Nox App Player - False Positive?

[REDACTED]

I've had Nox installed for some time now and I know it's a pretty popular android emulator. Today I had checked my laptop and found the "uninst.exe" file in the "Program Files (x86)/Bignox" folder infected with a Win32:DH-AI malware. I later scanned the file on my PC and it treated it the same way and went to the virus chest.

It never had a problem earlier, and I see no reports of the virus anywhere else so I was thinking it was just caused by a virus definitions update or something, but I just want to be sure if it was a false positive or something.

[Asyn]

Test the file at VT (https://www.virustotal.com) and post the link to the result here.

[REDACTED]

https://www.virustotal.com/en/file/06e28f3b170f08f7794ad03875df8018be4b228b169f022b2c381fce12575ac4/analysis/1490561098/

So I guess that means it's safe and just a false positive?

[Pondus]

So I guess that means it's safe and just a false positive?

Yepp          First submission 2016-11-09 23:12:30 UTC ( 4 months, 2 weeks ago )

[DavidR]

https://www.virustotal.com/en/file/06e28f3b170f08f7794ad03875df8018be4b228b169f022b2c381fce12575ac4/analysis/1490561098/

So I guess that means it's safe and just a false positive?

Whilst it is a good start, there are certain things that aren't scanned for in an on-demand scan, which is done by the virus total site.

There occasions that uninstall functions might look suspicious, given what they can/programmed to do, run around deleting things files, registry entries, etc.

There have been a few detections of Win32:DH-AI that were FPs, so yes this should be submitted to avast as a possible FP. If this file is in the virus chest, right click on it and select Submit to virus lab...

[Milos]

Hello,
send us the detected file through https://www.avast.com/false-positive-file-form.php

Milos