Hi All:
I am using Avast 4.8 Home Edition.
I am running Windows Vista 32 bite operating system with the latest windowsupdate.
I have a vmware 6.04
A have a Vista Firewall Control 32 bite in addition to the firewall that comes with Windows Vista.
My guest operating system is running windows 2000 server sp4. I update the guest since January 1,2008.
I scan the guest through Avast home addition and it shows no virus in the "Vmware Virtual Disk File".
My laptop is connecting to the internet directly from the dsl modom. It is not connecting from wireless router.
I did a windowsupdate.microsoft.com. It install 59 security updates on the windows 2000 server guest operating system.
I disconnect from the internet and scan the vmware file "Vmware Virtual Disk File" through "Scan archive file" and it shows the following infection:
* Task 'Simple user interface' used
* Started on February-22-09 3:03:25 PM
* VPS: 090221-0, 21/02/2009
*
G:\Win2000MdtsMay12\Desktop.ini
G:\Win2000MdtsMay12\vmware-0.log
G:\Win2000MdtsMay12\vmware-1.log
G:\Win2000MdtsMay12\vmware-2.log
G:\Win2000MdtsMay12\vmware.log
G:\Win2000MdtsMay12\vm_folder.ico
G:\Win2000MdtsMay12\win2000Serv.nvram
G:\Win2000MdtsMay12\win2000Serv.vmsd
G:\Win2000MdtsMay12\win2000Serv.vmx
G:\Win2000MdtsMay12\win2000Serv.vmx.bak
G:\Win2000MdtsMay12\win2000Serv.vmxf
G:\Win2000MdtsMay12\Windows 2000 Server.vmdk [L] Win32:RPCexploit [trj] (0)
File was successfully deleted...
Infected files: 1
Total files: 12
Total folders: 1
Total size: 19.9 GB
*
* Task stopped: February-22-09 3:33:28 PM
* Run-time was 30 minute(s), 3 second(s)
*
Before I update the guest operating system, I did a boot time scan on the parent operating system which is Windows Vista and it shows no virus.
So how did I get the virus Win32:RPCexploit [trj] after I did a windowsupdate.microsoft.com. Is this virus coming from Microsoft web site?
Yours,t
Frustrated.