Yet another Fake Companies House “FW: Company Complaint #3290749822 ” delivers Trickbot — 6 Comments

    • Try Emsisoft Emergency repair kit and/or Eset online scanner from links in sidebar
      If they don’t find anything then look in the anyrun report for the list of file locations

      Basically you need to delete the scheduled task(s) associated with it, Empty temp folders & delete the C:\Users\user name\AppData\Roaming\freenet\ folder

      Many companies have a fixed policy though of wiping any infected / compromised computer and reinstall from backups, especially ones that have been compromised by a banking or password stealing trojan. Seek urgent advice and support from your IT support

    • If you don’t open the office doc you will not be infected. Many of the emails do contain a hidden tracking link that tells the criminals if the email has been read, but that is a privacy implication not a security issue.

Leave a Reply

Your email address will not be published. Required fields are marked *