Webroot had a brief AV false positive issue recently.  This accidentally impacted Windows system files and resulting in brief impacts. This was quickly addressed and illustrates that AV protection is important, but not always perfect.  On rare occasions it can sometimes flag legitimate files (but usually even these issues are quickly resolved).   


An antivirus service used by tens of thousands of businesses and millions of home users shut down an untold number of computers around the world Monday after it mistakenly identified core parts of Microsoft Windows as threats, the company confirmed. Webroot confirmed on its support forum for customers that it issued an updated detection rule that “identified false positives” for critical Windows operating files Monday afternoon, resulting in those files’ being “quarantined” and inaccessible to Windows. It was reported the rule somehow allowed genuine “signed Microsoft files to be removed.”

The rule was distributed and applied by Webroot systems around the globe for about 13 minutes, the company said — long enough for businesses, users and administrators to find their files unavailable. Webroot reported. “The rule was removed and we are in the process of rolling back all of the false positives that reside in the Webroot Threat Intelligence platform,” the company said.