Jump to content
tzucker

False Positive - Druva inSync

Recommended Posts

I came in this morning and found that the machine I had installed MBAMW on had identified our business backup solution, Druva's inSync program as malware and attempted to quarantine it.  When I looked int he quarantine there was nothing there and inSync still seemed to be working.

logs.zip

Malwarebytes Anti-Ransomware.zip

inSync.zip

Share this post


Link to post
Share on other sites

It happened again this morning - I am attaching the zip files.  I attached a zip of the insyncagent files as well, because I had already added insync.exe to the exclusions.  I already suggested that there be a way to exclude an entire directory (in this case it would be the insync directory).

inSync.zip

inSyncAgent.zip

logs.zip

Malwarebytes Anti-Ransomware.zip

Share this post


Link to post
Share on other sites

inSync was quarantined again after reboot even though all executable are in the exclusions list.  (see below)  When I attempted to stop Logmein it was also detected as ransomware, but unlike insync the files, it did appear in the quarantine - but I am unable to restore them. (see below)

 

So both inSync and Logmein are detected as False positives.  I should note however that they only were detected when I attempted to do something with them.  With insync - when I started a backup and with logmein when I attempted to stop it after startup.

insync executables.zip

logmein executables.zip

logs.zip

Malwarebytes Anti-Ransomware.zip

post-198689-0-32194700-1454087774_thumb.

post-198689-0-55047300-1454087774_thumb.

post-198689-0-75993100-1454087774_thumb.

post-198689-0-92828200-1454087774_thumb.

post-198689-0-12686900-1454087775_thumb.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.