Jump to content


Photo

W32. False Positive Virtualbox 4.0.10 Guest Additions Vboxwhqlfake.exe


  • Please log in to reply
No replies to this topic

#1 Graham Perrin

Graham Perrin

    Advanced Member

  • Immunet Insiders
  • PipPipPip
  • 84 posts

Posted 29 June 2011 - 03:34 AM

Within version 4.0.10 of VirtualBox, the installer for guest additions for Windows places a file that suffers from false positive detection:

\Program Files\Oracle\VirtualBox Guest Additions\VBoxWHQLFake.exe

Affected: at least two machines. One running Windows XP, one 32-bit Windows 7.

In the history interface of Immunet I see the file but not the name of the threat. Is that level of detail not saved in history? Lost after the pop-up is dismissed?

Re Realtime protection with ClamAV on Windows I recall that the name began with W32. so the detections were cloud-based.

http://www.virtualbo.../wiki/Downloads

http://www.virtualbo.../wiki/Changelog




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users