About the “Hey I Know Your Password Is” Email Scam
If your computer has secretly been compromised by an infection called “Hey I Know Your Password Is”, you most probably are desperately seeking methods to remove this threat and clean your system. And you have all the reasons to be concerned, because “Hey I Know Your Password Is” is not some random virus but a very sneaky Trojan Horse which can do a lot of damage to your machine in no time. Like a typical Trojan-based infection, this threat may disguise itself as something seemingly useful or legitimate-looking, and may easily trick you into clicking on it in order to get you infected. Supposed awards that you have won without participating, irresistible discounts, email messages with different attachments and links that prompt you to open them are just some of the most common transmitters.
Once inside the system, the malware may create a backdoor through which a third-party attacker may access the device. They can make use of the webcam without permission, delete the data stored in the hard disk, modify the system settings, or even insert other viruses like Spyware, Rootkits or Ransomware.
To keep your machine safe, you must avoid downloading content from unknown or doubtful pages, as well as monitor the downloads made from P2P applications and limit your interaction with spam, sketchy offers or random emails and their attachments. Unfortunately, that may still not be enough to keep threats like “Hey I Know Your Password Is” away from you. That’s why you may need to also invest in reliable security software and do regular scans with it.
Why Trojans such as “Hey I Know Your Password Is” are so dangerous?
It is not an accident that Trojans are classified as some of the most malicious threats on the Internet, which are known to infect both companies and individual users. These types of malicious programs are designed to steal information or take over computers and mobile devices without showing visible symptoms. What is more, there may be a significant difference between the time of infection and the time of the actual attack. This is because the malware may lie dormant in the system for an indefinite period of time, until it receives commands from its criminal creators.
Still, protecting yourself from threats like “Hey I Know Your Password Is”, Drive by Exploit and Remote Administration Tool is possible. Reputed security experts, including our “How to remove” team, advise the web users to avoid downloading content from unknown pages or from ones that have doubtful reputation, as well as avoid interacting with sketchy ads, emails from unknown senders, spam and too-good-to-be-true offers. Another safe way to combat this malware is to avoid opening files of doubtful origin on the Internet and download and use software that only comes from reputed developers. In addition, it is important to have an advanced security solution installed and keep it updated.
Most antivirus and antimalware programs detect known Trojans in the majority of instances. However, some of these threats may be quite sophisticated, and may be able to block your security programs, in which case you may need to resort to a manual removal method, which consists of locating the malware in the registers and in your HDD and removing it manually. To help you with this process, below we have prepared a manual “Hey I Know Your Password Is” removal guide. Of course, if you are not that tech savvy and if you think you may not be able to complete it, there is also a trusted professional removal tool for automatic assistance which can deal with this Trojan in a few clicks.
SUMMARY:
Name | “Hey I Know Your Password Is” |
Type | Trojan |
Danger Level | High (Trojans are often used as a backdoor for Ransomware) |
Symptoms | Usually, Trojans try to hide their symptoms and silently perform their activities without visible indications. |
Distribution Method | Spam, malicious email attachments, fake ads, torrents, illegal websites, pirated software and shady links could be common sources of Trojans. |
Remove “Hey I Know Your Password Is”
1: Preparations
Note: Before you go any further, we advise you to bookmark this page or have it open on a separate device such as your smartphone or another PC. Some of the steps might require you to exit your browser on this PC.
2: Task Manager
Press Ctrl + Shift + Esc to enter the Task Manager. Go to the Tab labeled Processes (Details for Win 8/10). Carefully look through the list of processes that are currently active on you PC.
If any of them seems shady, consumes too much RAM/CPU or has some strange description or no description at all, right-click on it, select Open File Location and delete everything there.
Also, even if you do not delete the files, be sure to stop the process by right-clicking on it and selecting End Process.
3: IP related to “Hey I Know Your Password Is”
Go to c:\windows\system32\drivers\etc\hosts. Open the hosts file with notepad.
Find where it says Localhost and take a look below that.
If you see any IP addresses there (below Localhost) send them to us here, in the comments since they might be coming from the “Hey I Know Your Password Is”.
[add_forth_banner]
4: Disable Startup programs
Re-open the Start Menu and type msconfig.
Click on the first search result. In the next window, go to the Startup tab. If you are on Win 10, it will send you to the Startup part of the task manager instead, as in the picture:
If you see any sketchy/shady looking entries in the list with an unknown manufacturer or a manufacturer name that looks suspicious as there could be a link between them and “Hey I Know Your Password Is” , disable those programs and select OK.
5: Registry Editor
Press Windows key + R and in the resulting window type regedit.
Now, press Ctrl + F and type the name of the virus.
Delete everything that gets found. If you are not sure about whether to delete something, do not hesitate to ask us in the comments. Keep in mind that if you delete the wrong thing, you might cause all sorts of issues to your PC.
6: Deleting potentially malicious data – “Hey I Know Your Password Is”
Type each of the following locations in the Windows search box and hit enter to open the locations:
%AppData%
%LocalAppData%
%ProgramData%
%WinDir%
%Temp%
Delete everything you see in Temp linked to “Hey I Know Your Password Is”. About the other folders, sort their contents by date and delete only the most recent entries. As always, if you are not sure about something, write to us in the comment section.