I had some Win32/AMalum infections turn up this morning in CA Anti-Virus (Vista, 2007, ver. 8.4.0.28, engine 31.6.0) after updating to sig. 6604. I’ve seen that others are experiencing the same problem. I believe theses are false positives found with heuristic scanning. Mine were all found in Cygwin files. I checked with CA and this is what they say:
“Win32/Malum (similarly known as Win32/VMalum and/or Win32/AMalum) may be reported when CA Anti-Virus uses advanced techniques to generically detect a worm or trojan that affects the Win32 platform.
Should you have this detection reported, we highly recommend that you submit a sample of the affected file to CA Anti-Virus Research for analysis.”
