Results 1 to 8 of 8

Thread: BringStar.exe

  1. #1

    Default BringStar.exe

    Had ZA pop up and access authorization window for BringStar.exe which was deemed malware by ZAES and must have been part of what I like to call a "Guerrilla Install" back doored in with some other program. I hadn't installed anything on the date the file folder appeared (01/28/14) so asked my son (pilot) who uses the puter for flight sims. The only thing control panel shows being installed same date is nVidia's new GFX drivers and a Backup utility upgrade (FBackup).

    I web search with Yahoo and Google comes up dry. Uninstalled the program but it resulted in a Error .... still have a program folder with

    C\ProgramFiles(x86)\BringStar\updateBringStar.exe
    C\ProgramFiles(x86)\BringStar\bin\utilBringStar.ex e

    There are also 4 registry entries. Before manually deleting, given the total lack of any web sources on this file, wanted to ask here 1st.

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: BringStar.exe

    I would post your PC logs at bleepingcomputer or spywarehammer clean up forums. You will be help by volunteers experts in malware. Specific links are present in the malware cleanup guidance in the malware section.

    Or just follow the suggestion you have been already given here :

    http://www.sevenforums.com/system-se...e-malware.html

    Thanks,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3

    Default Re: BringStar.exe

    I find it a bit odd going to a software vendor's sponsored forum ....a software vendor that I pay for two site licenses I should add .... and getting a response that suggests my only option suggests to go to other sites and using other free programs. From a marketing perspective, seems like a bad policy to suggest to paying customers that they can solve all their problems by using free alternatives. Isn't that what I'm pay Checkpoint for ? To identify and remove Viruses / malware.

    I did not post in the malware section because I have nothing conclusive that says it's malware .... I don't know what it is. I must apologize for my original post where I said "Had ZA pop up and access authorization window for BringStar.exe which was deemed malware by ZAES and must have been part of what I like to call a "Guerrilla Install" back doored in with some other program"

    What I meant to say was "Had ZA pop up and access authorization window for BringStar.exe which was not deemed malware by ZAES and must have been part of what I like to call a "Guerrilla Install" back doored in with some other program."

    As I said in the sevenforums link you listed, it was a standard ZA program start authorization popup. I see these type of forums as serving multiple functions 1) for users to benefit from other users experiences for resolution of issues and 2) to bring to the attention of other users and the software vendor new issues or things that might be an issue.

    Since there is no data available on the web on this thing, the likelihood of it being something the author wants to people to knowingly use is slim. If I was a security oriented vendor I certainly would want to know about any new potential threats so I could better serve my customers.

    I think any ZA customer, would go to Checkpoint as the 1st place to look for any answers with soemthing that might be a threat to their network's PC security.

  4. #4
    Join Date
    Dec 2002
    Location
    San Carlos, California
    Posts
    1,636

    Default Re: BringStar.exe

    Its not know if this is a threat or just part of another application.

    If it were a threat and its been 24 hours already we would be able to Google for it and find lots of hits.

    But we don't. Just the discussion here and on another forum that you started.

    I don't think this is a threat from the data that we have so far.

    To be sure, download and run malwarebytes too.

    Its always good to have a couple programs.

    No single security program can keep you 100% safe. Even multiple programs cannot guarantee that.
    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  5. #5

    Default Re: BringStar.exe

    It's apparently also known as SearchProtect by Conduit which has thousands of hits

    https://malwr.com/analysis/YzhlZmRlZ...gwYjViZTFjMDg/

    http://guides.yoosecurity.com/how-to...duit-redirect/

    https://forums.malwarebytes.org/inde...owtopic=141488

    http://www.geekstogo.com/forum/topic...for-bringstar/

    Odd that ZAEC doesn't recognize..... Will this raise any interest ?
    Last edited by JackNaylorPE; February 3rd, 2014 at 10:31 AM.

  6. #6
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: BringStar.exe

    Quote Originally Posted by JackNaylorPE View Post
    Odd that ZAEC doesn't recognize..... Will this raise any interest ?
    The question would be more: its odd that Kaspersky (AV Engine) does not recognise it, will Kaspersky add it (if it is not already so)?
    You should also check if you have turned ON detection of riskware.

    See here what to do next (including reporting it to Kaspersky lab):
    xyz was not detected. What I should do?

    Thanks,
    Fax
    Last edited by fax; February 3rd, 2014 at 11:12 AM.

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  7. #7
    Join Date
    Dec 2002
    Location
    San Carlos, California
    Posts
    1,636

    Default Re: BringStar.exe

    Thank you for your additional info.

    Being that ZA did identify it as malware this is why ZA is much more powerful as a security program to detect and warn you about zero day exploits such as this. We have other security checks than just relying on AV. Even with the additional checks we are not always 100% perfect and no other vendor in the world is either.

    As far as AV detecting it and removing it that up to our AV vendor only.

    If all the other AV vendors will recognize this as a threat I'm sure ours will too. But if only one vendor does at the moment then it not clear if our will.
    Last edited by Forum-Moderator; February 3rd, 2014 at 11:58 AM.
    Click here for ZA Support
    Monday-Saturday__ 6am to 10pm Central time
    Closed Sundays and Holidays

  8. #8
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,287

    Default Re: BringStar.exe

    Quote Originally Posted by JackNaylorPE View Post
    then I feel like my vendor would be more responsive if I was sending my checks to Kapersky in the future.
    For the case of false positives, false negatives yes, much faster for you to report to Kaspersky. They will actually confirm if they will classify as malware or simply do not agree on classification.

    You can also use virustotal.com and check directly the detection of KAV.

    Each AV producer has different approaches to PUP more or less stringent. If Kaspersky does not detect it then it is not consider as dangerous as to be detected and we cannot do much here, You should clearly demonstrate them that that file is a damaging vector

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •