Skip to main content
MStei.4
MStei.4
Associate II
October 1, 2021
Solved

STM32CubeMonitor executable is sent to quarantine by antivirus program

  • October 1, 2021
  • 3 replies
  • 957 views

I have downloaded the tool and checked it with the Apex One Virusscan and there was no alarm. When I open the tool the executable will be immediately quarantined. Is there a known bug and can you help me with that?

BR Marco

This topic has been closed for replies.
Best answer by MStei.4

I also think it is a false positive test. After installing the tool "Completing the STM32CubeMonitor Setup Wizard" I am notified to click finish the setup and launch the tool.

When this is applied the tool launches, and it says it is loading the flows. But as soon as the tool is shown, the window is gone and the virus program show a treat:

Malicious Behaviour Detection

OfficeScan detected a Behavior Monitoring policy violation and blocked the offending process(es):

Unauthorized file Encryption in Real-time Scan

Infected file: STM32CubeMonitor.exe

A detailes link is also shown: https://www.trendmicro.com/vinfo/us/threat-encyclopedia/search/unauthorized%20file%20encryption

3 replies

stephane.legargeant
stephane.legargeant
ST Employee
October 1, 2021

Hello

We have not detected potential issues when preparing the new version, and scan submitted to multiple antivirus did not raised issues.

Nevertheless, another user of Apex one raised a concern yesterday, so it seems to be an issue specific to Apex One.

As I don't have it on my computer, I am not able to reproduce. Could you try to get more detail about the problem detected by the virusscan ? (To understand why it is quarantined at run time).

Thank you

Stephane

Peter BENSCH
Peter BENSCH
Technical Moderator
October 1, 2021

It was already checked by virustotal.com, which uses more than 70 virus/malware scanners - nothing suspicious found.

False positive?

Regards

/Peter

MStei.4
MStei.4AuthorBest answer
Associate II
October 1, 2021

I also think it is a false positive test. After installing the tool "Completing the STM32CubeMonitor Setup Wizard" I am notified to click finish the setup and launch the tool.

When this is applied the tool launches, and it says it is loading the flows. But as soon as the tool is shown, the window is gone and the virus program show a treat:

Malicious Behaviour Detection

OfficeScan detected a Behavior Monitoring policy violation and blocked the offending process(es):

Unauthorized file Encryption in Real-time Scan

Infected file: STM32CubeMonitor.exe

A detailes link is also shown: https://www.trendmicro.com/vinfo/us/threat-encyclopedia/search/unauthorized%20file%20encryption

Terms & ConditionsAccessibility statement