Rogue.AntiVirusPC2009

[lab99]

Whenever I run a scan, quick or otherwise, MB finds this . . .

c:\program files\antivirus pc 2009\quarantine (Rogue.AntiVirusPC2009) -> Delete on reboot.

c:\program files (x86)\antivirus pc 2009\quarantine (Rogue.AntiVirusPC2009) -> Delete on reboot.

I can reboot the computer, run the scan again shortly thereafter or the next day and MB finds the same entries again. In windows explorer with the view options set to view hidden and system files, neither of the above program files\ folders exist.

Any ideas anyone?

[Firefox]

Hello and

Have you tried installing the latest beta that is out, I believe it corrects this issue. You can get it HERE.

[digdeep]

I have the same problem

and this one too

http://forums.malwarebytes.org/index.php?showtopic=84769

I have no issues in 1 60 0 1600 but now its back in 1 60 1 1000

This is bug then?

[Maurice Naggar]

@digdeep

You have anothet thread from a few weeks ago. ref http://forums.malwarebytes.org/index.php?showtopic=104399&hl=&fromsearch=1

Please stop multi-posting, and follow prior advice to open a new topic in Malware Removal

Read and follow the directions >> here << , skipping any steps you are unable to complete.

[bob30880]

If you have any Comodo products installed you may want to read this post concerning the same detections:

Guys, this may be an incompatibility issue with Comodo Internet Security and Malwarebytes.

I don't know what option in Comodo is actually responsible for this, but it looks like Comodo maintains a blacklist of known malware folders (or something that can be manually configured). Maybe this is a part of its sandbox, maybe not...

In anyway, the folders malwarebytes detects are not actually there. It's Comodo which is responsible for these "ghost" folders, probably as a part of their defense protection or sandbox, this probably to prevent the creation of these folders in the first place. And because of this behavior, it makes malwarebytes believe those folders are there, thus it reports them as infected.

Or, Comodo intercepts the enumeration of malwarebytes scan, compares with its own blacklist database, and acts as a block here.. and because of that, it confuses malwarebytes scan and makes malwarebytes believe those folders are actually there.

We've had similar reports before already and uninstalling and reinstalling Comodo seems to have solved these "ghost" detections by Malwarebytes.

Also, it may be an idea to disable Comodo during a malwarebytes scan, this to see if it's still detecting the same.

Posted here: http://forums.malwarebytes.org/index.php?showtopic=69003&st=0&p=356541entry356541

[digdeep]

I have Comodo IS indeed.

Thank you for your time