BitDefender Quarantining StarTools

Questions and answers about problems with the software, modules or functionality.
Post Reply
MarkoT
Posts: 4
Joined: Mon May 04, 2015 11:55 am

BitDefender Quarantining StarTools

Post by MarkoT »

HI,

BitDefender doesn't seem to get along with the latest alpha release (1_4_312_alpha) and specifically the 32bit version. BT doesn't have any issues with the 64bit version. BT claims that the 32bit .exe contains this "Gen:Trojan.Heur.TP.@GW@bWjK8rfi"

I'm running Win 10 64bit and BitDefender version 1.0.21.1099.
User avatar
admin
Site Admin
Posts: 3382
Joined: Thu Dec 02, 2010 10:51 pm
Location: Melbourne
Contact:

Re: BitDefender Quarantining StarTools

Post by admin »

It's a known issue with BitDefender (here and here). A StarTools/BitDefender user has actually gone to the trouble of getting BitDefender to white list StarTools, only for the false positive to popup a few months later. Gen:Trojan.Heur. is a big clue and the issue is their extremely lazy scanning of software for 'generic' malicious behaviour;

http://internet-security-suite-review.t ... tion-.html

In other words the false positive is generated by a detection method that uses a heuristics engine, which cannot be and is not perfect (as opposed to a signature-based detection). An example of a heuristic is to mark any file that identifies itself as 'StarTools' malicious, because there is a key logger out there that is also called 'StarTools'.

Sometimes giving a virus scanner control of your system can be just as annoying as getting a virus in the first place... :evil:

As a more general remark about StarTools' software safety; Windows malware has very little chance for the simple reason that the StarTools development station is a Linux machine (which is of course incapable of running Windows viruses) and no Windows machines (virtual or otherwise) are used anywhere in the development, uploading or publishing of the software. Furthermore, the platform and servers that serves the website are also homebrew/custom, which means that the website is immune to popular mass-exploits (allowing for any potential malware insertio) for Wordpress, Drupal, etc. (a hacker or malware insertion tool would have to be written specifically for our custom platform, which is a pretty big waste of time for any hacker for very little gain).

That said, if you still feel StarTools might contain malware, please let me know asap!
Ivo Jager
StarTools creator and astronomy enthusiast
MarkoT
Posts: 4
Joined: Mon May 04, 2015 11:55 am

Re: BitDefender Quarantining StarTools

Post by MarkoT »

Thanks Ivo, for the comprehensive explanation. :thumbsup:
Post Reply