November 15, 2006, 11:42 AM — Microsoft's fledgling consumer anti-virus service, Windows Live OneCare, wrongly identified Google's Gmail service as a virus infection last week, Microsoft has admitted.
The false positive began late last week when Google made changes to the Gmail website, Microsoft claimed, but didn't give details as to exactly what the changes were or why they had caused the problem. The result was that when OneCare users visited the Gmail site they were informed their systems were infected with the virus BAT/BWG.A.
"Windows Live OneCare customers may have recently experienced an issue that incorrectly flagged files related to Google's Gmail service as a virus," a Microsoft spokesperson said. "This was a limited false positive issue with our anti-virus protection."
Microsoft apologized for the mistake and said it was reviewing its processes to keep similar problems from recurring. The problem began late last week and was fixed by a signature update on Sunday, Microsoft said.
For some of those affected, the false positive turned into a serious headache involving lost data and hours of wasted time with Microsoft tech support, according to Gmail and Microsoft user forums.
The experience of a user called Jim was typical, with several hours of telephone calls and Remote Desktop tech support. "He gave up after an hour and told me it was in my Gmail so I had to delete everything, trash, sent, archived, etc. and then use Stinger. I mistakenly followed his advice. Two years of carefully saved stuff is gone," he wrote.
"I restarted, went into my empty Gmail account with nothing in there, and a WLOC message popped up telling me of a BAT/BMG A virus."
Microsoft is not the only one to suffer from false positives, which occur regularly in anti-virus programs. Earlier this year a McAfee signature update falsely identified components of Microsoft Office as a virus, and Microsoft's anti-spyware software said a Symantec security program was a Trojan.
During testing, OneCare -- released commercially in May -- disabled a security program called Computrace LoJack.
