AVG repeatedly blocks threats while Syncback does backup

Now Then
Now Then used Ask the Experts™
I have been trying to backup my Netgear ReadyNAS Duo to an external hard drive that is connected to my PC, using Syncback Free. AVG has reported many threats while Syncback is attempting to do the backup. Most of them include "SBS" in the name of the supposedly infected file. When I take a look in the location where the infected file is meant to be, I find sometimes that is not even there. For a PC that is regularly having AVG run full scans, it seems very odd that it would discover so many infected files as soon as I start a backup. Could it be that Syncback is generating files that are causing AVG to consider them to be malware?
Can anyone suggest what they think might be going on here?
AVG threat blocked while Syncback does backup
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Could it be that Syncback is generating files that are causing AVG to consider them to be malware?

I use SyncBack Pro and do not see this.

Do you get this AVG error if you scan the Ready NAS directly?
Jackie Man IT Manager
Top Expert 2010

Download a trial of syncback pro and try to make a backup to see whether AVG still thinks that there is virus?
Top Expert 2016
when syncbackpro sends a file it is originally named sbse*.* and once the transfer is complete it is renamed to the original file.. This way if you have picture1.jpg on the source and picture1.jpg on the destination and picture1.jpg has been updated.  Syncbackpro will use the sbse* temporary filename so if the transfer is aborted (computer resets, lost connection) you don't lose the older picture1.jpg

I think it is a false positive.
Build an E-Commerce Site with Angular 5

Learn how to build an E-Commerce site with Angular 5, a JavaScript framework used by developers to build web, desktop, and mobile applications.

this means the corresponding files are seen by avg as infected.
use the information provided by john to figure out the original file name.

you need to check the original file for an actual infection. most likely it is indeed infected and any computer you installed that software on is infected as well.
given the file's name i'd assume you downloaded some software for you motherboard from some online geneeric site rather than the vendor's. these commonly bundle the downloads with various malware.
I am with David Johnson in that these detections are most likely to be false positives.  Clearly AVG has not identified a known and named virus that is listed in its malware database or else it would have given you a specific name.  Win32:Malware-gen simply means "general".  Most often this kind of detection is because the antimalware software has identified some elements of a file that might seem to be a bit suspicious, in other words a "heuristic" detection.   Some genuine system utilities that dig slightly deeper into the system than standard program executables are detected as potential malware because malware also tends to digs deeper than normal into the system.  There are many other reasons why innocuous files are flagged as suspicious.

One thing you can do if you can locate one of the files logged by AVG is to upload it to VirusTotal for analysis and see how many of the antimalware engines report the file as suspicious.
Now ThenNot applicable


Thank you. I am pretty convinced that these are false positives because AVG has only flagged them while Syncback was doing its thing.. I have decided to run a very comprehensive scan of all my files and folders with AVG. It will take many days but so far it has found no problems. Once the AVG scan has finished then I think that I am ready to assume that they are false positives.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial