Bitdefender reporting virus

[trsmith78]

My Bitdefender out of the blue quarantined the audiobooktray.exe.

Tried to reinstall the latest and it quarantined it again.

[mikiher]

I'll try to send a false positive report to them.

[mikiher]

Can you please:

• Let me know which version of Audiobookshelf windows you're using?
• Which Bitdefender product?
• Attach a screenshot of the virus detection/report screen

[trsmith78]

Yes, please 🙏🙏🙏. I was just getting things going and now I'm down 4 days.

Many thanks, Troy

On Fri, Sep 20, 2024, 12:52 AM mikiher @.***> wrote:

Can you please let me know:

• Which version of Audiobookshelf windows you're using?
• Which Bitdefender product?

— Reply to this email directly, view it on GitHub https://github.com/mikiher/audiobookshelf-windows/issues/23#issuecomment-2362880087, or unsubscribe https://github.com/notifications/unsubscribe-auth/AIZUJ6ZQYIEPETGZXITMSHDZXOZYDAVCNFSM6AAAAABORFL532VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDGNRSHA4DAMBYG4 . You are receiving this because you authored the thread.Message ID: @.***>

[mikiher]

Can you please provide answers to the above? I need these for filing the false positive report

[kd2flz]

Also getting this now

[kd2hbv]

I have also been affected. To answer your questions @mikiher:

• AudioBookshelf version: 2.13.4 (both server and app version are the same).
• Bitdefender: Bitdefender endpoint security tools version 7.9.15.439

Here's the virus detection report:

The full item path is C:\Users\JonathanRhoads\AppData\Local\Programs\Audiobookshelf\Audiobookshelf.exe.

[mikiher]

OK, I tried reporting this to Bitdefender via this form, though I haven't received any confirmation of receipt. I attached the exe file, although it is larger than their file upload limit. I suppplied the link to the project and installer in the description. The submission didn't seem to fail, but it also didn't provide any sign of success.

If you're a paying customer of Bitdefender, I urge you to file a report as well, or directly contact their support.

[kd2hbv]

@mikiher - I submitted this to but defender support. They've acknowledged it as a false positive:

Hello ,

Thank you for your patience regarding this matter.

We have received an update from our Antimalware Team in which we are informed that the file is clean and detection should be removed in the next couple of updates.

Due to the file size, I had to submit the .exe via an alternate method they provided. So you were right to have a paying bitdefender customer submit this!

Thanks for your help!

[colvdv]

I had added audiobookshelf.exe to the exceptions list in BitDefender Antivirus Plus as a workaround to the above issue, but upon attempting to update Audiobookshelf today, BitDefender flagged another file that was created during the update, causing the installer to fail and produce an error with the option to retry, skip the file (not recommended), or cancel the installation.

The flagged file is a .temp file and has a different name every time I retry the update. Here are some of the file names it appeared as when retrying: is-6CGRH.temp is-IBVT1.temp is-G2DQR.temp is-AE8V6.temp As you can see, all of these files have the naming pattern is-____.temp.

It was detected as being infected with Trojan.Agent.GMVX.

As a temporary workaround, I have added the entire AppData/local/Programs/audiobookshelf folder to BitDefender's exceptions list.

Because it is a .temp and was auto-removed from my system after the update completed, I was unable to isolate it to upload to BitDefender for analysis as a False Positive. I even attempted changing my BitDefender settings to move it to quarantine rather than deleting it before I added the exception, but it wasn't cooperating.

I've submitted a False Positive report to BitDefender (as a paying customer). Because I was unable to isolate the .temp file, I resubmitted the audiobookshelf.exe file with the original issue posted here, plus the information I've provided in this post and a link to this thread. Their form never gave me confirmation that it was successfully submitted, so hopefully it went through.

[kd2hbv]

Today I was able to install v2.14.0 with no untoward intervention by BitDefender. Hopefully that means we're out of the woods on this. @colvdv - Hopefully you have the same success....

[mikiher]

Thanks for helping with this @kd2hbv.

I'll wait a bit to hear if there are any additional reports from Bitdefender users, and if not, I'll close this one.

[kd2hbv]

Thanks for maintaining such an amazing product, @mikiher! Glad to have been able to help at least a bit!