vhenum.exe (false?) identified as trojan (Win32 Client Drivers)

2 posts / 0 new
Last post
joern74
vhenum.exe (false?) identified as trojan (Win32 Client Drivers)

Hi,

the F-Secure virus scanner identify the file vhenum.exe as trojan.
The meta scanner VirusTotal identify this file with 8/57 as trojan.generic.

Could you check this please - to be sure, that it is clean?

Thanks,
joern

Michael
Its a false alarm, my guess

Its a false alarm, my guess is that those 8 anti-virus vendors use the same virus engine that returns the false positive.

The reasons it is false alarm is the following:

1. The vhenum.exe binary is entirely complied and signed on linux and does not touch windows at all. Linux does not contain windows viruses.

2. I copied vhenum.exe to a windows computer and scanned with avc and it finds no problem.

3. The binary is signed with VirtualHere Pty. Ltd. certificate. If a virus modifies the binary after it is signed it will not authenticate correctly in windows because the hash value would have changed from what was signed.

Log in or register to post comments