Penny Arcade Forums Help / Advice Forum
The new forums will be named Coin Return (based on the most recent vote)! You can check on the status and timeline of the transition to the new forums here.
The Guiding Principles and New Rules document is now in effect.

lnk exploit virus

NibbleNibble Registered User regular
edited March 2010 in Help / Advice Forum
I live in Taiwan, and I often get messages from various friends containing some text like "find your ideal partner, check this out!" and a ".lnk" file. I've always known that they are most likely viruses, so I usually just ignore them. I thought it odd that Gmail's antivirus never finds a problem with the files, however, so I downloaded one in order to submit it to McAfee for evaluation. When I downloaded it, however, it appeared as "abcd.download" instead of "abcd.lnk", and I couldn't access it because "The process 'System' is currently accessing this file." I downloaded it with Chrome on Windows 7, and I didn't ask to execute the file. When I downloaded the same file on XP running Avira Antivir, it immediately identified it as containing an exploit called "EXP/lnk.AY.3", but it didn't have any information on the nature of the exploit.

Is my Windows 7 machine potentially infected? What can I do about it at this point? I have submitted the file to McAfee, which is the antivirus program running on that machine. Should I replace it with Avira and do a full system scan?

sig.php?id=178
Nibble on

Posts

  • SeeksSeeks Registered User regular
    edited March 2010
    Download MSSE or Avira. You might also want to boot into recovery mode and delete the file manually so that it can't be accidentally be accessed.

    Seeks on
    userbar.jpg
    desura_Userbar.png
  • scrivenerjonesscrivenerjones Registered User regular
    edited March 2010
    Nibble wrote: »
    I thought it odd that Gmail's antivirus never finds a problem with the files, however, so I downloaded one in order to submit it to McAfee for evaluation.

    :(

    Isn't there an e-mail address you can forward these things to, rather than having to download some dubious file to send along?

    scrivenerjones on
  • NibbleNibble Registered User regular
    edited March 2010
    Avira does this, but I couldn't find the option for McAfee. Actually, their entire suspicious file submission process kind of sucks. I only downloaded the file because I assumed that it couldn't do any damage unless I executed it. Apparently Windows is very nosy and it likes to check out files while I'm downloading them.

    I was able to delete the file after about a minute, but I have no idea if it created any other files on my system.

    |EDIT| It seems that Microsoft Malware Detection Center does not support email submissions, either, so I can't check if MSSE would be able to detect the virus on my computer. I guess I'll go with Avira for now.

    Nibble on
    sig.php?id=178
Sign In or Register to comment.
Penny Arcade Forums Help / Advice Forum