Kaspersky antivirus detects FBackup as infected - False positive

Adrian (Softland) · Post by **Adrian (Softland)** » Fri Apr 16, 2010 4:13 pm

Problem: Kaspersky antivirus detected FBackup as infected and deleted the exe file. That is a false positive and we already contacted Kaspersky to fix that problem. In the meantime, we offer two solutions bellow.
Description: Example of Kaspersky log:

`Proactive Defense

-----------------

Events monitored: 4

Registry calls: 0

Blocked: 4

Start time: 4/15/2010 11:19:05 AM

Duration: 04:39:26
Detected

--------

Status Object

------ ------
Events

------

Time Name Events

---- ---- ------

4/15/2010 3:55:22 PM C:DOCUMENTS AND SETTINGSADMINLOCAL SETTINGSTEMPIS-3LE0P.TMPFBSETUP.TMP Process is trying to inject into another process. This behavior is typical of some malicious programs (Invader)

4/15/2010 3:55:22 PM C:DOCUMENTS AND SETTINGSADMINLOCAL SETTINGSTEMPIS-3LE0P.TMPFBSETUP.TMP "Quarantine" action is selected

4/15/2010 3:55:22 PM C:DOCUMENTS AND SETTINGSADMINLOCAL SETTINGSTEMPIS-3LE0P.TMPFBSETUP.TMP Forced to terminate the process.

4/15/2010 3:55:22 PM C:DOCUMENTS AND SETTINGSADMINLOCAL SETTINGSTEMPIS-3LE0P.TMPFBSETUP.TMP Error moving to Quarantine.

4/15/2010 3:55:22 PM R:BACKUP4ALL4.X4.4_203BNORMALFBSETUP.EXE Process is trying to inject into another process. This behavior is typical of some malicious programs (Invader)

4/15/2010 3:55:22 PM R:BACKUP4ALL4.X4.4_203BNORMALFBSETUP.EXE "Quarantine" action is selected

4/15/2010 3:55:22 PM R:BACKUP4ALL4.X4.4_203BNORMALFBSETUP.EXE Forced to terminate the process.

4/15/2010 3:55:22 PM R:BACKUP4ALL4.X4.4_203BNORMALFBSETUP.EXE Error moving to Quarantine.
Registry

--------

Time Application Key name Value name Data Data type Operation type Status

---- ----------- -------- ---------- ---- --------- -------------- ------
Settings

--------

Parameter Value

--------- -----

Application Activity Analyzer on

Registry Guard off`
Solution:

In the Kaspersky report page, right click the suspicious file (FBackup.exe) and select "Add to trusted zone"
or
Open Kaspersky, click MySecurityZone - Applications (on the right).

Select All in the dropdown list and scroll down to the bottom.

Locate any applications related to FBackup and right-click them and click "change status" and select Trusted.

Run FBackup again.

FBackup Forum

Kaspersky antivirus detects FBackup as infected - False positive

More Support

Frequent QuestionsVisit the Frequently Asked Questions section to find answers for the most popular questions we receive.

Get more featuresBackup4all is a premium backup solution with more features than FBackup. Click the button below to see how it compares to FBackup.

NewsletterBe notified on new releases by joining our newsletter

SupportStill have questions on how to use FBackup? Send us an email and reply promptly.

	FBackup	Backup4all
Incremental Backups
Aes Encryption
Email Notifications
Backup To Onedrive
Compare All Features

Spring sale: 20% Discount for Backup4all Pro to unlock new features (Save US$ 10.00)

Kaspersky antivirus detects FBackup as infected - False positive

More Support

Frequent QuestionsVisit the Frequently Asked Questions section to find answers for the most popular questions we receive.

Get more featuresBackup4all is a premium backup solution with more features than FBackup. Click the button below to see how it compares to FBackup.

NewsletterBe notified on new releases by joining our newsletter

SupportStill have questions on how to use FBackup? Send us an email and reply promptly.