fbpx

1F34gHWdSXVnN5zy5mA7gEaKgeu8NGPHCw Bitcoin Email


1F34gHWdSXVnN5zy5mA7gEaKgeu8NGPHCw

Some of our readers reported an email written in Polish that they have received, with the following message:

Desafortunadamente, tengo mas noticias para ti. Hace varios meses, tuve acceso al dispositivo que esta utilizando para navegar por Internet. Desde entonces, he estado monitoreando su actividad en Internet. Como visitante habitual de sitios para adultos, puedo confirmar que usted es responsable de esto. Para simplificar las cosas, los sitios web que ha visitado me han proporcionado acceso a sus datos. Cargue un caballo de Troya basado en el controlador que actualiza su firma varias veces al dia, para que sea imposible que el antivirus lo detecte. Ademas, me da acceso a su camara y microfono. Ademas, hice una copia de seguridad de todos los datos, incluidas fotos, redes sociales, chats y contactos. Recientemente, tuve una idea increible de crear el video que disfrutas en una parte de la pantalla, mientras el video se reproducia simultaneamente en otra pantalla. !Fue divertido! Asegurese de que pueda enviar facilmente este video a todos sus contactos con solo unos pocos clics, y supongo que le gustaria evitar este escenario. Con eso en mente, aqui esta mi propuesta: transfiera la cantidad equivalente a 1300 USD a mi billetera Bitcoin y me olvidare de todo. Tambien eliminare permanentemente todos los datos y videos. En mi opinion, este es un precio algo modesto por mi trabajo. Puedes averiguar como comprar Bitcoins usando buscadores como Google o Bing, ya que no es muy dificil. Mi billetera Bitcoin (BTC): 1F34gHWdSXVnN5zy5mA7gEaKgeu8NGPHCw Tiene 48 horas para responder y tambien debe tener en cuenta lo siguiente Tampoco tiene sentido quejarse, ya que no se puede rastrear la carta junto con mi billetera Bitcoin. Todo fue orquestado con precision. Si detecto que mencionaste algo sobre esta carta a alguien, el video se compartira de inmediato y tus contactos seran los primeros en recibirlo. !Entonces el video se publicara en la web! !Buena suerte y tomatelo con calma! Fue solo mala suerte, la proxima vez, ten cuidado.

1EyAadxvFqjvG9swUeexQLFhTvdV6jBTbi

Multiple antivirus programs detecting the trojan using 1F34gHWdSXVnN5zy5mA7gEaKgeu8NGPHCw Bitcoin Wallet.

There are many different kinds of Trojan Horse viruses – some target your system data, some try to spy on you, some seek to steal sensitive info from your computer and online accounts and some might even be used to silently download other harmful programs the likes of Ransomware and Rootkits on the infected computer. Here, however, we will be focusing on a specific type of e-mail Trojans that are used in phishing e-mail campaigns, which have recently become quite widespread and currently there are a lot of users who have fallen victims to these threats. One example of such a phishing e-mail Trojan Horse virus is 1F34gHWdSXVnN5zy5mA7gEaKgeu8NGPHCw, which will be the main topic of this article. If you have recently noticed some obscure e-mails in your inbox that claim you need to pay a certain amount of BitCoins or something bad would happen, then you likely have 1F34gHWdSXVnN5zy5mA7gEaKgeu8NGPHCw, “Drive by exploit” or “Save Yourself” inside your computer. In order to increase the chances of the scam being successful and make their e-mails be more threatening, the criminals behind this scheme usually claim that your PC has been hacked and that if you do not pay, something bad will happen to the machine. In their e-mails, the scammers might claim that some sensitive information about the user has been acquired by them and that it would be made publicly available online in order to scare the user into paying. This is somewhat similar to the way Ransomware cryptoviruses try to intimidate users into sending money to the hackers by claiming that the user’s files would stay locked if the money isn’t paid. However, the difference here is that the scammers are only bluffing and they don’t actually have any actual leverage over you.

Some more words about 1F34gHWdSXVnN5zy5mA7gEaKgeu8NGPHCw

The problem with having this Trojan which might potentially be inside your computer isn’t solely related to the phishing e-mails you are likely to receive if the infection has reached you. A more experienced and discerning user would easily spot the scam and ignore and delete the phishing letter. However, since the Trojan is still in the PC and because this type of malware is actually highly versatile, the malicious program might still be used to carry out some other insidious and harmful task inside the targeted machine. We already mentioned some of the common uses of a typical Trojan Horse virus at the start of this article. Note that some Trojans could get remotely repurposed to do something different from their initial task after they have already attacked a certain computer. This means that even if you do not fall for the e-mail scam, your PC and your virtual security and privacy are still not going to be safe if the malware doesn’t get removed. The sooner you ensure that all malicious data has been removed from your computer, the less time the malware would have to do some other nasty thing to your computer. Therefore, we advise you to act quickly and use the guide from this page and/or the removal tool attached to it and get rid of 1F34gHWdSXVnN5zy5mA7gEaKgeu8NGPHCw  ASAP!

SUMMARY:

Name 1F34gHWdSXVnN5zy5mA7gEaKgeu8NGPHCw
Type Trojan
Danger Level High (Trojans are often used as a backdoor for Ransomware)
Symptoms This particular form of Trojans would normally spam your inbox with phishing e-mails that ask you to pay BitCoins for something.
Distribution Method Some of the distribution methods are malvertising, distributing the malware through compromised downloads, via different kinds of spam messaging and so on and so forth.
Detection Tool

Remove 1F34gHWdSXVnN5zy5mA7gEaKgeu8NGPHCw Bitcoin Email Virus

If you have a Windows virus, continue with the guide below.

If you have a Mac virus, please use our How to remove Ads on Mac guide.

If you have an Android virus, please use our Android Malware Removal guide.

If you have an iPhone virus, please use our iPhone Virus Removal guide


Step1

Some of the steps will likely require you to exit the page. Bookmark it for later reference.

Reboot in Safe Mode (use this guide if you don’t know how to do it).

Step2

WARNING! READ CAREFULLY BEFORE PROCEEDING!

Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous. 

malware-start-taskbar

Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:

Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
This scanner is free and will always remain free for our website's users.
This file is not matched with any known malware in the database. You can either do a full real-time scan of the file or skip it to upload a new file. Doing a full scan with 64 antivirus programs can take up to 3-4 minutes per file.
Drag and Drop File Here To Scan
Drag and Drop File Here To Scan
Loading
Analyzing 0 s
Each file will be scanned with up to 64 antivirus programs to ensure maximum accuracy
    This scanner is based on VirusTotal's API. By submitting data to it, you agree to their Terms of Service and Privacy Policy, and to the sharing of your sample submission with the security community. Please do not submit files with personal information if you do not want them to be shared.


    After you open their folder, end the processes that are infected, then delete their folders. 

    Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections. 

    Step3

    Hold together the Start Key and R. Type appwiz.cpl –> OK.

    appwiz

    You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:

    virus-removal1

    Step4

    Type msconfig in the search field and hit enter. A window will pop-up:

    msconfig_opt

    Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.

    • Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.

    Hold the Start Key and R –  copy + paste the following and click OK:

    notepad %windir%/system32/Drivers/etc/hosts

    A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:

    hosts_opt (1)

    If there are suspicious IPs below “Localhost” – write to us in the comments.

    Step5

    Type Regedit in the windows search field and press Enter.

    Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:

    • HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
      HKEY_CURRENT_USER—-Software—Microsoft—-Windows—CurrentVersion—Run– Random
      HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random

    If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!

    blank

    About the author

    blank

    Brandon Skies

    Brandon is a researcher and content creator in the fields of cyber-security and virtual privacy. Years of experience enable him to provide readers with important information and adequate solutions for the latest software and malware problems.

    Leave a Comment