I am using a MacOS 10.5.8 with Avast 2.74r0 and I got an alert yesterday saying I have a Windows Hupigon-ONX Trojan in my vmware files (see log at end of this post) but also in my Mac Cookies and something called the internetconfigpriv.plist . The VM itself is Windows XP and is protected by McAfee which is up to date and not reporting anything.
I googled and found this on the vmware site which suggests it is a false positive
http://communities.vmware.com/thread/266004;jsessionid=D8026D4DCBDF3F410B525BC7005251FB?tstart=0I have also been advised that I shouldn't really have Avast scanning the vmdk files in any case, however I can't find any way to disable scanning of this file type or a specific folder. Can someone help please?
This is the logfile from Avast Mac edition
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000007-s001.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000007-s008.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Library/Preferences/com.apple.internetconfigpriv.plist Win32:Agent-IZJ [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000004-s004.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000002-s008.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000002-s005.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000002-s004.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000002-s019.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000004-s002.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000004-s019.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000002-s017.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000002-s007.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000002-s003.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000002-s014.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000002-s001.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Library/Cookies/Cookies.plist Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000002-s011.vmdk Win32:Hupigon-ONX [Trj]
11.05.2010 16:24:37 /Users/grahamcook/Documents/Virtual Machines.localized/GC-Pindar-WinXPPro1.vmwarevm/winxp-000004-s001.vmdk Win32:Hupigon-ONX [Trj]