This morning, the Roon software was updating on one of my Windows PCs when Webroot SecureAnywhere identified the W32.Rogue.Gen virus. Here is the relevant line from the scan log:
I uninstalled the Roon software, scanned the PC again to ensure it was clean, rebooted the PC, then downloaded the RoonInstaller64.exe file from the Roon website to try a clean install.
Same issue: W32.Rogue.Gen detected.
I this a false positive? Until I know for sure, Iām only using the Roon app on my Android devices.
You can upload your RoonInstaller file to VirusTotal and they will let about 80 different virus scanners go over the file. This way you will get a better idea if only your SecureAnywhere gets it wrong.
I already did this with the installer downloaded from the Roon website and the result is exactly that only SecureAnywhere flags it, so chances are that itās a false positive. Here is the result:
Note that the digital signatures on the file are intact (second tab on VT or the file properties of your own file), so it would be quite a feat to change the file without breaking the signatures. (Or someone has access to Roonās signing mechanism - possible but probably unlikely).