Folks have reported us that they’ve been receiving emails from courier services claiming to have a parcel couriered at their homes and asking for further information.
An email claiming to have been sent from Federal Express says that a parcel has been sent to the recipient’s home address which he will receive within 5 business days. They also attaches a zip file In the email for the recipient to obtain further information about the parcel so sent to him and its tracking id or number.
Although, with all the ‘too genuine too be doubted’ appearance of the email and its content, you know one thing that is:
a) FedEx will never send this type of sensitive information about your parcel through an email attachment.
b) Even if it does, it will never make this level of stupid spelling errors in an official email to its valued customer.
Do not give in to your curiosity and go on downloading the attachment in that fraudulent email because that attachment is not just a deceiving zip file, it’s actually a Trojan that gets installed in the system without asking the user’s permission or coming into his knowledge. This kind of Trojan is capable of launching pop ups alerting the user that his system has been infected with viruses. If you fall for these messages and click on one of those pop ups flashing on your screen, this Trojan will install a fake antivirus program in your computer that will launch itself automatically and start scanning the system for viruses and worms.
Alerting and scaring the user about false and exaggerated threats, the antivirus program will fool the user into purchasing its full version- the most common way to trick people into handing over their personal information.
So, if you come across any such email, you are advised not to fall for it. But, if in any case you get infected by this attachment, we have some instructions for you to remove this Trojan.
1. Reboot your system and press F8 to enter into Safe Mode with Networking.
2. Download MalwareBytes to your desktop and rename it to Explorer.exe as Windows Security 2011 blocks the program named MalwareBytes. If you can’t download files, try using another machine that’s not infected and saving the files to a flash drive or other storage device.
3. Download and Run RKILL to stop all background processes related to Windows Security 2011.
4. Launch MalwareBytes and run a (Full Scan) to remove infections.
5. Delete the file called “Hosts” in C:\Windows\System32\Drivers\etc\HOSTS and add the default Hosts file (below) for your operating system in C:\Windows\System32\Drivers\etc\
This is how to can say stay safe from this Trojan even if you get infected by it. Be careful about what you click over internet as not everything is truly what it appears to you. Keep reading our articles and