Adloader-AC in a .vmdk file hosting Vista

[ogegoon]

Hi,

I did recently a fresh install of both Vista x32 and Vista x64 in VMWare.

Today, running a complete scan with Avast home, it reported an infection with the trojan Win32:Adloader-AC on the vmdk files.

Because these files are resp. 8Gb and 16Gb, I can't upload them for a online check (as suggested in other posts here).
So, I did an online scan with Bit-Defender and F-Secure. None of them find any infection on these vmdk files ?!

I decided next to scan the virtual machines from "inside"... I run again Bit-Defender and F-Secure inside the "Vmwared" Vista.
Neither Bit-Defender nor F-Secure found anything. I run then Windows defender... nothing.
I finally installed Avast home in these "VMWared" Vista and run both a boot scan and a thorough scan: still nothing

Where could be hidden this Adloader-AC ?

O.

[Lisandro]

A false positive, most probably.
I'll add *.vmdk into the avast Exclusion Lists until it could be fixed by Alwil team.

[igor]

I checked the signature and it looks OK to me - i.e. I don't think it's a false alarm, at least not the usual one.
Could be a "conflict" between antiviruses - avast! detecting virus signatures of BitDefender / F-Secure / Windows Defender installed in the virtual image.

[rulon]

im finding this in my pagefile but only on the oppersite OS in my dual boot of win 7 and xp
i.e when i scan in xp it finds it in win7 and if i scan in win7 it finds it in xp unless i turn off the page file but it comes back when reinabled so im not sure where it comes from