Within version 4.0.10 of VirtualBox, the installer for guest additions for Windows places a file that suffers from false positive detection:
\Program Files\Oracle\VirtualBox Guest Additions\VBoxWHQLFake.exe
Affected: at least two machines. One running Windows XP, one 32-bit Windows 7.
In the history interface of Immunet I see the file but not the name of the threat. Is that level of detail not saved in history? Lost after the pop-up is dismissed?
Re Realtime protection with ClamAV on Windows I recall that the name began with W32. so the detections were cloud-based.
W32. False Positive Virtualbox 4.0.10 Guest Additions Vboxwhqlfake.exe
No replies to this topic
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users