Have you recently noticed that I have e-mailed you from your account? Email

Have you recently noticed

If you have recently realized that a malicious email named “Have you recently noticed” has recently entered your system, be sure to read the next lines, and then visit the guide that follows them to learn about the specifics of this threat, and then find out how to remove it from your computer. “Have you recently noticed” is a Trojan Horse infection, which means it is probably really stealthy and difficult to spot.

Have you recently noticed

The “Have you recently noticed” Email spam

This explains why you have probably been unable to notice when or how the attack by it has taken place.

Many of our users reached to us about an email spam that they received with the following message:

Hello! Have you recently noticed that I have e-mailed you from your account? Yes, this simply means that I have total access to your device. For the last couple of months, I have been watching you. Still wondering how is that possible? Well, you have been infected with malware originating from an adult website that you visited. With help of the Trojan Virus, I have complete access to a PC or any other device. This simply means I can see you at any time I wish to on your screen by simply turning on your camera and microphone, without you even noticing it. In addition, I have also got access to your contacts list and all your correspondence. I have a video of you wanking on the left screen, and on the right screen – the video you were watching while masturbating. Wondering how bad could this get? With just a single click of my mouse, this video can be sent to all your social networks, and e-mail contacts. I can also share access to all your e-mail correspondence and messengers that you use. All you have to do to prevent this from happening is – transfer bitcoins worth $1450 (USD) to my Bitcoin address (if you have no idea how to do this, you can open your browser and simply search: “Buy Bitcoin”). My bitcoin address (BTC Wallet) is: 1D8qdtNLNbvugZyMYUyhzcGiCdFinxHgtH After receiving a confirmation of your payment, I will delete the video right away, and that’s it, you will never hear from me again. You have 2 days (48 hours) to complete this transaction. Once you open this e-mail, I will receive a notification, and my timer will start ticking. Any attempt to file a complaint will not result in anything, since this e-mail cannot be traced back, same as my bitcoin id. I have been working on this for a very long time by now; I do not give any chance for a mistake. If, by any chance I find out that you have shared this message with anybody else, I will broadcast your video as mentioned above.

There are all kinds of ways in which a Trojan Horse infection may occur. For instance, downloading, and opening the attachment of some questionable spam letter, or clicking on a download link that has been disguised as a tempting online offer are two of the ways you can land a Trojan on your computer. Another extremely common distribution technique for such threats is the use of sites that spread pirated content. Oftentimes, hackers upload their malicious program to such sites, and disguise them as some desirable programs or games. Although it’s illegal, many users go to pirate sites, and download stuff from them. If a user happens to download a Trojan disguised as the installer of a program that the user wants, and the latter opens the the fake installer and gives it their permission to make changes in the system, the Trojan would get released, and would now be free to carry out its insidious and harmful tasks. As we said earlier, the user may not even realize that a malware piece has infected their computer. Depending on each separate case, there may or may not be visible indications of the Trojan Horse attack.

The Have you recently noticed that I have e-mailed you from your account? Email

Nevertheless, if you think that you have a reason to believe “Have you recently noticed” is in your system at the moment, it’s best to meticulously check your system for any malicious files and processes, and remove everything you may find. However, there is a problem with that – oftentimes, Trojan infections like “Have you recently noticed”, Walliant, Wup.exe hide their files in system folders, and name them, as well as their processes and Registry keys, as regular system-related ones. This makes it difficult both to find the malware elements, and to delete them. It also increases the risk of deleting something that you are not supposed to. For instance, you may accidentally delete some important system file, or Registry key, and thus make the situation way worse than it already is. For this reason, it’s best to closely follow our guide, and in case you have any doubts, ask for our help in the comments, and/or make use of the removal tool you will see linked below.

The damage “Have you recently noticed” may cause

Spying on you, taking full control of your system, inserting other threats like Ransomware, stealing sensitive data from your computer and online accounts, and many more are the potential uses of a Trojan Horse infection. The exact goal of “Have you recently noticed” is not yet known, but regardless of what it is, you should still most definitely remove the infection ASAP, instead of waiting to find out what the consequences of its attack may be.

SUMMARY:

Name “Have you recently noticed”
Type Trojan
Detection Tool

Remove Have you recently noticed Email

The steps for the successful removal of “Have you recently noticed” require you to:

  1. Detect and remove any bogus applications that have been installed on your computer without your knowledge or approval.
  2. Stop any malicious processes that are currently running in the Task Manager.
  3. Check your Hosts file and the Startup items list for unauthorized changes.
  4. Delete any malicious entries that have been added by the Trojan to the Registry.

A detailed guide with the exact instructions for each of the steps is available to your disposal below. Make sure that before you start it, you bookmark this page by clicking on the bookmark icon (top right in the URL bar) in order to quickly refer back to it after a system restart.


Step1

First, click on the Start menu button (bottom left) and type appwiz.cpl in the search bar.

Open the first result, and you will find yourself in a Control Panel window called Programs and Features.

Filter the programs by date they are installed (or changed) on and search for any suspicious entries. If you find a suspicious-looking program that you can’t remember installing it helps to collect more information about it from reliable security sites and forums. In case that the program turns out to be dangerous, select it and click the Uninstall button at the top. When the uninstallation process begins, you may see a screen like this:

virus-removal1

Here, it is important to choose NO and wait for the uninstallation process to complete.

Step2

WARNING! READ CAREFULLY BEFORE PROCEEDING!

Once you have removed any dangerous applications you have found in Programs and Features, it is time to search for dangerous processes that are running in the background and stop them.

Before you do that however, we recommend that you reboot your PC in Safe Mode (use the guide from the link for instructions).

Once you enter Safe Mode, open the Task Manager with the CTRL + SHIFT + ESC key combination.

Tap on Processes and try to figure out if there are any processes in the list that look questionable or behave in an unusual way, are named strangely or consume a lot of CPU and Memory without any particular reason.

Right-click on anything that grabs your attention and select the Open File Location option to see its related files:

malware-start-taskbar

With the help of the free scanner below, check the files for malware by dropping them there:

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Loading
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.

    If a Trojan or another dangerous code is detected in the files, this is a sure sign that the related process is malicious and should be stopped.

    You can stop a process by right-clicking on it and selecting the End Process option from the pop-up menu. It is also important to delete the files that are malicious and their folders from their location. 

    Step3

    “Have you recently noticed” may have secretly added malicious entries in the Startup items list in order to facilitate its criminal activities. That’s why the next thing that you need to do is to open System Configuration by typing msconfig in the windows search field and pressing Enter from the keyboard. 

    Next, go to the Startup tab and search for Startup Items with unfamiliar or unknown Manufacturer that could potentially be linked to “Have you recently noticed”. If a given entry looks suspicious, you can disable it by removing its checkmark from the checkbox.

    msconfig_opt

    When you are done, click on the OK button to save your changes.

    “Have you recently noticed” may also make alternations in your Hosts file without any symptoms.

    The access the Hosts file on your computer and check if for unauthorized changes, press and hold the Winkey and R together and paste this in the Run box that pops up:

    notepad %windir%/system32/Drivers/etc/hosts

    After that, click on the OK button and your Hosts file will open in Notepad.

    Find Localhost in the text and if any changes have been made there, you should see some strange-looking IP addresses at the bottom, just as described on the image:

    hosts_opt (1)

    In case you find any disturbing IPs below “Localhost” – drop us a comment below this post with a copy of them. We will let you know if they represent any danger to your PC once we look at them.

    Step4

    Changes in the Registry can be made by the Trojan without any symptoms that could indicate them. However, these changes and the malicious entries that might have been added with them need to be removed if you want to deal with “Have you recently noticed” effectively.

    That’s why in the last step, you need to type Regedit in the windows search bar and open the Registry Editor.

    Next, open a Find window by pressing CTRL and F together and carefully type the exact name of the Trojan in it. Then, search the Registry for entries with that name and if anything appears in the search results, right click and delete it.

    If nothing gets detected during the search, use the left panel to manually navigate to the three directories below:

    • HKEY_CURRENT_USER->>>Software->>>Random directory with a questionable name
    • HKEY_CURRENT_USER->>>Software->>>Microsoft->>>Windows->>>CurrentVersion->>>Run->>>Random directory with a questionable name
    • HKEY_CURRENT_USER->>>Software->>>Microsoft->>>Internet Explorer->>>Main->>>Random directory with a questionable name

    Search for suspiciously named sub-folders in each of them and if you find anything unusual, delete it.

    Caution! Meddling with Registry files and folders hides risk for involuntary system corruption if wrong deletions and changes are made. Users who are not 100% sure about the files and folders they plan to delete are advised to use a professional removal tool to safely remove the traces of “Have you recently noticed” from the Registry.


    About the author

    blank

    Brandon Skies

    Brandon is a researcher and content creator in the fields of cyber-security and virtual privacy. Years of experience enable him to provide readers with important information and adequate solutions for the latest software and malware problems.

    Leave a Comment