View Issue Details

IDProjectCategoryView StatusLast Update
0001538bareos-corefile daemonpublic2023-08-02 17:26
Reporterhostedpower Assigned Tobruno-at-bareos  
PriorityhighSeveritymajorReproducibilityalways
Status closedResolutionno change required 
Platformx86OSWindowsOS Version2016
Product Version22.0.3 
Summary0001538: bareos-fd detected as virus
DescriptionHi,


We see that server AV is deleting bareos-fd.exe marking it as a virus.

We downloaded the installer and extracted both version 22.0.2 and 22.0.3, these are the results

https://www.virustotal.com/gui/file/a3c54d9a63d337b473327127cd0ec4162cda1819e403fb1ff0bf440d35d09b6c
https://www.virustotal.com/gui/file/37605d0b5285856c5b150e5924485e8da831d6be792abe97bfe0a832b3f21c6f

Is there anything malicious going on? Is this a known issue?
TagsNo tags attached.

Activities

HiFlyer

HiFlyer

2023-06-08 19:51

reporter   ~0005066

Confirm that BitDefender detected the windows version of bareos-fd as infected. Was submitted to Bitdefender as a false positive and they agreed it was a false positive.
bruno-at-bareos

bruno-at-bareos

2023-06-27 14:39

manager   ~0005101

Did you report it as false positive ?
Did you recheck with 22.1.0+ ?
To your knowledge, we are in the process of building bareos for windows with native Microsoft tools, will certainly help to avoid this kind of situation.
HiFlyer

HiFlyer

2023-06-27 15:07

reporter   ~0005102

Last edited: 2023-06-27 15:09

Did you report it as false positive ?
Yes, and they replied that they agreed that is was a false positive and it would be taken care of. The linux versions did not have any such detection.. I do not remember what the earlier windows version was that I reported as a false positive.

Did you recheck with 22.1.0+ ?
I have upgraded the windows client to 22.1.1~pre6.593af292f and not had further detections.

To your knowledge, we are in the process of building bareos for windows with native Microsoft tools, will certainly help to avoid this kind of situation.
hope this response helps.
hostedpower

hostedpower

2023-06-27 15:18

reporter   ~0005103

It improved a lot, this is the scan of 22.1.0: https://www.virustotal.com/gui/file/0488bba6bb42514524306d2e6e34649b6d989167c2da0ef2d2d846224e661247

But if you revisit the original links posted, you'll see most of them adapted too!
bruno-at-bareos

bruno-at-bareos

2023-06-27 16:03

manager   ~0005104

So nothing we can do, or have to :-)
bruno-at-bareos

bruno-at-bareos

2023-08-02 17:26

manager   ~0005309

Future build of Windows Bareos will be made with MSVC stack limiting the false detection.

Issue History

Date Modified Username Field Change
2023-05-31 11:52 hostedpower New Issue
2023-06-08 19:51 HiFlyer Note Added: 0005066
2023-06-27 14:39 bruno-at-bareos Note Added: 0005101
2023-06-27 15:07 HiFlyer Note Added: 0005102
2023-06-27 15:09 HiFlyer Note Edited: 0005102
2023-06-27 15:18 hostedpower Note Added: 0005103
2023-06-27 16:03 bruno-at-bareos Note Added: 0005104
2023-08-02 17:26 bruno-at-bareos Assigned To => bruno-at-bareos
2023-08-02 17:26 bruno-at-bareos Status new => closed
2023-08-02 17:26 bruno-at-bareos Resolution open => no change required
2023-08-02 17:26 bruno-at-bareos Note Added: 0005309