★ Help

Antivirus & SmartScreen

If Windows SmartScreen or your antivirus flagged STARbot, this page explains why it happens, what to do in the moment, and how to clear the warning permanently for the major vendors.

The short version. Most warnings about STARbot are false positives caused by how we package the app, not by anything malicious in the code. Click More info → Run anyway on a SmartScreen prompt, or use the per-vendor submit links below to clear an antivirus flag — usually within 24-48 hours.

Why this happens

STARbot is bundled with PyInstaller, a tool that packages Python applications into a single Windows .exe. PyInstaller bundles are a well-known false-positive hotspot — antivirus engines look at the way the file unpacks itself in memory at launch and sometimes match that pattern against unrelated malware that uses the same technique. The same heuristic flags many legitimate Python applications.

STARbot is also game-automation software: it reads pixels from the screen and sends simulated keyboard and mouse input to your game window. Those behaviours overlap (technically) with what some malware families do for very different reasons, so a few engines err on the side of flagging anything that combines them.

Finally, our code-signing certificate is new. Windows SmartScreen builds reputation per certificate over the first few weeks of real-world downloads; until enough STARbot installs have passed through it, Windows shows a "Windows protected your PC" warning even though the binary is properly signed. This warning will fade away on its own as reputation accumulates, typically within the first 30 days after launch.

Windows SmartScreen

SmartScreen is Windows' built-in reputation gate — separate from Defender's malware scanning. If you see a window titled "Windows protected your PC" with a "Don't run" button, that's SmartScreen, and it's almost always a reputation issue, not a detection.

What to do: click More info at the top of the warning. The window will expand to show the publisher name (STARbot Automations) and a Run anyway button — click that to proceed with the install. There's no user-facing submission form for SmartScreen because it's reputation-based; submitting STARbot to Microsoft Defender (below) feeds the same reputation signal, so reporting one helps the other.

If your antivirus blocked or quarantined STARbot

Every major vendor accepts false-positive submissions, and most clear the flag within 24-48 hours of receiving a sample. Find your vendor below for the direct link.

Microsoft Defender

https://www.microsoft.com/en-us/wdsi/filesubmission

Sign in with a Microsoft account, upload the STARbot installer .exe (or a ZIP of it), choose Software developer and Incorrect detection (false positive) as the reason, and add a short note that it's a signed PyInstaller bundle. Analyst replies usually arrive within 24-72 hours.

Avast / AVG

https://www.avast.com/false-positive-file-form.php

Upload the file (500 MB max, single file or ZIP), pick False positive as the report type, give your email and a one-line note. Corrections typically ship in the next definition update within 24-48 hours. AVG shares Avast's detection database, so the same submission covers both.

Bitdefender

https://www.bitdefender.com/consumer/support/answer/29358/

The consumer "Incorrect Detection" page hosts an upload form: attach the file, paste the detection name Bitdefender showed you, and include your email. Cleared false positives are usually corrected within hours.

Caveat: users have intermittently reported the form failing to submit. If you hit an error, retry in a different browser, or email us (below) and we'll re-submit on your behalf.

Norton (Gen Digital)

https://submit.norton.com/

The Norton Submission Portal: choose Dispute the detection, upload the .exe, paste the detection name and your email. You'll get a tracking ID and an email when the verdict updates. Turnaround is typically 1-3 business days.

If submit.norton.com doesn't load (we've seen DNS resolution failures on some ISPs), the Norton support KB at support.norton.com / kb20090410134005EN links to the same form via an alternate route, or you can flush your DNS cache and retry.

Kaspersky

https://opentip.kaspersky.com/

Upload the .exe (51 MB cap per file) to OpenTip. If it's flagged and you disagree with the verdict, click Submit to reanalyze on the report page to escalate to the Kaspersky virus lab.

Fallback if OpenTip is uncooperative: open a support request at https://support.kaspersky.com/1870, category Malware → topic False positive, and attach the sample with app name, version, and your operating system.

Still blocked?

If you've tried the submit form for your vendor and the detection is still in place after a few days — or if you'd just rather not deal with it yourself — email contact@starbotautoraider.com with the detection name and the vendor, and we'll re-submit the sample directly. We track these so we can flag any vendor whose engines start matching us repeatedly.

Questions or feedback on STARbot itself? Email contact@starbotautoraider.com. STARbot AutoRaider is operated by Starbot Automations.
Last updated: 27 May 2026