Jump to content

ESET Online Scanner trashed Windows backups

geeksalive
 Share

Recommended Posts

geeksalive

geeksalive 0

Posted
Posted

I just encountered a horrible bug in ESET Online Scanner. I used it to scan an external hard disk drive, and look what it did:

 

H:\JONES-19HY9P1\Backup Set 2013-07-22 152403\Backup Files 2013-07-22 152403\Backup files 3.zip multiple threats deleted

H:\JONES-19HY9P1\Backup Set 2013-08-25 191558\Backup Files 2013-08-25 191558\Backup files 3.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2013-09-22 190011\Backup Files 2013-09-22 190011\Backup files 3.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2013-09-22 190011\Backup Files 2013-10-20 195212\Backup files 3.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2013-10-27 194353\Backup Files 2013-10-27 194353\Backup files 3.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2013-12-02 223950\Backup Files 2013-12-02 223950\Backup files 3.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-01-19 191054\Backup Files 2014-01-19 191054\Backup files 3.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-01-19 191054\Backup Files 2014-02-02 190001\Backup files 3.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-02-09 190012\Backup Files 2014-02-09 190012\Backup files 3.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-03-09 190011\Backup Files 2014-03-09 190011\Backup files 3.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-04-13 190003\Backup Files 2014-04-13 190003\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-05-18 190005\Backup Files 2014-05-18 190005\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-05-18 190005\Backup Files 2014-06-01 190011\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-06-08 190005\Backup Files 2014-06-08 190005\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-06-08 190005\Backup Files 2014-06-29 190011\Backup files 1.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-07-13 190011\Backup Files 2014-07-13 190011\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-08-17 190010\Backup Files 2014-08-17 190010\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-09-21 190010\Backup Files 2014-09-21 190010\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-09-21 190010\Backup Files 2014-10-05 190004\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-10-12 190011\Backup Files 2014-10-12 190011\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-10-12 190011\Backup Files 2014-11-02 190005\Backup files 1.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-11-16 190005\Backup Files 2014-11-16 190005\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2014-12-14 190011\Backup Files 2014-12-14 190011\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-01-25 190011\Backup Files 2015-01-25 190011\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-02-22 190011\Backup Files 2015-02-22 190011\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-02-22 190011\Backup Files 2015-03-01 190010\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-03-08 190011\Backup Files 2015-03-08 190011\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-04-05 190011\Backup Files 2015-04-05 190011\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-04-05 190011\Backup Files 2015-05-10 190004\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-05-17 190011\Backup Files 2015-05-17 190011\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-06-14 190011\Backup Files 2015-06-14 190011\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-07-19 211434\Backup Files 2015-08-02 132318\Backup files 2.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-07-19 211434\Backup Files 2015-08-23 190012\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-08-30 190014\Backup Files 2015-08-30 190014\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-09-27 190011\Backup Files 2015-09-27 190011\Backup files 5.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-11-15 190011\Backup Files 2015-11-15 190011\Backup files 5.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-11-15 190011\Backup Files 2015-11-29 190012\Backup files 3.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-11-15 190011\Backup Files 2015-11-29 190012\Backup files 5.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2015-12-13 193651\Backup Files 2015-12-13 193651\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2016-01-17 190006\Backup Files 2016-01-17 190006\Backup files 4.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2016-02-14 200240\Backup Files 2016-02-14 200240\Backup files 5.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2016-04-03 193631\Backup Files 2016-04-03 193631\Backup files 5.zip multiple threats deleted
H:\JONES-19HY9P1\Backup Set 2016-05-15 190008\Backup Files 2016-05-15 190008\Backup files 5.zip multiple threats deleted
 
In each of the Windows backups, ESET deleted one or more entire .zip archives, simply because something in that backup was flagged (mostly or entirely false positives, I'd wager). Every single backup was damaged. ESET destroyed nearly three years worth of Windows backups!
 
I can hardly believe it. Why on earth would ESET delete entire .zip archives from what are obviously windows backups, instead of just deleting the identified files inside those archives? Why would it irreversibly delete instead of quarantine?? Why would it take such drastic action without user confirmation???
 
This is a catastrophic bug.
 
Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 5,074

Posted
  • Administrators
Posted

If a threat is found in an archive containing also some clean files, such archive is not deleted automatically unless strict cleaning is used. Even deletion such file doesn't mean that it's lost - the original file is quarantined.

Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...