Spam email – possible virus?

  AndrewAfresh 20:40 PM 17 Sep 11

A friend, using my guest account, clicked on a link in an email which downloaded a zip file. The email purported to come from a job agency but I’ve looked at it and I think it’s dodgy. Inside the zip was a file called something like ‘APPLICATIONFORM.EXE’ which he clicked on. He asked me to look into why it didn’t open as a Word document. I scanned the file with AVG and Malwarebytes – both said it’s clean. Is there a way to see what this file contains/does or what if anything has happened to my PC? Thank you for any help.

  Woolwell 21:18 PM 17 Sep 11

The general rule is not to open anything which has the file extension exe when you do not know where it has come from or you are uncertain what it is about. These are programs and when run can introduce nasties into your system. Although given a clean bill of health so far I strongly suggest that you delete it and do not try to find out what it contains. Application forms should have doc or pdf file extensions or something similar.

  AndrewAfresh 21:44 PM 17 Sep 11

Is there a way i can prevent guest accounts from running EXEs?

  Woolwell 22:19 PM 17 Sep 11

Is it a guest account or an account with the guest's name? Which OS? Standard guest accounts should not be able to install programs.

  lotvic 23:32 PM 17 Sep 11

These will give you more info (2nd link gives examples of the emails and more technical info of what to expect might happen)

"The messages attempt to convince users to download a .zip attachment that supposedly contains an application form. In reality, the .zip archive contains an .exe file that, when executed, attempts to infect the system with malicious code. "

  AndrewAfresh 00:39 AM 18 Sep 11

I'm using XP. The account is called guest1. Can I reverse whatever the virus has done to my pc? Thank you

  Diemmess 09:56 AM 18 Sep 11

You might try running your two anti Malware programs in Safe Mode. Using safe mode by-passes most of the Windows drivers and will find most nasties in those circumsatances.

Spybot (free version) is another which could be installed and run in Safe Mode as well as the ones you have.

After the event ...... this is a good example of the value of a disk imaging system like Acronis. One whiff of something nasty, and you can overwrite the infected system with "something you made earlier"


This thread is now locked and can not be replied to.

Best Black Friday deals 2015 live blog: Best UK Black Friday weekend deals & best UK Cyber Monday…

1995-2015: How technology has changed the world in 20 years

The best Black Friday Deals for designers and artists – updated

20 Mac Power User Tricks... That You Didn't Know