[GH-ISSUE #4124] BitDefender: AV false positive on startup for Desktop 1.8.3 #2623

Closed
opened 2026-02-22 18:30:30 -05:00 by yindo · 5 comments
Owner

Originally created by @Sierbahnn on GitHub (Jul 11, 2025).
Original GitHub issue: https://github.com/Mintplex-Labs/anything-llm/issues/4124

How are you running AnythingLLM?

AnythingLLM desktop app

What happened?

Image

I started the app and it got immediately shut down by my antivirus. I never had this happen on my old machine, and this is the first time I started it on my new Windows 11 machine

Are there known steps to reproduce?

No response

Originally created by @Sierbahnn on GitHub (Jul 11, 2025). Original GitHub issue: https://github.com/Mintplex-Labs/anything-llm/issues/4124 ### How are you running AnythingLLM? AnythingLLM desktop app ### What happened? <img width="700" height="152" alt="Image" src="https://github.com/user-attachments/assets/516ab148-5907-4f9b-aeff-e9532c6b9c7c" /> I started the app and it got immediately shut down by my antivirus. I never had this happen on my old machine, and this is the first time I started it on my new Windows 11 machine ### Are there known steps to reproduce? _No response_
yindo added the possible bug label 2026-02-22 18:30:30 -05:00
yindo closed this issue 2026-02-22 18:30:30 -05:00
Author
Owner

@timothycarambat commented on GitHub (Jul 11, 2025):

AV's update their lists all the time, our app on windows is unsigned it's documented already. Since AV lists update whenever they need to refresh them, something previously okay can sudddenly not be

@timothycarambat commented on GitHub (Jul 11, 2025): AV's update their lists all the time, our app on windows is [unsigned](https://docs.anythingllm.com/installation-desktop/windows#install-using-the-installation-file) it's documented already. Since AV lists update whenever they need to refresh them, something previously okay can sudddenly not be
Author
Owner

@timothycarambat commented on GitHub (Jul 11, 2025):

For what its worth, do you get this on 1.8.2? https://cdn.anythingllm.com/legacy/1.8.2/AnythingLLMDesktop.dmg
All FP so far have only come from BitDefender and the only notable change was the inclusion of the browser tool, which has no additional dependencies but maybe something about it is causing such a signature flag

@timothycarambat commented on GitHub (Jul 11, 2025): For what its worth, do you get this on 1.8.2? https://cdn.anythingllm.com/legacy/1.8.2/AnythingLLMDesktop.dmg All FP so far have only come from BitDefender and the only notable change was the inclusion of the browser tool, which has no additional dependencies but maybe something about it is causing such a signature flag
Author
Owner

@timothycarambat commented on GitHub (Jul 11, 2025):

We just submitted a false positive report to BitDefender - it is almost certainly the Authenticated Web Scraping tool since the heuristics of that likely look like browser automation - even though it is its own browser totally.

@timothycarambat commented on GitHub (Jul 11, 2025): We just submitted a false positive report to BitDefender - it is almost certainly the Authenticated Web Scraping tool since the heuristics of that likely look like browser automation - even though it is its own browser totally.
Author
Owner

@timothycarambat commented on GitHub (Jul 15, 2025):

We have identified that BitDefender (among others via VirusTotal) throws false positives for the app.asar due to the use of esbuild during build-time minification. We migrated the build time minifier to terser and now VirusTotal shows no false positives.

Will be fully fixed in the next patch 1.8.3-r2 or 1.8.4

@timothycarambat commented on GitHub (Jul 15, 2025): We have identified that BitDefender (among others via VirusTotal) throws false positives for the `app.asar` due to the use of esbuild during build-time minification. We migrated the build time minifier to `terser` and now VirusTotal shows no false positives. Will be fully fixed in the next patch 1.8.3-r2 or 1.8.4
Author
Owner

@timothycarambat commented on GitHub (Jul 16, 2025):

Resolved in 1.8.4 release

@timothycarambat commented on GitHub (Jul 16, 2025): Resolved in 1.8.4 release
yindo changed title from BitDefender: AV false positive on startup for Desktop 1.8.3 to [GH-ISSUE #4124] BitDefender: AV false positive on startup for Desktop 1.8.3 2026-06-05 14:47:36 -04:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Mintplex-Labs/anything-llm#2623