FALSE virus detection by Bitdefender

Getting Help
1

My Windows’ 11 Virus detection software, Bitdefender, claims that restic.exe has a virus in it. I do not believe this message. I believe that this is a false positive for two reasons:

  1. The restic.exe is restic 0.15.2 (which is from what I can see around April 2023). So all of the previous years of scanning by Bitdefender did not identify this file as containing a virus but today it matches. The virus is named: ith QD:Trojan.GenericKDQ.6D3724622D.

  2. I used the well known web site VirusTotal which has more than a 50 virus scanners and asked it to scan the file but only one of the scanners said there was a virus, and the one which said there was a virus was NOT Bitdefender.

Bitdefender for my purposes has been a good virus / website problem detector. I will be renewing my license.

Please run virus checkers on all programs you download from the internet. Please note I am using restic 18.1 for doing backups, but I keep previous versions in a separate directory which is where Bitdefender found it’s match.

I shall attempt to notify Bitdefender of the false positive. Please run a virus checker and reply with a message if you did or did not find a virus.

2

@punchcard, I have multiple versions of restic on my laptop just like you. This runs back to 2021.
Anti Virus provider is Microsoft Defender. Never had an alert for any restic version:

image
image253×253 2.51 KB

p.s. all security options enabled as well as periodic scanning.

3

This happens from time to time, antivirus engines or similar alerting for restic. One part of it is that restic creates files that are encrypted and look like a potential ransomware attack.

It’s not uncommon to have to whitelist restic in your antivirus or similar, so I’d recommend doing that if you can’t get your AV to not give false positives. Thanks for trying to report it to them!

1 Like