Remove 1EnVwSYoCQ5hA6fqCxh56Dzqh17BydBnCy Bitcoin Email Virus


How irritating is this problem? (6 votes, average: 5.00)
Loading...

This page aims to help you remove 1EnVwSYoCQ5hA6fqCxh56Dzqh17BydBnCy Bitcoin Email Virus. Our removal instructions work for every version of Windows.

Some of our users reported an email that they have received, stating the following:

Hello!

This is important information for you!

Some months ago I hacked your OS and got full access to your account
On day of hack your account  has password: ******

So, you can change the password, yes.. Or already changed… But my malware intercepts it every time.

How I made it:
In the software of the router, through which you went online, was a vulnerability. I used it…
If you interested you can read about it: CVE-2019-1663 – a vulnerability in the web-based management interface of the Cisco routers.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.

After that, I made a full backup of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I’m talk you about sites for adults.

I want to say – you are a BIG pervert. Your fantasy is shifted far away from the normal course!

And I got an idea….
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!

I’m know that you would not like to show these screenshots to your friends, relatives or colleagues.
I think $738 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!

Pay ONLY in Bitcoins!
My BTC wallet: 1EnVwSYoCQ5hA6fqCxh56Dzqh17BydBnCy

You do not know how to use bitcoins?
Enter a query in any search engine: “how to replenish btc wallet”.
It’s extremely easy

For this payment I give you two days (48 hours).
As soon as this letter is opened, the timer will work.

After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your “enjoys”.

I hope you understand your situation.
– Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
– Do not try to contact me (you yourself will see that this is impossible, the sender address is automatically generated)
– Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.

P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
This is the word of honor hacker

I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.

Do not hold evil! I just good do my job.
Good luck.

 Multiple antivirus programs have detected the trojan using 1EnVwSYoCQ5hA6fqCxh56Dzqh17BydBnCy Bitcoin Wallet. You can see the attachment from VirusTotal below:

Antivirus programs detecting the malware

First and foremost, we must tell you about the requested ransom and the “leverage” that the blackmailers try to use on you to force you into paying. Although the message in the e-mail may seem quite convincing, it must be noted that there is usually no reason to believe any of its statements, especially the one concerning a hidden Trojan in your computer. Such scam schemes that use phishing e-mails and spam letters BitCoin (the money is usually demanded in BitCoin) are a commonplace and there believing what the blackmailers tell you these messages is not a good idea. First of all, you need to ask yourself: “Is there really any actual evidence to suggest that there is a Trojan in the computer?”. In most cases, there would likely be no signs of an actual malware infection because, in most cases, there would actually be no malware within your computer. After all, there is a reason why we call the senders of such messages “scammers” and not “hackers”. Typically, the statements made in phishing/blackmailing messages like these are nothing but lies aimed at intimidating the less experienced users and forcing them to pay the demanded ransom. Supposedly, according to the scammers, after the user pays the requested money, the Trojan that’s in their computer would get removed. However, since there is usually no actual virus in the computer, there’s no reason to send anything to the online crooks that are trying to harass you. Usually, the best thing to do if you see such messages is to ignore them and the demands made inside of them.

But what if there is an actual virus in the computer

A problem with Trojans, especially newer ones like 1EnVwSYoCQ5hA6fqCxh56Dzqh17BydBnCy, 17v35QnAre7Vd2T74SD9xhEGJVwYfTPDhN, 1ES14c7qLb5CYhLMUekctxLgc1FV2Ti9DA is that they may have no symptoms. This means that even if you don’t see anything sketchy in your machine, there may still be a virus in it without you knowing about its presence. However, even if you fear that 1EnVwSYoCQ5hA6fqCxh56Dzqh17BydBnCy Bitcoin Email or some other infection may be hiding inside your system, paying the sum requested by the blackmailer is still a no-go. It is a much better option to instead clean your computer through other, more legitimate means. One possible option that we’d advise you to use in order to make sure your system is clean is the combination of the manual 1EnVwSYoCQ5hA6fqCxh56Dzqh17BydBnCy removal guide below and the suggested security tool that’s been included in it. If you follow all the steps and make use of the anti-malware tool, you should be able to thoroughly clean your system from anything that may not be supposed to be there.

SUMMARY:

Name 1EnVwSYoCQ5hA6fqCxh56Dzqh17BydBnCy
Type Trojan
Danger Level  High (Trojans are often used as a backdoor for Ransomware)
Symptoms  If you are targeted by the scam letters we mentioned above, you should scan your system for hidden Trojans.
Distribution Method Mostly, Trojans get distributed through pirated software and spam.
Detection Tool

Remove 1EnVwSYoCQ5hA6fqCxh56Dzqh17BydBnCy Bitcoin Email Virus

If you have a Windows virus, continue with the guide below.

If you have a Mac virus, please use our How to remove Ads on Mac guide.

If you have an Android virus, please use our Android Malware Removal guide.

If you have an iPhone virus, please use our iPhone Virus Removal guide


Step1

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

Step2

WARNING! READ CAREFULLY BEFORE PROCEEDING!

Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous. 

malware-start-taskbar

Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Drag and Drop Files Here to Scan
Maximum file size: 128MB.

This scanner is free and will always remain free for our website's users. You can find its full-page version at: https://howtoremove.guide/online-virus-scanner/




Scan Results


Virus Scanner Result
ClamAV
AVG AV
Maldet


After you open their folder, end the processes that are infected, then delete their folders. 

Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections. 

Step3

Hold together the Start Key and R. Type appwiz.cpl –> OK.

appwiz

You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:

virus-removal1

Step4

Type msconfig in the search field and hit enter. A window will pop-up:

msconfig_opt

Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.

  • Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.

Hold the Start Key and R –  copy + paste the following and click OK:

notepad %windir%/system32/Drivers/etc/hosts

A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

hosts_opt (1)

If there are suspicious IPs below “Localhost” – write to us in the comments.

Step5

Type Regedit in the windows search field and press Enter.

Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

  • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
    HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
    HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!


Leave a Comment