I am sorry to inform you Email


I am sorry to inform you

If you have detected a nefarious piece of malware named “I am sorry to inform you” in your computer system, and you need help removing it, then you have come to the right site and page – the article you are currently reading will give you some important information about this insidious piece of malware, and the removal guide below it will offer you a detailed explanation of how you can eliminate this Trojan. Yes, “I am sorry to inform you” is a Trojan Horse virus, and that is why you need to be very careful if it’s in your system.

I am sorry to inform you

The “I am sorry to inform you” Email virus

Trojans such as this one are highly dangerous pieces of malware and may be capable of harming the computer and the user’s virtual privacy in different ways. Below, we will briefly list some of the possible ways in which a malware hazard such as this one could be utilized by its criminal creators.

Some users complained to us that they have received an Email with the following text:

 

I am sorry to inform you that your device was compromised. I’ll explain what led to all of this. I have used a Zero Day vulnerability with a special code to infect your device through a website. This is a complicated software that requires precise skills that I have. It works as a chain with specially crafted and unique code and that’s why this type of an attack can go undetected. You only need one not patched vulnerability to be infected, and unfortunately for you – it works that simple. You were not targeted specifically, but just became one of the quite a few unlucky people who got hacked that day. All of this happened a few month ago. So I’ve had time to collect information on you. I think you already know what is going to happen next. During that time, my software was quietly collecting information about your habits, websites that you visit, searches you do, texts you send. There is more to it, but I have listed a few reasons for you to understand how serious this is. For you to clearly understand, my software controlled your camera and microphone as well and it was impossible for you to know about it. It was just about right timing for me to get you privacy violated. I’ve been waiting enough and have decided that it’s time to put an end to this. So here is my offer. Let’s name this a “consulting fee” I need to delete the media content I have been collecting. Your privacy stays untouched, if I get the payment. Otherwise, I will leak the most damaging content to your contacts and post it to a public tube for perverts to explore. I only care about getting paid. My modest consulting fee is 1650 US Dollars transferred in Bitcoin. Exchange rate at the time of the transfer. You need to send that amount to this wallet: 1NGCsGqSdNEKpptQ4DKbJEva59cTSk369o The fee is non negotiable, to be transferred within 2 business days. We use Bitcoin to protect my identity.

 

Potential uses of a Trojan Horse infection

Large-scale botnet activities – right off the bat, we must tell you about one of the most infamous ways in which Trojans tend to get used. A botnet is basically a network of interconnected machines, which are all controlled from a single place. In this case, that place would be the hacker’s server. Every computer infected by the Trojan becomes part of this botnet, and the botnet itself is used to carry out tasks that can’t be achieved from a single machine. Such tasks could be the mass distribution of spam messages to more and more users over the Internet, or the mining of cryptocurrency money. Sometimes, botnets can also be used for denial of service attacks – this is basically when a big number of computers start visiting a certain site with the aim to crash its servers through sheer number of visits. If enough computers are in the botnet, the servers of the targeted site cannot handle that many sudden visits, and would eventually crash.

Personal espionage activities – Trojans like “I am sorry to inform you”, The Great Discover, Bokang Speedup can also be exceptionally potent espionage tools. They can monitor the user’s keystrokes through keylogging processes, and they can capture images from what’s happening on the user’s screen. This oftentimes allows the hackers behind the Trojan to obtain highly sensitive data such as the user’s banking details, or their passwords and usernames for various sites. Needless to say, such information, when placed into the wrong hands, could lead to some very unpleasant and harmful consequences.

Backdoor actions – the third example of how a Trojan could be used is when these threats are utilized for sneaking additional malicious programs inside a system that has already been contaminated. Ransomware cryptoviruses are one of the most common examples of threats that get backdoored into their victim’s machines through the help of Trojans. Of course, there pretty much any other kind of malware could be backdoored with the help of a Trojan as well.

Considering that these are only three of the many possible ways a Trojan could be used, and also that infections like “I am sorry to inform you” could be devastating for the user, and their system, it is advisable that you now take a look at the guide, and follow the instructions that are there to remove the nasty “I am sorry to inform you” from your computer.

SUMMARY:

Name “I am sorry to inform you”
Type Trojan
Detection Tool

anti-malware offerOFFER *Free Remover allows you, subject to a 48-hour waiting period, one remediation and removal for results found. SpyHunter's EULA,  Privacy Policy, and more details about Free Remover.

 

Remove I am sorry to inform you Email

To remove the “I am sorry to inform you” virus, the victim must first search for and delete potentially malicious programs from their PC, then quit any harmful processes, and restore the changed system settings.
  1. To start off, go to the Control Panel’s Uninstall a Program list and delete any rogue programs that may be there.
  2. Next, you should check the running processes in the Task Manager and quit the ones that seem related to the virus.
  3. The third thing to do is take a look at the Hosts file, the DNS settings, and the Startup items and reverse any changes made to them by the malware.
  4. Lastly, to remove the “I am sorry to inform you” virus, check the Registry for malicious items related to it and delete them.
If you require further help with those steps, you will find a more detailed explanation about each (as well as some extra tips) in the following lines.

Extended Guide Some of the actions you will have to perform next will require a system restart, so bookmarking the current page or opening it on another device may be helpful.

 Step 1 First, you must check your system for programs that may have brought the malware into the computer. To do that, go to Control Panel > Uninstall a Program and look for items shown on that list that seem unfamiliar and potentially harmful. It may be a good idea to first check the programs installed close to the date you started noticing “I am sorry to inform you” symptoms on your computer. If you come across any programs you think may be linked to “I am sorry to inform you”, click on them in the Uninstall a Program list and then click the Uninstall option from the top of the window. Then proceed to follow the steps from the uninstaller. Make sure that you do not allow anything related to the suspicions program to stay saved on your computer, including any custom user settings for that program.

Uninstall1

Step 2

WARNING! READ CAREFULLY BEFORE PROCEEDING!

Now you must go to the Task Manager’s Processes tab (search for it in the Start Menu or simply press Ctrl +Shift + Esc).

When you get there, look at what processes are running in the system, focusing on the most resource-intensive ones (the ones that are using up the largest portions of your system’s virtual memory and CPU). If you notice any suspiciously-named entries that you do not recognize and think may be coming from the Trojan, perform an online search for their names.

If there’s any information on the Internet that says the process (or processes) in question may be harmful, open the File Location of the process (right-click on the process name and select Open File Location) and then scan each file in the newly-opened folder with our powerful online malware scanner that you can find right below.

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Loading
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.

    Task Manager1

    After the scan of each file completes and if malware gets detected, immediately quit the related process by right-clicking on it and selecting the End Process option. Then make sure to delete all the files in the location folder followed by the folder itself.

    In case the Trojan prevents you from deleting any of its files, leave deleting them for when you’ve completed all the steps from this guide, at which point you should return to the file location folder and remove it from your computer alongside all files that are still in it.

    Task Manager2

    Note: If the information you found online that says the process is likely harmful comes from a reputable and trusted source, there may be no need to scan the file location files and it may be better to directly quit the process and delete its folder.

    Step 3 For the remainder of this guide, it is best if your computer is in Safe Mode as that would block any remaining “I am sorry to inform you” process from disrupting your work. If you think you may need help with accessing Safe Mode on your computer, this guide can help you.

    Step 4 Copy this line: %windir%/system32/Drivers/etc/hosts, select the Start Menu, and place it there. Hit Enter to open the file and if Windows asks you about what software to use to open the file, click on the Notepad icon After that, when the file opens, see what are the final lines of text – normally, the last thing should be “Localhost“. If this isn’t the last line and there’s more text after it, this means a third-party software (probably the “I am sorry to inform you” Trojan) has made changes in the file. However, it could also be another program, so we must first look at what’s written there before we can tell you whether you need to do anything about it. Therefore, we advise you to copy everything below “Localhost“, send them to us in the comments below this article, and wait for our reply in which we will tell you if you need to take further action. Hosts2 Next, open the Start Menu again, type System Configuration in the search field, and press the Enter key. In the System Configuration window that appears, click Startup and then search the list of Startup Items for anything unusual, unfamiliar, or suspicious. If you find such entries, uncheck them and click on OK to save the made changes. Startup1 For a third time select the Start Menu, type in it Network Connections, and select the item shown at the top of the search results. In the following window, right-click on the network that’s currently in use and select the Properties option from the context menu. In Properties, click the Internet Protocol Version 4 entry, open the next Properties window, and select Obtain an IP address automatically. Once this is selected, open Advanced, go to the DNS section, and there delete any IPs that may be shown in the list. Finally, once everything is done, complete the step by clicking on OK on each open window. Dns1

    Step 5 Press the Winkey and the key, type regedit in the Run window that pops-up, and then click Yes when an Admin permission gets required to continue. When the Registry Editor window shows up, click the Edit menu, and go to the Find option. Search for the Trojan Horse’s name in the Registry and delete any items that you may find. However, be warned that deleting the wrong thing here may have severe consequences for the computer so be careful and if you are not sure, ask for our assistance in the comments instead of deleting items you aren’t certain about.

    Regedit2 1

    Once everything related to “I am sorry to inform you” is removed, find the Registry directories shown below and search in them for items that have questionable names that seem out of place. Usually, those would be items with names that are longer than the rest and that seem random (for example, a name such as this: “as46Jsdaga2gd834hfa8ahdsla314bj13n” would count as suspicious). Again, if you are not sure about what to do, simply tell us about your doubts by writing us a comment.

    • HKEY_CURRENT_USER/Software/Random Directory. 
    • HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Run
    • HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/Main

    Step 6 If the Trojan has made any other changes in your system, and you are still unable to get rid of it, it’s best to try to remove the threat using a professional program that will clean the system for you. Our recommendation, in case “I am sorry to inform you” is still active in your system even after you’ve done everything from this guide, is to use the advanced and powerful anti-malware tool found on this page to clean the computer. The tool is tested against threats of this caliber and will quickly find and delete all data and settings that are from the Trojan. In addition, it will add a strong protection layer to your system’s security and fend off any future threats that may target you.

    blank

    About the author

    blank

    Brandon Skies

    Brandon is a researcher and content creator in the fields of cyber-security and virtual privacy. Years of experience enable him to provide readers with important information and adequate solutions for the latest software and malware problems.

    Leave a Comment