Jump to content

Rougue Antivirus 2010 false positive


Recommended Posts

Seen on two systems: Windows XP 64, Windows 5.2.3790 Service Pack 2

Malwarebytes' Anti-Malware 1.46, Database version: 4818

We configure our start menus so that all Audio/Video apps are kept in a Start Menu folder called "AV". We discovered that Malwarebytes identifies the AV Startmenu folder and all its contents (subfolders and shorcuts) as infected with "Rouge Antivirus 2010". Kind of a shock, since we're pretty fastidious about security.

So, before we followed malwarebytes suggestion to blow away the dozens of entries in our "AV" Startmenu folder, we gave our systems a thorough analysis. We actually found no trace of Rouge Antivirus 2010 on our systems.

On a hunch, we renamed the "AV" Startmenu folder to "Audio_Video" and rescanned with Malwarebytes. Malwarebytes no longer listed anything as infected.

I suppose the reason for the false positives was the presence of a Startmenu folder named "AV". We could imagine that the presence of a folder/object named "AV" could be part of a fingerprint for Rouge Antivirus 2010 (eg: "AV" is often associated with "Anti-virus"). But, allowing malwarebytes to trigger on just the presence of an "AV" Startmenu folder seems kind of a stretch to us.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.