W32. False Positive Virtualbox 4.0.10 Guest Additions Vboxwhqlfake.exe

[grahamperrin]

Within version 4.0.10 of VirtualBox, the installer for guest additions for Windows places a file that suffers from false positive detection:

 

\Program Files\Oracle\VirtualBox Guest Additions\VBoxWHQLFake.exe

 

Affected: at least two machines. One running Windows XP, one 32-bit Windows 7.

 

In the history interface of Immunet I see the file but not the name of the threat. Is that level of detail not saved in history? Lost after the pop-up is dismissed?

 

Re Realtime protection with ClamAV on Windows I recall that the name began with W32. so the detections were cloud-based.

 

http://www.virtualbox.org/wiki/Downloads

 

http://www.virtualbox.org/wiki/Changelog