My Internet security Program (Kaspersky 2015) flags the following directory and file that were found in the default VM's directory:
X_vboxDiagTools (folder)
vboxnetadp.sys_error_repair_tool-winthruster.exe ( only file in above folder)
I have Virtual box version 4.3.24 installed
Is this a valid folder and file to be installed by virtual box? or is it possible malware?
Thanks.
regards,
Bob
Suspicious File/folder in default VM directory:wintruster
-
- Site Moderator
- Posts: 39134
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Suspicious File/folder in default VM directory:wintruste
That tool was not installed by VirtualBox. In fact VirtualBox puts nothing in the VMs folder until you create a VM.
It looks to me like you visited one of those websites that will tell you what "vboxnetadp.sys" is for (in fact it's the host-only NIC driver installed by VirtualBox in the system32\drivers folder), and lets you download a snake oil tool to "repair it" - which is the exe you have there. IMHO you'd be a fool to run that exe.
It would delete it immediately.
It looks to me like you visited one of those websites that will tell you what "vboxnetadp.sys" is for (in fact it's the host-only NIC driver installed by VirtualBox in the system32\drivers folder), and lets you download a snake oil tool to "repair it" - which is the exe you have there. IMHO you'd be a fool to run that exe.
It would delete it immediately.
-
- Posts: 5
- Joined: 26. Apr 2015, 20:04
- Primary OS: MS Windows 7
- VBox Version: PUEL
- Guest OSses: Ubuntu
Re: Suspicious File/folder in default VM directory:wintruste
Thanks for your response. I have deleted the file. Since I did not download any file to repair anything, I don't understand how it got on my system. I'm open to any suggestions how to trace this. I wonder if I should install something that traces all files downloaded to the system. Anything that I have downloaded in the past, I immediately scan it with Kaspersky.
Thanks.
regards,
Bob
Thanks.
regards,
Bob
-
- Site Moderator
- Posts: 39134
- Joined: 4. Sep 2008, 17:09
- Primary OS: MS Windows 10
- VBox Version: PUEL
- Guest OSses: Mostly XP
Re: Suspicious File/folder in default VM directory:wintruste
Sorry, I can only tell you that the .exe file did not come from VirtualBox.