Windows users mystified as antivirus accidentally cripples computers

The issue appears to affect both businesses and consumers running all versions of the operating system

Aatif Sulleyman
Tuesday 25 April 2017 11:52 EDT
Comments
Webroot has detailed steps for affected users to take, but says the process could take up to 24 hours to work
Webroot has detailed steps for affected users to take, but says the process could take up to 24 hours to work (REUTERS/Shannon Stapleton)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A major gaffe has crippled Windows computers running antivirus program Webroot.

The security provider issued a seriously flawed signature update on Monday, which mistakenly identified hundreds of crucial Windows files and legitimate apps as malware.

It proceeded to shut them down, completely crippling users’ computers in the process.

Webroot customers were also unable to access Facebook, which the update had marked as a phishing site.

The issue appears to affect both businesses and consumers running all versions of Windows.

“A folder that is a known target for malware was incorrectly classified as bad, and Facebook was classified as a phishing site,” Webroot told PCWorld.

“The Facebook issue was corrected, and the Webroot team is in the process of creating a comprehensive fix for the false positive issue.”

The files were being flagged as W32.Trojan.Gen, a type of malicious program named after the mythical Trojan Horse that helped the Greeks sack Troy, designed to infect a computer by deceiving its operator.

“Endpoints that were not affected will not be affected,” wrote Mike Malloy, Webroot’s executive vice president of products and strategy, on the company’s community forum.

“The files that were mistakenly marked bad have been re-marked good.”

The company has also detailed steps for affected users to take on its forum, but says the process could take up to 24 hours to work.

While this fix helps individual customers and businesses with a small number of computers, it comes as little comfort to large customers with lots of affected machines.

“Webroot will run the automated agent command approach,” wrote Mr Malloy in a more recent update.

“But as I said it will take time to reach all endpoints. If you have critical business apps that need immediate attention, then using a local approach will be best. To the extent you can, ensure your endpoints are online so commands can be received.”

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in