Slashdot Mirror

← Back to Stories (view on slashdot.org)

Antivirus Webroot Deletes Windows Files, Causes Serious Problems For Users (pcworld.com)

Posted by msmash on from the false-positive dept.

Users of Webroot's endpoint security product, consumers and businesses alike, had a nasty surprise Monday when the program started flagging Windows files as malicious. From a report: The reports quickly popped up on Twitter and continued on the Webroot community forum -- 14 pages and counting. The company came up with a manual fix to address the issue, but many users still had problems recovering their affected systems. The problem is what's known in the antivirus industry as a "false positive" -- a case where a clean file is flagged as malicious and is blocked or deleted. False positive incidents can range in impact from merely annoying -- for example, when a program cannot run anymore -- to crippling, where the OS itself is affected and no longer boots. The Webroot incident falls somewhere in the middle because it affected legitimate Windows files and sent them to quarantine. This is somewhat unusual because antivirus firms typically build whitelists of OS files specifically to prevent false positive detections.

4 of 67 comments (clear)

  1. Every Antivirus has done this. by freeze128 · · Score: 4, Insightful

    This has happened to every Antivirus. This is why Microsoft made their own - Microsoft Security Essentials, and also Windows Defender. In the era of Microsoft's own AV, there is no need for a third-party AV installed on Windows.

    1. Re:Every Antivirus has done this. by Anonymous Coward · · Score: 2, Insightful

      including microsoft's.

      and, btw, microsoft did not "make their own".

      they bought rav from gecad in '03, and giant antispyware in '04. those turned into onecare (later mse) and defender, respectively.

      this is what they do: buy other companies or other companies technologies; and failing that, copy someone else's idea or product or poach their employees to recreate them.

  2. Another day in the Windows world by OneHundredAndTen · · Score: 4, Insightful

    Windows users are probably used to this kind of nonsense by now.

  3. Re:Is there a problem? by kurkosdr · · Score: 5, Insightful

    Translation: GOT THE JOKE??? I am an FSF neckbeard and consider Windows malicious for not conforming with my personal definition of non-malicious, and for that reason I think Webroot flagging Windows files as malicious is funny!!111 Joking aside, this incident proves WebRoot doesn't run automated tests before farting out a definition update, which every AV vendor should do.