Jump to content

Unknown.Rootkit.Driver virtualbox and other files

mustwakeup

By mustwakeup
in File Detections

 Share

Recommended Posts

  • Staff
miekiemoes

miekiemoes

Posted
  • Staff
Posted

Hi,

This isn't really a false positive since our scanner correctly sees a driver modification when comparing low level vs the windows API.

And in this case, it's indeed caused by Rollback you have installed, because whenever you install new software that involves a change to a driver (in this case Virtualbox), Rollback forges this file - and is thus being detected by our engine (valid detection as Unknown.Rootkit.Driver - as some Rootkits do exactly the same.

 

That's why, please reboot your PC so Rollback "accepts" the change of the new virtualbox driver and doesn't forge it anymore. Then see if malwarebytes is still detecting it.

If detection is still present, temporary uninstall Rollback, reboot and reinstall Rollback again. Alternatively, you can add the detection to your ignore list as well.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.