Resolved Shorcut virus (.lnk)
- Thread starter phani143
- Start date
- Status
Bobbye
Posts: 16,313 +36
The malware you are referring to is the Sality Virus family.
Sality is a family of file infecting viruses that spread by infecting exe and scr files. The virus also includes an autorun worm component that allows it to spread to any removable or discoverable drive. In addition, Sality includes a downloader trojan component that installs additional malware via the Web. Sality disables antivirus software and prevents access to certain antivirus and security websites. Sality generally drops a .cmd, .pif, and .exe to the root of discoverable drives, along with an autorun.inf file which contains instructions to load the dropped file(s) when the drive is accessed.
(Source: about.com)
It creates executable files that are corrupted beyond repair resulting in an inoperative machine. It opens a Backdoor and waits for commands from the remote attacker.
Edit: You can find a more detailed description and reasons for reformat/reinstall beginning with Post #2 here:
http://www.tech-101.com/system-security/1482-security-threats-evolving-breakneck-pace.html
It resembles the Virut malware. Because of it's virulence, it is better to reformat/reinstall than attempt to clean the infection.
Sality is a family of file infecting viruses that spread by infecting exe and scr files. The virus also includes an autorun worm component that allows it to spread to any removable or discoverable drive. In addition, Sality includes a downloader trojan component that installs additional malware via the Web. Sality disables antivirus software and prevents access to certain antivirus and security websites. Sality generally drops a .cmd, .pif, and .exe to the root of discoverable drives, along with an autorun.inf file which contains instructions to load the dropped file(s) when the drive is accessed.
(Source: about.com)
It creates executable files that are corrupted beyond repair resulting in an inoperative machine. It opens a Backdoor and waits for commands from the remote attacker.
Edit: You can find a more detailed description and reasons for reformat/reinstall beginning with Post #2 here:
http://www.tech-101.com/system-security/1482-security-threats-evolving-breakneck-pace.html
It resembles the Virut malware. Because of it's virulence, it is better to reformat/reinstall than attempt to clean the infection.
- Status
Similar threads
Latest posts
-
US TikTok ban could begin next year as Biden signs law, but legal battle looms- GodisanAtheist replied
-
Upgraded 4K Chromecast with Google TV set to launch soon with improved hardware- hahahanoobs replied
