Trojan.Backdoor.HE
Posted: August 21, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 9/10 |
|---|---|
| Infected PCs: | 25 |
| First Seen: | August 21, 2012 |
|---|---|
| OS(es) Affected: | Windows |
Trojan.Backdoor.HE is a Trojan that's designed to compromise your PC's security after you've been tricked into launching Trojan.Backdoor.HE manually via misleading e-mail spam messages. E-mail messages that carry Trojan.Backdoor.HE as a file attachment use templates to make themselves appear as communications from the UK's Royal Mail service. Naturally, these e-mail messages aren't affiliated with the real Royal Mail, and SpywareRemove.com malware researchers remind UK-based PC users that there isn't any need to wonder whether or not an e-mail file attachment has been sent by a legitimate mailing company – it hasn't. Because Trojan.Backdoor.HE conceals itself as a part of Windows, using anti-malware software to detect and delete Trojan.Backdoor.HE should be the safest way of removing Trojan.Backdoor.HE without incurring any damage to your operating system.
Don't Answer When Trojan.Backdoor.HE Knocks on Your Mailbox
E-mails that distribute Trojan.Backdoor.HE Trojans are identifiable by their fake Royal Mail templates, which include the Royam Mail logo and even contain a forged 'From' field ('Royal Mail' ). This message requests that you refer to the attached ZIP file to view additional information on a vague RM shipment. Given that the Royal Mail is explicitly associated with the United Kingdom, UK-based residents are in greatest danger of Trojan.Backdoor.HE spam attacks, although similar PC threats (such as Kuluoz and Troj/Invo-Zip) have been known to use hoaxes involving other mail services, such as the UPS or Fedex. SpywareRemove.com malware researchers recommend that you delete 'Royal Mail' e-mails that include suspicious file attachments immediately, since there's no real reason for the actual Royal Mail to e-mail files of any sort to customers, particularly archives like ZIP files.
Opening the attached ZIP archive will infect your PC with the Trojan.Backdoor.HE, which is an executable (EXE) file, although it may be mislabeled to appear as though it were another file type (such as PDF or DOC). Given that e-mail file attachments like Trojan.Backdoor.HE's infection vectors are often used to distribute high-level PC threats, SpywareRemove.com malware experts particularly encourage you to scan any e-mail-transferred files prior to opening them.
Trojan.Backdoor.HE: Well-Hidden Once Opened
Trojan.Backdoor.HE installs itself as a fake Windows file, svchost.exe, although SpywareRemove.com malware researchers note that Trojan.Backdoor.HE uses an incorrect location (a subfolder of 'Documents and Settings' rather than the normal Windows system folder). Like most malware, Trojan.Backdoor.HE also includes Registry changes to help Trojan.Backdoor.HE launch itself automatically, and you should consider Trojan.Backdoor.HE to be open in the background unless you've taken steps to disable Trojan.Backdoor.HE with Safe Mode or other techniques.
As a backdoor Trojan, Trojan.Backdoor.HE is built to compromise your PC's security and hand over control of the system to criminals through a C&C server. Trojan.Backdoor.HE may be used to steal personal information, alter browser settings or install other PC threats. As such, SpywareRemove.com malware analysts, naturally, hope that you will delete Trojan.Backdoor.HE with anti-malware application immediately after you notice a Trojan.Backdoor.HE infection on your PC.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:royal_mail_shipping.exe
File name: royal_mail_shipping.exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.