a pretty big waste of time for any hacker for very little gain).

That said, if you still feel StarTools might contain malware, please let me know asap!

Re: BitDefender Quarantining StarTools

PostPosted: Thu Oct 22, 2015 7:39 am
by MarkoT
Thanks Ivo, for the comprehensive explanation. :thumbsup: