Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vmalum.akax


  • Please log in to reply
15 replies to this topic

#1 MollyBaloney

MollyBaloney

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:38 PM

Posted 13 October 2007 - 02:09 PM

My virus software keeps popping up with this infection notification (VMalum.AKAX) in a d3dx9_2.dll file. I can find no information about this infection. My software won't remove it. It won't delete. Anyone have any help to share about this?

My virus protection is CA Security.

Molly

BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:38 PM

Posted 13 October 2007 - 02:45 PM

I did a search on CA's site for the "VMalum.AKAX" and got no results.
Suggest you submit the "infected" file (d3dx9_2.dll) to Jotti and they will scan it with several programs.
http://virusscan.jotti.org/
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 MollyBaloney

MollyBaloney
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:38 PM

Posted 13 October 2007 - 09:06 PM

that's the window that keeps popping up and telling me i have it....the CA security

Thanks,
MOlly

#4 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:38 PM

Posted 13 October 2007 - 09:28 PM

Not sure what you mean in your last post. I understood in your first post that the infected file is d3dx9_2.dll.

Since I cannot find info on the malware name "VMalum.AKAX" you should submit the file to Jotti to find out if it is actually infected and what it is infected with if that is the case.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:38 PM

Posted 13 October 2007 - 10:20 PM

CA asks that you submit asample if it reports it

Win32/Malum (or Win32/VMalum) may be reported when eTrust Antivirus uses advanced techniques to generically detect a worm or trojan that affects the Win32 platform.

Should you have this detection reported, we highly recommend that you submit a sample of the affected file to Computer Associates Antivirus Research for analysis.

For detailed instructions on how to submit samples to Computer Associates, please see below.


http://ca.com/securityadvisor/virusinfo/virus.aspx?id=41829
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,485 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:38 PM

Posted 13 October 2007 - 10:37 PM

d3d .dll files are normally related to DirectX. What version of DirectX are you using?

Go to Start > Run and type: dxdiag
click OK.
Look for the DirectX version information near the bottom of the DirectX Diagnostic Tool box.

Then click on the DirectX Files tab and see if you have d3dx9_2.dll
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 MollyBaloney

MollyBaloney
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:38 PM

Posted 14 October 2007 - 03:10 AM

direct x version 9.0c and the file isn't showing there. But it is in my system32 folder. will not let me delete.

Thanks,
Molly


And as soon as i figure out how to submit it, I certainly will. I meant that the only way i know it's there...is that the CA security window keeps popping up and telling me it's there...but it won't let me fix it. It won't let me quarantine it or remove it.

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,485 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:38 PM

Posted 14 October 2007 - 07:54 AM

DirectX files are located in C:\Windows\system32 folder.
Navigate to the location of the file and hover your mouse over it. What does the description say?
Right-click on the file and choose Properties. What information shows in the Version Tab?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 MollyBaloney

MollyBaloney
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:38 PM

Posted 14 October 2007 - 10:00 PM

Okay...the file is in c:\windows\system32\d3dx9_2.dll... When I run my mouse over the file, the CA Anti-Virus Infection Alert pops up saying the d3dx9_2.dll is infected with win32/VMalum.AXAK

Thanks,
Molly

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,485 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:38 PM

Posted 15 October 2007 - 07:25 AM

Right-click on the file and choose Properties. What information shows in the Version Tab?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 MollyBaloney

MollyBaloney
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:38 PM

Posted 15 October 2007 - 08:12 PM

On this particular file, when I right click and get properties...there is no version tab. Only the general tab. No other tabs.

#12 buddy215

buddy215

  • Moderator
  • 13,196 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:38 PM

Posted 15 October 2007 - 08:29 PM

All you have to do to submit the file to Jotti is click on the link to Jotti in my first post. Copy this file path that you provided--
c:\windows\system32\d3dx9_2.dll--- into the search window on top of the page. Click on submit and jotti will do the rest.
“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#13 MollyBaloney

MollyBaloney
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:38 PM

Posted 15 October 2007 - 08:53 PM

I did submit to jotti and it said the file was 0 bytes or my firewall was on. I turned my firewall off and resubmitted and got the same message. But the file I'm submitting is 104 KB. I can't submit to CA because it won't archive...says it can't read the file.

Molly

#14 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,485 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:38 PM

Posted 15 October 2007 - 09:35 PM

What is the date on that file? Does it match the dates of the other DirectX files?

Also, try renaming d3dx9_2.dll to d3dx9_2.dll.bad, then see if you can submit it to jotti.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#15 MollyBaloney

MollyBaloney
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:06:38 PM

Posted 18 October 2007 - 09:39 PM

It won't let me rename it and the date is 9/23/2007 all the others are like 2003 files.

Thanks,
Molly




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users