Some of our readers reported an email written in Polish that they have received, with the following message:
Olá! Infelizmente, tenho algumas más notícias para si. Há vários meses, tive acesso ao dispositivo que está a utilizar para navegar na Internet. Desde essa altura, tenho vindo a monitorizar a sua actividade na Internet. Sendo um visitante regular de websites para adultos, posso confirmar que é você que contribuiu para se ver nesta situação. Para simplificar o que quero dizer, os sites que visitou deram-me acesso aos seus dados. Instalei um cavalo de Tróia no seu sistema, e a sua assinatura é atualizada todos os dias, pelo que é impossível o seu antivírus o detetar. Além disso, dá-me acesso à sua câmara e microfone. E mais, fiz o backup de todos os dados, incluindo fotografias, redes sociais, chats e contactos. Ainda recentemente, tive a ideia fantástica de criar um vídeo onde você se ejacula numa parte do ecrã, enquanto o vídeo pornográfico estava a ser reproduzido simultaneamente noutro ecrã. Isso foi divertido! Pode estar certo de que posso facilmente enviar este vídeo a todos os seus contactos com alguns cliques, e presumo que gostaria de evitar este cenário. Com isto em mente, aqui está a minha proposta: Transfiram o montante equivalente a 700 USD para a minha carteira Bitcoin, e eu esquecerei tudo isto. Apagarei também todos os dados e vídeos permanentemente. Na minha opinião, este é um preço um pouco modesto pelo meu trabalho. Pode descobrir como comprar Bitcoins utilizando motores de pesquisa como o Google ou o Bing, visto que não é muito difícil. A minha carteira de Bitcoin (BTC): 1GSp8Kmjo54VvH1fRzgF2jcxL9cwPtzvH1 Tem 48 horas para responder e também deve ter em conta o seguinte: Não faz sentido responder-me – o endereço foi gerado automaticamente. Também não faz sentido queixar-se, uma vez que este email, assim como a minha carteira de Bitcoin, não pode ser rastreada. Tudo foi orquestrado com precisão.
There are many different kinds of Trojan Horse viruses – some target your system data, some try to spy on you, some seek to steal sensitive info from your computer and online accounts and some might even be used to silently download other harmful programs the likes of Ransomware and Rootkits on the infected computer. Here, however, we will be focusing on a specific type of e-mail Trojans that are used in phishing e-mail campaigns, which have recently become quite widespread and currently there are a lot of users who have fallen victims to these threats. One example of such a phishing e-mail Trojan Horse virus is 1GSp8Kmjo54VvH1fRzgF2jcxL9cwPtzvH1, which will be the main topic of this article. If you have recently noticed some obscure e-mails in your inbox that claim you need to pay a certain amount of BitCoins or something bad would happen, then you likely have 1GSp8Kmjo54VvH1fRzgF2jcxL9cwPtzvH1, “Drive by exploit” or “Save Yourself” inside your computer. In order to increase the chances of the scam being successful and make their e-mails be more threatening, the criminals behind this scheme usually claim that your PC has been hacked and that if you do not pay, something bad will happen to the machine. In their e-mails, the scammers might claim that some sensitive information about the user has been acquired by them and that it would be made publicly available online in order to scare the user into paying. This is somewhat similar to the way Ransomware cryptoviruses try to intimidate users into sending money to the hackers by claiming that the user’s files would stay locked if the money isn’t paid. However, the difference here is that the scammers are only bluffing and they don’t actually have any actual leverage over you.
Some more words about 1GSp8Kmjo54VvH1fRzgF2jcxL9cwPtzvH1
The problem with having this Trojan which might potentially be inside your computer isn’t solely related to the phishing e-mails you are likely to receive if the infection has reached you. A more experienced and discerning user would easily spot the scam and ignore and delete the phishing letter. However, since the Trojan is still in the PC and because this type of malware is actually highly versatile, the malicious program might still be used to carry out some other insidious and harmful task inside the targeted machine. We already mentioned some of the common uses of a typical Trojan Horse virus at the start of this article. Note that some Trojans could get remotely repurposed to do something different from their initial task after they have already attacked a certain computer. This means that even if you do not fall for the e-mail scam, your PC and your virtual security and privacy are still not going to be safe if the malware doesn’t get removed. The sooner you ensure that all malicious data has been removed from your computer, the less time the malware would have to do some other nasty thing to your computer. Therefore, we advise you to act quickly and use the guide from this page and/or the removal tool attached to it and get rid of 1GSp8Kmjo54VvH1fRzgF2jcxL9cwPtzvH1 ASAP!
|Danger Level||High (Trojans are often used as a backdoor for Ransomware)|
|Symptoms||This particular form of Trojans would normally spam your inbox with phishing e-mails that ask you to pay BitCoins for something.|
|Distribution Method||Some of the distribution methods are malvertising, distributing the malware through compromised downloads, via different kinds of spam messaging and so on and so forth.|
Some threats reinstall themselves if you don't delete their core files. We recommend downloading SpyHunter to remove harmful programs for you. This may save you hours and ensure you don't harm your system by deleting the wrong files.
Remove 1GSp8Kmjo54VvH1fRzgF2jcxL9cwPtzvH1 Bitcoin Email Virus
If you have a Windows virus, continue with the guide below.
If you have a Mac virus, please use our How to remove Ads on Mac guide.
If you have an Android virus, please use our Android Malware Removal guide.
If you have an iPhone virus, please use our iPhone Virus Removal guide
Some of the steps will likely require you to exit the page. Bookmark it for later reference.
Reboot in Safe Mode (use this guide if you don’t know how to do it).
WARNING! READ CAREFULLY BEFORE PROCEEDING!
Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous.
Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:
After you open their folder, end the processes that are infected, then delete their folders.
Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections.
Hold together the Start Key and R. Type appwiz.cpl –> OK.
You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:
Type msconfig in the search field and hit enter. A window will pop-up:
Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.
- Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.
Hold the Start Key and R – copy + paste the following and click OK:
A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:
If there are suspicious IPs below “Localhost” – write to us in the comments.
Type Regedit in the windows search field and press Enter.
Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:
- HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random
If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!