Azure Backup -- Anti-virus

Hi,

 

One of our employees is using Azure Backup on a laptop, and we receive antivirus alerts every time the backup process is run. Defining a scan exclusion for the "problematic" files and folders doesn't help, presumably because the VSS copy is being scanned. I don't think there's any way to exclude these temporary volume copies. Here is an example alert:

 

Trojan:W32/Generic.1de7271040!Online|Blocked|File|

\Device\HarddiskVolume93\Users\XXXXX\.vscode\extensions\ms-vscode.azure-account-0.3.0\node_modules\ms-rest\lib\serviceClient.js

 

Any idea how we can avoid this alert or suppress it?

 

Thanks!

Comments

  • fedoolfedool Posts: 146 F-Secure Employee

    Hi,

     

    Did you report serviceClient.js as a false positive to https://www.f-secure.com/en/web/labs_global/submit-a-sample ?

    That should fix the issue

  • Thanks for your reply. That would be a temporary solution, but there are a number of files causing these false alerts. Additionally, if more people implement this backup solution, this might become untenable. I thought this might be a known problem and that there might be a solution I'm simply not aware of. If need be, then we'll resort to submitting false positive reports.

  • fedoolfedool Posts: 146 F-Secure Employee

    If you have multiple files detected, I could report entire package with all files to be checked. Then we may add generic exclusion so next time it will not be detected as false positive.

    Where do you download this package from?

  • etomcatetomcat Posts: 1,318 Superuser

    Hello,

     

    Access to a binary file sample may not even be necessary. I think F-Secure malware detection names that include the string "!Online" are special, as they can be identified from some kind of a cloud repository and fixed for false alarms without sample submission.

     

    Best regards: Tamas Feher.

This discussion has been closed.