Security News Webroot antivirus goes bananas, starts trashing Windows system files

FreddyFreeloader

Level 32
Verified
Top Poster
Well-known
Jul 23, 2013
2,115
I don't see how Webroot or Triple Helix will be in business much longer.
On a personal note - 4 years ago I tried Webroot, didn't like it and upon uninstalling it, the blasted thing locked up my machine. Had to do a Windows reinstall. Talk about a hassle.
 

Petrovic

Level 64
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,354
@Jack
Please close this thread
it`s news section not a trolling bar)

  • Be nice to each other. Profanity, insults, personal attacks or purposeless inflammatory posts will not be tolerated. Note: Some appellative may be seen as offensive and you should not use them. Examples: fanboy, troll, spammer, etc.
 
  • Like
Reactions: _CyberGhosT_
F

ForgottenSeer 58943

It's still not fixed for a good number of folks - allegedly.

One of our MSP competitors who we are on good terms with tell us 30% of their clients were nuked and they've only been able to properly recover a small percentage of those. This article and the thread it points to seems to indicate tremendous problems persist. One poster in the thread claims his MSP has only been able to restore 3 machines.

Webroot antivirus mistakenly flags Windows as malware

3 hours ago
I can confirm that it is still happening. Shut down another distributor client of mine. The server is set to ALL DISABLED, but it's possible a workstation did the damage. However, all of them are supposed to be set to "all disabled" as well.
 

Tony Mc

New Member
Apr 26, 2017
1
I've been unable to access my windows...meaning can't boot up..after scanning with Avast as I was informed of a virus.....
I'm that new...I just keep repeating what I know won't work...any ideas anyone...please,
 

Arequire

Level 29
Verified
Top Poster
Content Creator
Feb 10, 2017
1,814
I've been unable to access my windows...meaning can't boot up..after scanning with Avast as I was informed of a virus.....
I'm that new...I just keep repeating what I know won't work...any ideas anyone...please,
You're going to want to head over to Malware Removal Assistance, read the preparation guide, follow the instructions and start a new thread outlining your problems.
 
F

ForgottenSeer 58943

I don't see how Webroot or Triple Helix will be in business much longer.
On a personal note - 4 years ago I tried Webroot, didn't like it and upon uninstalling it, the blasted thing locked up my machine. Had to do a Windows reinstall. Talk about a hassle.

Oh that was the guy.. Triple Helix. Some guy with seemingly little to no IT knowledge telling people they were too dumb to 'understand'. I remember him now... He was a fanboy from hell that really damaged the reputation of that product in the eyes of a lot of professionals he interacted with. He seems very quiet now after the apocalypse a few days ago.

Freddy, you aren't alone on the uninstall issues. One of the clients we took over for our MSP just this week used Webroot. The thing was like a tumor on the systems and required a lot of manual removal effort. The funny part is, one of our L1 techs removed it from one machine and it reinstalled itself on restart. We got a good laugh out of watching him rage about the product.
 

katharn

Level 1
Apr 23, 2017
14
It's still not fixed for a good number of folks - allegedly.

One of our MSP competitors who we are on good terms with tell us 30% of their clients were nuked and they've only been able to properly recover a small percentage of those. This article and the thread it points to seems to indicate tremendous problems persist. One poster in the thread claims his MSP has only been able to restore 3 machines.

Webroot antivirus mistakenly flags Windows as malware

3 hours ago
I can confirm that it is still happening. Shut down another distributor client of mine. The server is set to ALL DISABLED, but it's possible a workstation did the damage. However, all of them are supposed to be set to "all disabled" as well.
i am really thankful that it has not affected clients on my side. the joys of living in a part of the world where internet is still powered by hamsters.
 
  • Like
Reactions: Game Of Thrones

omidomi

Level 71
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Apr 5, 2014
6,001
Please people, stop this Witch Hunt !

none of you understand Webroot and know how it works ! Webroot is 100% helping its customers ! they create major issues to force their customers to choose a better security solution :D
Now I think I understand " how its work" :rolleyes::p
btw It seems they fixed it now ?o_O
 
  • Like
Reactions: Deleted member 178
F

ForgottenSeer 58943

They fixed the spreading, but many companies are still under maintenance. Webroot will lose lot of customers when the license renewal time will come.

I noticed they were quick to point out that they didn't get hacked/compromised. I wonder if it will be discovered that some foul play was involved? Maybe a rogue employee, whatever.. I'm not saying that it is the case here, just speculating.

Either way this is a colossal mistake that would never happen if they had proper procedures, vetting, code reviews and careful deployment of changes. To me it seems like sloppiness of epic proportions. Anyone that has dealt with whitelist/blacklist programs knows you can't play around. Also, anyone that deals with the enterprise/corporate market knows that any deployments or changes have to be very carefully studied, tested and implemented. Which is why most of the big name corporate AV's are so slow to change.

Trend Worry Free just rolled out 'Machine Learning' to their business/corporate products that connects to their Trend Deep Security back end. However Trend defaulted it to OFF and provided a 'logging only' option just in case. We've got this logging on about 10,000 clients now to see the results after a few weeks before moving to Quarantine.

The sloppiness here is inexcusable IMO.
 
D

Deleted member 178

Either way this is a colossal mistake that would never happen if they had proper procedures, vetting, code reviews and careful deployment of changes. To me it seems like sloppiness of epic proportions.
The sloppiness here is inexcusable IMO.
It is not just that, they are impervious to critics, they believe they are the best solution, truly believe that, and others don't know how to use their softwares.

I have a friend , he did a lot of soft pentestings of webroot because he liked it that time, want to improve it. He reported several important bugs and even vulnerabilities on their forum; devs ignored him and even discredited him making look like an novice that don't know what he is talking about... Guess what? now he is employee of a security company doing exactly the same things.
 

ExploitBlocker10

Level 1
Verified
Sep 4, 2015
40
It is not just that, they are impervious to critics, they believe they are the best solution, truly believe that, and others don't know how to use their softwares.

I have a friend , he did a lot of soft pentestings of webroot because he liked it that time, want to improve it. He reported several important bugs and even vulnerabilities on their forum; devs ignored him and even discredited him making look like an novice that don't know what he is talking about... Guess what? now he is employee of a security company doing exactly the same things.
Wait your tellling me Webroot is so ignorant to ignore obvious flaws in their software and then blame their customers for "not knowing how to use it" That's is dumbfounding and a very easy way to lose all your customers.
 
Last edited:

Petrovic

Level 64
Verified
Honorary Member
Top Poster
Well-known
Apr 25, 2013
5,354
Wait your tellling me Webroot is so ignorant to ignore obvious flaws in their software and then blame their customers for "not knowing how to use it" That's is dumbfounding and a very easy way to lose all your customers.
proof link??
 

FrFc1908

Level 20
Verified
Top Poster
Well-known
Jul 28, 2016
950
We do not need a proof link for this to have it confirmed. Many people have been exposed here to the trashtalking of webroot when it comes to defending their product. And that Daniel guy aka triple helix is the worst! He will terrorise you for negative replies towards the product. Or as one of the mods over their explained : some of our community members tend to be very protective towards our products. This is not healthy in my eyes. So that is the reason why I left the webroot community.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top