Unknown Virus 2

[Rennfield]

Hi there,

I was wondering if anyones come across a virus called win32/vmalum.dmto. I've done several searches over the past couple of days but there doesn't seem to be any information on it. Also, it's attached to a torrent file that was downloaded several years ago so I don't know if it's the fact that no one's come across it or maybe it duplicates itself onto another file. If anyone has any information on this particular virus could you please fill us in.

Thanks,
Rennfield

 

[G0AOZ]

Can you identify the file relating to this possible infection? If you've detected it with say, AVG, then it'll usually inform you of the filename and it's location.

You could then go to

http://virusscan.jotti.org

and see what that database makes of it...

I note that CA's E-Trust antivirus software was detecting win32/vmalum as a threat, but it looks like it might have been a "false positive".

Let us know what you find...

ROGER - G0AOZ.

 

[BadBigBen]

Here is the Article that G0AOZ mentioned:

http://ca.com/securityadvisor/virusinfo/virus.aspx?id=41829

Win32.Malum

Date Published:
17 Feb 2005

Last Updated:
25 Jun 2007

jfyi:

I've done several searches over the past couple of days but there doesn't seem to be any information on it.

There is plenty of information out there, if you used the correct search pattern, e.g. instead of using win32/vmalum.dmto as a search string, you should have used win32/vmalum or just vmalum...



Ben

"If it works don't fix it! If it doesn't use a sledgehammer..."

 

[Rennfield]

BadBigBen, this is true. I think I left the ".dmto" on the end of all my searches. And thanks for pointing me to that topic that G0AOZ was talking about.

As for what file it was pointing to, like I said: It was attached to a torrent file whose full filename was "Warcraft.3.Frozen.Throne.(Reign.of.Chaos.Expansion).+CdKey.torrent" IIRC. And before anyone goes all crazy the only pirating I do is if I need to replace something, like my Frozen Throne CD because Blizzard makes awesome games... just really crappy burning as every CD from them I've gotten is useless after the first install.

Anyway, thanks again for the replies, they were really helpful.

 

[sggaunt]

It was attached to a torrent file

Sorry but I am going to say this anyway.
Pirating aside using peer to peer sharing such as bittorrent is extremely fraught (from the security point of view). You only need to look at some of the server names listed to see just how dodgy this is.
Hackers have ways of intercepting the bit streams and injecting malware, it doesnt have to be a dodgy file.

There might be some argument about the safety of bit-torrents, but my advice would be to get hold of legitimate files by normal downloads from legitimate sources. and forget torrenting



Steve: N.M.N.F.
If something is popular, it must be wrong: Mark Twain

 

[BadBigBen]

just really crappy burning as every CD from them I've gotten is useless after the first install.

that is why I do an ISO image of the valuable CD's, for reburn or mounting ...

this is legal in most countries, as long as they are not distributed...

the illegality, in what you DL, is that it comes with circumvention (the CD key and possibly a crack), and it does not matter if you have the original or not... just a word of warning there...

besides that, I too have to go with Steve about P2P file sharing, be it Torrent or eMule, watch what and from whom you DL, and specially have an AntiViral solution scan the files, before you use them...



Ben

"If it works don't fix it! If it doesn't use a sledgehammer..."