Webroot Error Placed Some Windows Files in Quarantine

Webroot is an endpoint security product designed to keep PC users from getting viruses that might do things like prevent your Windows PC from booting. The problem is that on Monday something in the program went wrong and it began to flag windows files as malicious. The problem is described as a false positive where clean files are tagged as malicious and either blocked or deleted according to PCWorld.

The big problem when this happens to clean Windows files is that the blocked or deleted files can lead to failure of the PC to boot leaving the user unable to actually use their machine. Webroot has issued a statement that describes what went wrong.

“A folder that is a known target for malware was incorrectly classified as bad, and Facebook was classified as a phishing site,” Webroot said in an emailed statement. “The Facebook issue was corrected, and the Webroot team is in the process of creating a comprehensive fix for the false positive issue.”

Webroot says that its program incorrectly detected malicious files for two hours between 1pm and 3pm MST and files detected were flagged as W32.Trojan.Gen. The fix for now involves the user logging into the online console for Webroot and manually creating override rules for the blocked files.

After creating those manual rules, it takes 24 hours for the software to poll the server and restore the files. Users can manually trigger a polling via the command line. This solution doesn’t work for MSPs according to some and Webroot is still working on a universal fix. There is no word on why exactly the software suddenly flagged clean files as infected.