"My virus captured all your personal data Email Scam" removal guide
What is "My virus captured all your personal data Email Scam"?
"My virus captured all your personal data Email Scam" is an email that is categorized as being part of a spam campaign. Cyber criminals who send these emails attempt to trick people into believing that they have recorded compromising material (embarrassing photos or videos of users), and then make ransom demands. Generally, they send these emails to many people and hope that a certain percentage will fall for their scam. If you have received this message, we can assure you that there is nothing to worry about.
The "My virus captured all your personal data Email Scam" implies that you have visited a pornographic website that was infected with malware. As a result, they installed a remote access tool (RAT) and recorded you watching pornography. Furthermore, they claim that they have access to your contacts list and will send the video to all of these people if you do not meet their demands. In this particular case, cyber criminals demand that the user transfers 600 dollars in Bitcoins to a wallet address provided. If the ransom is not paid within 30 hours, they threaten to distribute the video. If, however, more time is needed, payment can be made within 50 hours. To extend this time period, you are instructed to open the Calculator and press "+" three times. In this way, they hope that you will assume that they can see what you are doing on your computer. This is not true - they cannot monitor your actions. The people who have sent this email do not have any video of you, there is no remote access tool installed on your computer, and so on. We recommend that you simply ignore this email and, most importantly, do not try to contact "My virus captured all your personal data Email Scam" developers or send them any money.
|Name||My Virus Captured All Your Personal Data Email Scam|
|Threat Type||Phishing, Scam, Social Engineering, Fraud|
|Symptoms||Unauthorized online purchases, changed online account passwords, identity theft, illegal access of one's computer.|
|Distribution methods||Deceptive emails, rogue online pop-up ads, search engine poisoning techniques, misspelled domains.|
|Damage||Loss of sensitive private information, monetary loss, identity theft.|
|Malware Removal (Windows)||
To eliminate possible malware infections, scan your computer with legitimate antivirus software. Our security researchers recommend using Malwarebytes.
All scam campaigns are very similar. You can check any examples and you will see that they are virtually identical to Hacker Who Cracked Your Email And Device, Remote Control Desktop With A Key Logger, and We Have Installed One RAT Software. Nevertheless, some spam campaigns are used to trick users into opening an attachment designed to spread high-risk viruses (such as TrickBot, Adwind, FormBook, etc). These attachments are usually Microsoft Office documents such as .doc (Word), .xls (Excel), .ppt (Power Point), and so on. These viruses collect personal information, such as banking information, passwords, logins, and other personal/sensitive data. Having your computer infected with these viruses might lead to various privacy issues and data/financial loss. Furthermore, they might open "backdoors" for other viruses to infiltrate (for example, ransomware-type viruses).
We receive a great deal of feedback from concerned users about this scam email. Here is the most popular question we receive:
Q: Hi pcrisk.com team, I received an email stating that my computer was hacked and they have a video of me. Now they are asking for a ransom in Bitcoins. I think this must be true because they listed my real name and password in the email. What should I do?
A: Do not worry about this email. Neither hackers nor cyber criminals have infiltrated/hacked your computer and there is no video of you watching pornography. Simply ignore the message and do not send any Bitcoins. Your email, name, and password was probably stolen from a compromised website such as Yahoo (these website breaches are common). If you are concerned, you can check if your accounts have been compromised by visiting haveibeenpwned website.
How do spam campaigns infect computers?
Spam email campaigns that proliferate malicious attachments (Microsoft Office documents) can only do harm if opened. When a malicious document/attachment is opened, it usually asks for permission to enable macro commands. In this case, enabling these commands gives permission to download and install malware. Note, however, that malicious attachments cannot affect users of software other than Microsoft Office products. These attachments can proliferate viruses only if they are opened using Word, Excel, or other MS Office applications. In effect, they target Microsoft Office users only.
How to avoid installation of malware?
Ignore (do not open) attachments that are included in emails sent from unknown/suspicious email addresses. Think twice before opening them. Download software from official and trustworthy sources only, and do not use third party downloaders or other similar channels. Software developers often use the "bundling" method to trick users into installing potentially unwanted/rogue applications. Therefore, we recommend that you check "Custom", "Advanced" and other similar settings/options of the installation processes. Opt-out of additionally-included applications and only then finish the installation. Keep your software updated, but do this using tools provided by official developers or implemented functions only. There are various fake software developers that install rogue apps rather than the updates/fixes. These tools should never be used. You are advised to use Microsoft Office versions no older than 2010. Older versions do not have "Protected View" mode, which prevents downloaded files (malicious attachments) from executing commands that download and install malicious software. If you have already opened "My virus captured all your personal data Email Scam" attachment, we recommend running a scan with Malwarebytes for Windows to automatically eliminate infiltrated malware.
Text presented in the "My virus captured all your personal data Email Scam" email message:
Subject: You are my victim.
I write you because I put a malware on the web site with porno which you have viewed.
My virus captured all your personal data and switched on your webcam which recorded the process of your masturbation. Just after that the virus saved your contact list.
I will erase the compromising video records and information if you pay me 600 USD in bitcoin.
This is address for payment : 15AGyZEJaLMnUhJKMkuziPS4wwDsWBUHiP
I give you 30 hours after you view my message for making the transaction.
As soon as you read the message I'll see it immediately.
It is not necessary to tell me that you have sent money to me. This address is connected to you, my system will delete everything automatically after transfer confirmation.
If you need 50 hours just Open the calculator on your desktop and press +++
If you don't pay, I'll send dirt to all your contacts.
Let me remind you-I see what you're doing!
You can visit the police office but nothing can't help you.
If you attempt to deceive me , I'll know it right away!
I don't live in your country. So anyone can't find my location even for 9 months.
Goodbye for now. Don't forget about the disgrace and to ignore, Your life can be ruined.
Instant automatic malware removal:
Manual threat removal might be a lengthy and complicated process that requires advanced computer skills. Malwarebytes is a professional automatic malware removal tool that is recommended to get rid of malware. Download it by clicking the button below:
- What is "My virus captured all your personal data Email Scam"?
- STEP 1. Manual removal of possible malware infections.
- STEP 2. Check if your computer is clean.
How to remove malware manually?
Manual malware removal is a complicated task - usually it is best to allow antivirus or anti-malware programs to do this automatically. To remove this malware we recommend using Malwarebytes for Windows. If you wish to remove malware manually, the first step is to identify the name of the malware that you are trying to remove. Here is an example of a suspicious program running on a user's computer:
If you checked the list of programs running on your computer, for example using task manager, and identified a program that looks suspicious, you should continue with these steps:
Download a program called Autoruns. This program shows auto-start applications, Registry, and file system locations:
Restart your computer into Safe Mode:
Windows XP and Windows 7 users: Start your computer in Safe Mode. Click Start, click Shut Down, click Restart, click OK. During your computer start process, press the F8 key on your keyboard multiple times until you see the Windows Advanced Option menu, and then select Safe Mode with Networking from the list.
Video showing how to start Windows 7 in "Safe Mode with Networking":
Windows 8 users: Start Windows 8 is Safe Mode with Networking - Go to Windows 8 Start Screen, type Advanced, in the search results select Settings. Click Advanced startup options, in the opened "General PC Settings" window, select Advanced startup. Click the "Restart now" button. Your computer will now restart into the "Advanced Startup options menu". Click the "Troubleshoot" button, and then click the "Advanced options" button. In the advanced option screen, click "Startup settings". Click the "Restart" button. Your PC will restart into the Startup Settings screen. Press F5 to boot in Safe Mode with Networking.
Video showing how to start Windows 8 in "Safe Mode with Networking":
Windows 10 users: Click the Windows logo and select the Power icon. In the opened menu click "Restart" while holding "Shift" button on your keyboard. In the "choose an option" window click on the "Troubleshoot", next select "Advanced options". In the advanced options menu select "Startup Settings" and click on the "Restart" button. In the following window you should click the "F5" button on your keyboard. This will restart your operating system in safe mode with networking.
Video showing how to start Windows 10 in "Safe Mode with Networking":
Extract the downloaded archive and run the Autoruns.exe file.
In the Autoruns application click "Options" at the top and uncheck the "Hide Empty Locations" and "Hide Windows Entries" options. After this procedure, click the "Refresh" icon.
Check the list provided by the Autoruns application and locate the malware file that you want to eliminate.
You should write down its full path and name. Note that some malware hides process names under legitimate Windows process names. At this stage, it is very important to avoid removing system files. After you locate the suspicious program you wish to remove, right click your mouse over its name and choose "Delete".
After removing the malware through the Autoruns application (this ensures that the malware will not run automatically on the next system startup), you should search for the malware name on your computer. Be sure to enable hidden files and folders before proceeding. If you find the filename of the malware, be sure to remove it.
Reboot your computer in normal mode. Following these steps should remove any malware from your computer. Note that manual threat removal requires advanced computer skills. If you do not have these skills, leave malware removal to antivirus and anti-malware programs. These steps might not work with advanced malware infections. As always it is best to prevent infection than try to remove malware later. To keep your computer safe, install the latest operating system updates and use antivirus software.
To be sure your computer is free of malware infections, we recommend scanning it with Malwarebytes for Windows.