My friend just ran a .exe and I think it could be a keylogger?

[morguk]

How can people be so stupid?

People make mistakes, and considering it's from a 'company' that was applied for on a job site you can see how people fall for it.

Variant.Zusy.65307 is a trojan apparently according to Sophos' website, so it looks like it might not be worst case scenario of Cryptolocker

He's running malwarebytes now.

Looks like there' lots of other 'application forms' that have the same .exe: http://v.virscan.org/Gen:Variant.Zusy.65307.html

 

[PhaperPlane]

The email looked like a scam to me. What sort of HR Department uses a Yahoo email address?

Disconnect the machine from the network and run lots of virus scans.

 

[floatindolphin]

oh god, I've read this thread. My computer probably has the virus now. I'll throw it in the canal outside, that'll fix it.

 

[Raumarik]

^^ Run it over with your car first, just to be sure.

 

[valkia]

Thanks for your passwords.

 

[LOAM]

It most definitely needs to be isolated if theres even a hint its cryptolocker, it needs access to the C&C servers to encrypt the files, the sooner its off the net the better.

 

[Cosimo]

Thanks for your passwords.

There's not much money in that bank account.

 

[Vita]

There's not much money in that bank account.

Think he's spent it all on that cam site.

 

[morguk]

It most definitely needs to be isolated if theres even a hint its cryptolocker, it needs access to the C&C servers to encrypt the files, the sooner its off the net the better.

We don't think it's cryptolocker as the online virus scan said it was Gen:Variant.Zusy.65307. He's doing a malwarebytes scan now, so hopefully it will show up.

 

[KIA]

Backup & format.

 

[EGuitarStar]

If his company has an IT dept tell him to let them know. If not, run necessary checks as others have mentioned here and tell him to throw some paracetamol tablets through the CD/DVD drive for good measure.

 

[morguk]

If his company has an IT dept tell him to let them know. If not, run necessary checks as others have mentioned here and tell him to throw some paracetamol tablets through the CD/DVD drive for good measure.

I am the IT dept!

 

[rhysduck]

Email sounds legit

What?

Email sounds a load of rubbish.
They even say the are attaching the application form and then give a download link to it...

 

[planty]

You desire a lot of the qualities and experience that we are looking for

...gullibility, stupidity...

 

[MooMoo444]

Reinstall Windows

This. Contain any affected PC's and wipe them. It doesn't take long to reinstall windows these days compared to the several hours of the 90's/early 00's. You can be up an running in about 10 mins.

 

[Gackt]

Wow. Talk about being stupid. Haha, reinstall is probably the only option unless he likes keyloggers. You should probably also explain to him the basics of using the internet and email, for his own protection.

If he's been applying for IT jobs, I'd suggest he look at another career path or perhaps some training in the field.

 

[Gazanimal]

After knowingly running an .exe I'd be disconnecting from the Network, running every known Anti-virus, Anti-malware, Spybot software I could get my hands on and booting into Safe Mode.

Then doing it again to be sure

If paranoia still remains zero the drive and re-install Windows

 

[areksnumbr1sxylady]

I`d throw out Hard Drive and put new one in... Only way to be sure.

 

[Deus Ex]

Take to IT dept. immediately own up and dont let them connect it to network (this way they wont hate you)

if no IT dept., reinstall windows yourself?

IT dept. threatens to drop you in the ****? Pay/suck anything they ask.

 

[Deleted member 77746]

Get that system formatted right now.