Start11_Setup_v1.36 contains malicious

VirusTotal Zillya security vendor flagged this file as malicious with the name 'Downloader.Chindo.Win32.2364'

https://www.virustotal.com/gui/file/03ff89b982a4aa88a377210ebc4b7669fcb0d86cd4242a0b1aca5f69d64d219b?nocache=1
from Stardock Forums

Processed a security scan on VirusTotal for Start11_Setup_v1.36 at 2022-12-24 16:48:37 UTC.

One security vendor with the name Zillya flagged this file as malicious: Downloader.Chindo.Win32.2364

start11 v1.36 virustotal zillya malicious downloader.chindo.win32.2364 start menu products
10,813 views 6 replies
Reply #1 from Stardock Forums Top

An antiviral might list it as infected, however, if you downloaded the software from Stardock, it is not infected, and you can use it safely.

The securiy software is giving you a false positive. You can safely "whitelist" it.

Reply #2 from Stardock Forums Top
While it may be a false positive, earlier versions of Start11 did not have this malicious coding. It is not recommended to ignore warnings about malicious coding. It is strongly recommended that you update the encoding in Start11_Setup_V1.36 or contact Zillya to have them whitelist it after discussing the flagging and source encoding.
Galactic Civilizations IV
Reply #3 from Stardock Forums Top

Quoting Ty-Rap, reply 2

While it may be a false positive, earlier versions of Start11 did not have this malicious coding.
End of Ty-Rap's quote

Again, if you downloaded it from Stardock's servers, there is no malicious coding in any version. That is guaranteed. Therefore, it is a false positive and you can either whitelist it or turn off your antiviral while downloading and installing, as recommended by Stardock. 

In any multi-antiviral scan, one can receive one or more positive/false positive result. Generally, if only one is positive out of many antiviral engines it can be ignored especially if the software is relatively new. One should be more suspicious if multiple engines report it as a positive, or if one downloads the software from a website other than the original developer's.

Stardock and its servers haven't failed me and its customers in 20 years. 

Reply #4 from Stardock Forums Top

Be careful, the file I scanned comes from the Stardock server and was retrieved from the download page in my Stardock account. I'm sorry to say and with all due respect, I don't use files marked as malicious and I expect more people will. I hope you take my advice in the previous comment to heart, take it seriously and support the Stardock customer in their concerns. Please update the file and make sure it is not marked as malicious.

Reply #5 from Stardock Forums Top

Quoting Ty-Rap, reply 4

Please update the file and make sure it is not marked as malicious.
End of Ty-Rap's quote

There's no need as Stardock doesn't distribute malicious software.

I'm sorry you haven't accepted my explanations and assurances, but that's your prerogative.

If you purchased the software, Stardock's return policy can be found here:

https://support.stardock.com/space/SHC/1339883584

The url for the Stardock Support Center is:

https://support.stardock.com/

Please note:

Stardock will be closed for the holidays starting on Thursday, December 22rd at 5PM Eastern and we will be returning on Tuesday, January 3rd. We will be monitoring support tickets and forums during this time but expect delays in responses during this time.

Happy holidays to you.

+1 Loading…
Reply #6 from Stardock Forums Top

Quoting Ty-Rap, reply 4

Be careful, the file I scanned comes from the Stardock server and was retrieved from the download page in my Stardock account. I'm sorry to say and with all due respect, I don't use files marked as malicious and I expect more people will. I hope you take my advice in the previous comment to heart, take it seriously and support the Stardock customer in their concerns. Please update the file and make sure it is not marked as malicious.
End of Ty-Rap's quote

This is a defect in that av product.  One I have to confess I have never heard of.

It is not uncommon for av apps to flag things they have not seen before as a virus.  Each new release will be seen as 'new'.  One might suggest in some cases this is to make them appear more useful and to encourage renewals.

Given every other av app on virus total shows it clear you should be reassured the file is perfectly safe and the outlier is simply wrong.

+1 Loading…