How to remove VBoxWindowsAdditions.exe

VBoxWindowsAdditions.exe

The module VBoxWindowsAdditions.exe has been detected as Trojan.Heur!

VBoxWindowsAdditions.exe
Remove VBoxWindowsAdditions

File Details

Product Name:

Oracle VirtualBox Guest Additions
Company Name:

Oracle and/or its affiliates
MD5: 4166deb25f0038069dec91e8d6a2a083
Size: 1 MB
First Published: 2025-10-29 23:01:05 (2 days ago)
Latest Published: 2025-10-29 23:01:05 (2 days ago)
Status: Trojan.Heur! (on last analysis)
Analysis Date: 2025-10-29 23:01:05 (2 days ago)

Overview

Signed By: Oracle Corporation;Oracle America, Inc.
Status: Invalid (digital signature could be stolen or file could be patched)

Common Places:

%windir%\temp

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x00001430

PE Sections:

Name Size of data MD5
.text 535552 8712999a79f49b6efb32b6857f1507d9
.zero 0 d41d8cd98f00b204e9800998ecf8427e
.rdata 270848 c36ec280f66f3b2482be8e3a1281e75b
.data 3584 5ef174d0b4dadccdf3f758603fc2c679
.idata 3072 a5a776495d3dea00530867571c269edf
.rsrc 199680 946bb8c664fd2e09020544e15f27cf32
.reloc 22016 c14bd6c80b7c1719e0db0a2f625c62ed

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for VBoxWindowsAdditions.exe
copyright for information about VBoxWindowsAdditions.exe