About 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8 Bitcoin Email Virus
Some of our users reported an email scam that they have received, with the following message:
You got infected with my malware, RAT (Remote Administration Tool), while browsing the web where my iframe was placed, <snip> The malware gave me full control over your computer and access to all your accounts (see password above), <snip> I collected all your private data and RECORDED YOU (through your webcam) SATISFYING YOURSELF! After that I removed my malware, to not leave any traces. I can send the video to all your contacts, over email, post on social network and everywhere else and publish all your private data everywhere, including the darknet, where the sick people are! Only you can prevent me from doing this! To stop me, transfer exactly 1800$ in bitcoin (BTC). My bitcoin wallet is: 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8
A Trojan (or a Trojan Horse) is a very malicious computer program, created by cyber criminals, the purpose of which is to secretly infect a given computer system and to launch certain harmful activities on it which will result in system damage, theft of information, security holes and other unpleasant effects. The reason we are saying this is because recently, there are some extremely dangerous pieces of malware (1HB3KtKoguFuZ4BdmCv9Fc4tYTwDQgmqmW, Cve-2019-1663) roaming around the web and spreading via scams, phishing emails, spam messages and infected attachments. One such infection is the Trojan-based piece of malware called 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8 Bitcoin Wallet which has the ability to spy on you without your knowledge, steal personal data and use it against you or provide remote access to various hackers among other activities.
Usually, the most common criminal deeds that such programs could relate to are linked to banking frauds and theft of financial information, credit or debit card details, misuse of personal information, espionage, Ransomware distribution, as well as system and data corruption and destruction. In many cases, an infection with a Trojan may provide different hackers with unauthorized remote access to the compromised machine and let them take control over its resources. Unfortunately, the effects of the attack don’t always come immediately after you have been infected because, usually, once the Trojan enters the system, it nests deep into the OS and hides all of its traces for an indefinite period of time. This allows it to secretly launch its malicious agenda without being detected in a moment when nobody is expecting it. This being said, a Trojan Horse infection is much more complex and stealthy than a regular computer virus, therefore, it is much more difficult to detect and remove it.
Can I Remove 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8 by myself?
On this page, however, there is a special removal guide which explains how to remove one particularly nasty Trojan-based threat called 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8. If you are reading this because 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8 has somehow nested inside your PC or you have a doubt that such a Trojan might be lying dormant in the background, the instructions below will help you carefully check your entire PC for malicious files and delete any potentially dangerous program.
Since the activities of each Trojan very much depend on the intentions of its criminal creators, we can’t really tell you what kind of a damage a threat like 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8 may cause if not removed. What we can tell you for sure, though, is that nothing good expects you if a representative of this malware category has access to your machine. That’s why it is best to run a full scan with a professional removal tool such as the one that you will find below and carefully delete anything that is detected as a threat to your PC.
Unfortunately, most Trojans, including 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8, find their way inside the people’s machines accidentally, when the users interact with sketchy web content, infected links, ads, and cracked software installers. The most common way to invite a malware of this type on your computer is to download different free program keys, cracked installation packs, free illegal music or movies, games or torrents, from an unknown source. Once you click on the carrier, the Trojan is silently installed in the system. That’s why it is so important that you stick to reliable sources and keep away from unfamiliar web locations or shady downloads when downloading and installing new programs or surfing the web. And of course, invest in professional software for computer protection which can detect and remove potential threats on time.
|Danger Level||High (1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8 Trojans are often used as a backdoor for Ransomware)|
|Symptoms||1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8 Some Trojans might trigger frequent errors or BSOD crashes as well as cause your PC to experience slow-downs due to the higher amounts of RAM and CPU that are being used by the malware program.|
|Distribution Method||Most users get Trojans by visiting shady and unsafe sites, by opening malicious spam e-mail attachments, by clicking on random web ads that are not safe and by downloading pirated software.|
Remove 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8 Bitcoin Email Virus
Note: Before you go any further, we advise you to bookmark this page or have it open on a separate device such as your smartphone or another PC. Some of the steps might require you to exit your browser on this PC.
2: Task Manager
Press Ctrl + Shift + Esc to enter the Task Manager. Go to the Tab labeled Processes (Details for Win 8/10). Carefully look through the list of processes that are currently active on you PC.
If any of them seems shady, consumes too much RAM/CPU or has some strange description or no description at all, right-click on it, select Open File Location and delete everything there.
Also, even if you do not delete the files, be sure to stop the process by right-clicking on it and selecting End Process.
3: IP related to 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8
Go to c:\windows\system32\drivers\etc\hosts. Open the hosts file with notepad.
Find where it says Localhost and take a look below that.
If you see any IP addresses there (below Localhost) send them to us here, in the comments since they might be coming from the 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8.
To remove parasite on your own, you may have to meddle with system files and registries. If you were to do this, you need to be extremely careful, because you may damage your system.
If you want to avoid the risk, we recommend downloading SpyHunter - a professional malware removal tool - to see whether it will find malicious programs on your PC.
4: Disable Startup programs
Re-open the Start Menu and type msconfig.
Click on the first search result. In the next window, go to the Startup tab. If you are on Win 10, it will send you to the Startup part of the task manager instead, as in the picture:
If you see any sketchy/shady looking entries in the list with an unknown manufacturer or a manufacturer name that looks suspicious as there could be a link between them and 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8 , disable those programs and select OK.
5: Registry Editor
Press Windows key + R and in the resulting window type regedit.
Now, press Ctrl + F and type the name of the virus.
Delete everything that gets found. If you are not sure about whether to delete something, do not hesitate to ask us in the comments. Keep in mind that if you delete the wrong thing, you might cause all sorts of issues to your PC.
6: Deleting potentially malicious data – 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8
Type each of the following locations in the Windows search box and hit enter to open the locations:
Delete everything you see in Temp linked to 1PcZSbbc4u4juK64mpFSWwcR9hESPboRH8 Ransomware. About the other folders, sort their contents by date and delete only the most recent entries. As always, if you are not sure about something, write to us in the comment section.