Jump to content

Unknown.Rootkit.Driver virtualbox and other files


mustwakeup
 Share

Recommended Posts

  • Staff

Hi,

This isn't really a false positive since our scanner correctly sees a driver modification when comparing low level vs the windows API.

And in this case, it's indeed caused by Rollback you have installed, because whenever you install new software that involves a change to a driver (in this case Virtualbox), Rollback forges this file - and is thus being detected by our engine (valid detection as Unknown.Rootkit.Driver - as some Rootkits do exactly the same.

 

That's why, please reboot your PC so Rollback "accepts" the change of the new virtualbox driver and doesn't forge it anymore. Then see if malwarebytes is still detecting it.

If detection is still present, temporary uninstall Rollback, reboot and reinstall Rollback again. Alternatively, you can add the detection to your ignore list as well.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.