|
Posted by Malko on October 20, 2005, 9:18 am
If you were Registered and logged in, you could reply and use other advanced thread options
Please, I have a USB Memory stick infected by a Boot Malmo Virus.
Someone help me on how to clean it ,
Thx
|
|
Posted by Zvi Netiv on October 20, 2005, 10:49 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Please, I have a USB Memory stick infected by a Boot Malmo Virus.
> Someone help me on how to clean it ,
There is absolutely no way that the boot portion of Malmo will install to a USB
memory stick. Malmo is the name used in some AV for Junkie, a virus that was
common in the mid nineties, and became extinct since (it CAN'T run on 32 bit
Windows operating systems).
There have been a few reports on that virus in the last years, mostly obtained
with Symantec's NAV, and all turned to be false alerts.
Ignore the alert, or change the AV product you use.
Regards, Zvi
--
NetZ Computing Ltd. ISRAEL www.invircible.com www.ivi.co.il (Hebrew)
InVircible Virus Defense Solutions, ResQ and Data Recovery Utilities
|
|
Posted by Malko on October 21, 2005, 6:49 am
If you were Registered and logged in, you could reply and use other advanced thread options
Every time I connect the USB flash disk, the message is there, "Boot
malmo". I think it could not be a false alert. Think about it.
Thx
|
|
Posted by Zvi Netiv on October 22, 2005, 4:23 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Thx, but please it's detected by Symantec Norton AV!
>
> Every time I connect the USB flash disk, the message is there, "Boot
> malmo". I think it could not be a false alert. Think about it.
It contradicts physics rules. The Malmo (Junkie) MBR will only install to a
device specified 80h in the BIOS (first fixed hard drive), when running an
infected file under plain DOS.
Norton AV is known to suffer of this particular false alarm. See
http://tinyurl.com/chg9b for more threads on the same.
If you insist keeping NAV and using the memory stick, then disable the boot
check in NAV's options. It may stop the false alert and you don't really risk
anything.
Regards, Zvi
--
NetZ Computing Ltd. ISRAEL www.invircible.com www.ivi.co.il (Hebrew)
InVircible Virus Defense Solutions, ResQ and Data Recovery Utilities
|
|
Posted by Robert Moir on October 22, 2005, 5:48 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Thx, but please it's detected by Symantec Norton AV!
>
> Every time I connect the USB flash disk, the message is there, "Boot
> malmo". I think it could not be a false alert. Think about it.
Zvi is a well known figure in the antivirus community who absolutely knows
what he's talking about in cases like this and has spent rather more time
than you or almost anyone else you name "thinking about it".
Get a second opinion from a different virus scanner.
--
--
Rob Moir
Website - http://www.robertmoir.co.uk
Virtual PC 2004 FAQ - http://www.robertmoir.co.uk/win/VirtualPC2004FAQ.html
Kazaa - Software update services for your Viruses and Spyware.
|
| Similar Threads | Posted | | Boot. Malmo threat | May 11, 2006, 5:20 am |
| Boot Malmo removal from a USB Mem Stick??? | September 28, 2005, 3:56 pm |
| Boot Virus Help | June 22, 2006, 12:50 pm |
| boot problem | November 24, 2007, 12:59 pm |
| Please help!! Boot Virus?? | May 10, 2008, 11:46 am |
| Question(s) about VBS/Petik-V & boot.ini | December 14, 2005, 3:41 am |
| Boot Sector virus | September 22, 2006, 6:38 pm |
| Can't boot to safe mode | June 3, 2007, 5:33 pm |
| Anti Virus Solutions That Use Their Own Boot CD? | July 2, 2008, 1:47 pm |
| Unknown exploit - Boot.ini/Windows shares | February 20, 2006, 5:05 am |
|
XML site map