emsisoft gone crazy!!

[nick76]

Hello all,
today during an EAM scan it found plenty of !E2 viruses on quite all software I've installed (Chrome, Dragon, Firefox, VMWare, ....) (I've stopped the EAM Scan because it's too weird such scan). I've also ran a Eset AV scan and it found nothing, a WebRoot Scan and Nothing, a MBAM scan Nothing, a MRT scan Nothing.

all the applications are unusable right now because I think it deleted the files even I didn't want it.

Now I want to know if anyone of you have heard such a crazy behaviour about EAM.

btw: Webroot found in OA a thread

 

[Deleted member 178]

Never got this issue. What about reinstalling them, they work after? maybe your apps were infected, did you redo a scan with EAM after reinstalling them?

 

[Jack]

False positives have happen before to this product and other,however it's really strange that it affected so many programs.
Can you go to C:\Program files\Emsisoft Anti-Malware\Logs and check out the latest logs and see what it has removed and why?

 

[nick76]

PLEASE READ!!!
http://support.emsisoft.com/topic/8807-all-my-files-e2-infected-all-anti-virused-dont-detect-it-only-emsisoft/

very very important.
JACK please publish in the first page. My OS gone completely gone!!!!

 

[Jack]

WOW....That's nasty! Thank you for keeping us up-to-date nick!
Can you boot your computer or did this false possitive detection made your computer unbootable?

 

[nick76]

I'm quite thrilled about reboot it!! For the time being I've restored the quarantine files but not all the application are back in normal state (dragon: gone, vmware: gone!!, chrome: gone.....)
I'm waiting for an answer from emsisoft about how to restore files...

Nick

 

[Deleted member 178]

lol its terrible, and then you said "lucky i had made a backup" the others just cry...

 

[NSG001]

lol its terrible, and then you said "lucky i had made a backup" the others just cry...

Ikarus at fault :dodgy:
Heard emsi were going to lease sigs from Bitdefender soon ?

 

[Deleted member 178]

yes , i think this will be the drop of water that overflow the vase

 

[Jack]

Ikarus at fault :dodgy:
Heard emsi were going to lease sigs from Bitdefender soon ?

Lets not forget that HitmanPro also uses the IKARUS enigne so the users who were scanning with this product at that time might also have a similar problem.

 

[nick76]

Just restored the files... except dragon (which I will reinstall it) everyhing seems to be ok again.
and the new update were already downloaded.
however for webroot oa.exe is a thread.

 

[Deleted member 178]

OA is a threat !!! (joking, Stranger and Biozfear will understand me ) because OA always gave me BSODs or slow down terribly my system.

 

[NSG001]

Lets not forget that HitmanPro also uses the IKARUS enigne so the users who were scanning with this product at that time might also have a similar problem.

Very good point Jack.
My next full Hitman scan is not scheduled until Friday

 

[Plexx]

I actually did a scan earlier today on a test VM while testing a combo and saw that and thought it was an infection of some sort. Lucky it was on VM only.

So Emsisoft released an emergency update to fix the false positives but are the files initially affected?

Umbra: how come you were not affected? Forgot to scan?

OA is not a threat. Its the vaccine for your virus!


webroot oa.exe <-- what exactly is this? Don't recall webroot using Online Armor technology...

 

[Deleted member 178]

I actually did a scan earlier today on a test VM while testing a combo and saw that and thought it was an infection of some sort. Lucky it was on VM only.

yes lucky you ^^

So Emsisoft released an emergency update to fix the false positives but are the files initially affected?

yes it seems it was done.

Umbra: how come you were not affected? Forgot to scan?

i am more a RT-scan type than an O-D one

OA is not a threat. Its the vaccine for your virus!

:lolz:

webroot oa.exe <-- what exactly is this? Don't recall webroot using Online Armor technology...

no it doesn't, maybe a typo mistake

 

[Spirit]

Ikarus at fault :dodgy:
Heard emsi were going to lease sigs from Bitdefender soon ?

Lets not forget that HitmanPro also uses the IKARUS enigne so the users who were scanning with this product at that time might also have a similar problem.

No problem from HMP
just scanned now and no FP detection.
I was horrified after reading Nick's post

 

[Plexx]

thanks for the confirmation Stranger.

I suppose I can now update the database of EEK... but then again, a temporary fix might not be enough. I will prefer to wait a couple of days, just to be on the safe side. Takes me 2 hours and 14 mins to restore my system image...

 

[nick76]

I've rebooted the wks and everything seems to be fine now... I just had 30 minutes of pure panic! And also seems that Emsisoft didn't care very much about this bad situation. Not happy about Emsisoft at all...

 

[Deleted member 178]

they cared since they did an emergency update to fix it.

 

[Littlebits]

Just about all AV vendors have had similar issues where false positives caused major problems. You should never set your real-time AV to delete detected files, always make sure that it is set to quarantine them or move to virus chest, etc. that way if there is a faulty signature update, you can always restore the detected files.

I remember one time when Avast went crazy with a faulty update and I was away from my system at the time. When I came back I seen all of these warnings several programs and safe files were moved to the virus chest.

I knew that nothing had changed on my system when I went away, so I quickly disabled all shields and restored all of the files.

Thank goodness I didn't have Avast set to delete detect files.

AV vendors are not perfect and sometimes a small little error can cause major problems.

I can remember back when AVG, Avira, BitDefender, McAfee, Norton, Panda and Eset also had faulty updates that caused problems.

I'm sure it has happened to all AV vendors.

Thanks.