cancel
Showing results for 
Search instead for 
Did you mean: 

STM32CubeMonitor executable is sent to quarantine by antivirus program

MStei.4
Associate III

I have downloaded the tool and checked it with the Apex One Virusscan and there was no alarm. When I open the tool the executable will be immediately quarantined. Is there a known bug and can you help me with that?

BR Marco

1 ACCEPTED SOLUTION

Accepted Solutions
MStei.4
Associate III

I also think it is a false positive test. After installing the tool "Completing the STM32CubeMonitor Setup Wizard" I am notified to click finish the setup and launch the tool.

When this is applied the tool launches, and it says it is loading the flows. But as soon as the tool is shown, the window is gone and the virus program show a treat:

Malicious Behaviour Detection

OfficeScan detected a Behavior Monitoring policy violation and blocked the offending process(es):

Unauthorized file Encryption in Real-time Scan

Infected file: STM32CubeMonitor.exe

A detailes link is also shown: https://www.trendmicro.com/vinfo/us/threat-encyclopedia/search/unauthorized%20file%20encryption

View solution in original post

3 REPLIES 3
stephane.legargeant
ST Employee

Hello

We have not detected potential issues when preparing the new version, and scan submitted to multiple antivirus did not raised issues.

Nevertheless, another user of Apex one raised a concern yesterday, so it seems to be an issue specific to Apex One.

As I don't have it on my computer, I am not able to reproduce. Could you try to get more detail about the problem detected by the virusscan ? (To understand why it is quarantined at run time).

Thank you

Stephane

Peter BENSCH
ST Employee

It was already checked by virustotal.com, which uses more than 70 virus/malware scanners - nothing suspicious found.

False positive?

Regards

/Peter

In order to give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.
MStei.4
Associate III

I also think it is a false positive test. After installing the tool "Completing the STM32CubeMonitor Setup Wizard" I am notified to click finish the setup and launch the tool.

When this is applied the tool launches, and it says it is loading the flows. But as soon as the tool is shown, the window is gone and the virus program show a treat:

Malicious Behaviour Detection

OfficeScan detected a Behavior Monitoring policy violation and blocked the offending process(es):

Unauthorized file Encryption in Real-time Scan

Infected file: STM32CubeMonitor.exe

A detailes link is also shown: https://www.trendmicro.com/vinfo/us/threat-encyclopedia/search/unauthorized%20file%20encryption