Webroot classes Windows files as false positives and promptly toasts users' systems

[mikeymikec]

https://tech.slashdot.org/story/17/...ndows-files-causes-serious-problems-for-users

Whoops.

 

[John Connor]

Read about this yesterday. I LOLed when it deleted their own OS component files on their computers. Definition-based anti-virus is old hat. You need a sandbox environment.

 

[balloonshark]

This is why you want to use an AV that asks you what you want to do with a suspect file or files. It's always good to get 2 or 3 or more opinions before wiping a file on your machine.

 

[Ketchup]

Apparently it wasn't quarantining the files either, but outright deleting them. Scrolling through the posts, most were from business uses who have been given several hours of extra work due to the chaos this caused on client systems.

 

[mikeymikec]

This is why you want to use an AV that asks you what you want to do with a suspect file or files. It's always good to get 2 or 3 or more opinions before wiping a file on your machine.

The problem is these days pretty much every AV (that I can think of at any rate) automatically decides what to do with "malware"; it irritates the hell out of me when I have to fish some of my 'hack tools' from the quarantine of a customer's PC.

Usually though they're quarantined rather than outright deleted. Naughty Webroot, naughty.

 

[John Connor]

SFC /Scannow to the rescue! LOL

 

[Puffnstuff]

SFC /Scannow to the rescue! LOL

It doesn't work very well in 10 often times forcing you to use DISM which definitely doesn't work anymore when trying to reference a wim image for repairs. Yeah haw I'm glad I stopped using their software years ago.

 

[John Connor]

10 is a damn abomination. I'll never use it, and when and if I do I'll PFsense the crap out of its connections back to Redmond.