How to remove "I'm a programmer who cracked your email"

It goes without saying that we all have something very important and personal, which we keep thoroughly away from other people. Personal photos and videos of us, some actions refer to the "secret" information, which we don’t want to share with anybody in the Earth. For example, we keep some photos and videos of us to remember some important events in our life. But they aren't for everybody; they are only for us or for a narrowed circle of people. You care about it, don't you? You must have already guessed with what today's subject of the article is connected. There are different spam campaigns, which are aimed to get some profit from you, and "I'm a programmer who cracked your email" scam is one of them. People, who are involved in this cyber-criminal activity, act like this: they send a letter, where they inform about the identity theft and start to demand a ransom from the owner of this information.


 Example of suchlike letter:



My nickname in darknet is des53.

I hacked this mailbox more than six months ago. Through it I infected your operating system with a virus (trojan) created by me and have been monitoring you for a long time.

Even if you changed the password after that – it does not matter, my virus intercepted all the caching data on your computer
and automatically saved access for me.

I have access to all your accounts, social networks, email, browsing history.

Accordingly, I have the data of all your contacts, files from your computer, photos and videos.

I was most struck by the adult sites that you occasionally visit.

You have a very wild imagination, I tell you!

During your pastime and entertainment there, I took screenshot through the camera of your device, synchronizing with what you are watching.

Oh my god! You were so funny and excited!

I think that you do not want all your contacts to get these files, right?

If you are of the same opinion, then I think that $880 is quite a fair price to destroy the dirt I created.

Send the above amount to my Bitcoin wallet: 1dvu5q2hq4srfnssawbrvnmtl4pvbkfp5w

As soon as the above amount is received, I guarantee that the data will be deleted, I do not need it.

Otherwise, these files and history of visiting sites will get all your contacts from your device.

Also, I’ll send to everyone your contact access to your email and access logs, which I have carefully saved.

Since reading this letter you have 48 hours!

After your reading this message, I’ll receive an automatic notification that you have seen the letter.

I hope I taught you a good lesson.

Visit safe websites only, and don’t enter your passwords anywhere!


You may wonder how they manage to break in your device. They aren't lazy to give a persuading and descriptive explanation to you: in order to track your personal data, a malicious code is downloaded to your pc; In order to get an access to your pc, the remote access tool is installed which lets them watch every your step. They go on extorting the victim until they get what they want. Otherwise, they promise to hand over the hair-raising information to his circle of acquaintances, which is supposed to ruin his reputation.


There are different ladders of success for them to use. For example, they say that they take a stock of his browsing activity. He's been noticed to visit some sites with a malicious reputation. One more example, he keeps some photos or videos, about existence of which nobody must have any ideas. If he feels that something above-mentioned takes place, he starts to be nervous about this situation and surrenders to their demand: he pays a ransom, which is usually about 870 $ in bit coins. This is how you should not do in any case. You may be dyeing to know about why his actions are wrong. Cyber criminals just want to take an advantage of you and make a good sum of money; you're the very person for them. To get what they want they use this method of extorting. The only advice which should be given to you is that you should ignore them. No matter what they say, just give up on them and go on enjoying your life. It's interesting for you to learn where they get your email address, isn’t it? It can be stolen from some sites, where you put it in once.


Besides spam, demanding a ransom, there are ones, which are aimed to infect your pc. Cyber criminals send spam letters, where there are different Microsoft attachments. If one opens them, he's asked to run some macros command. By doing it he lets viruses get installed on his pc. Here are three simple rules for you to follow:


  • Always be careful with different attachments, which you receive!
  • Never give up to any extorting letters!
  • Don’t let anybody make an extorted victim of you!

Removal steps

To defend the system and remove trojan virus, follow these steps.




Step 1. Boot the system into safe mode

  • Press Start
  • Type Msconfig and press Enter

Safe mode. Step 1


  • Select Boot tab

Safe mode. Step 2



  • Select Safe boot and press Ok

More information about Safe mode: What is Safe Mode and how to boot computer in Safe Mode


Step 2. Show all hidden files and folders

  • Press Start
  • Click on Control Panel

Show hidden files. Step 1


  • Select Appearance and Personalization

Show hidden files. Step 2


  • Click on Folder Options
  • Select View tab
  • Select Show hidden files, folders and drives

Show hidden files. Step 3


  • Press Ok


Step 3. Remove virus files


Check next folders to find suspicious files:

  • %TEMP%
  • %ProgramData%


Step 4. Fix hosts file

  • Go to %SystemRoot%\System32\drivers\etc\ folder



  • Open hosts file using Notepad or other text editor
  • Delete suspicious elements
  • Basic hosts file looks like this:



Step 5. Clean registry (for experienced users)

  • Click Start
  • Type Regedit.exe and press Enter
  • Clean startup registry keys
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\Run
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunOnce
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunServices
  • HKEY_LOCAL_MACHINE(HKEY_CURRENT_USER)\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit

Step 6. Scan the computer with antivirus


The last step is to scan the system with antivirus to delete all malware parts and protect the system in the future.


Special Offer

Download Spyhunter - Anti-malware scanner

We advise downloading SpyHunter to see, if it can detect malware for you.

Spyhunter has a biggest malware database

It protects the system against all kinds of threats: Trojans, adware and hijackers

24/7 Free Support Team

SpyHunter scanner detects threats and malware for free, but to remove infected elements you need to purchase a full version of program. More information about Spyhunter, EULA and Privacy policy.


Step 7. Disable Safe Mode and restart computer

  • Press Start
  • Type Msconfig and press Enter
  • Select Boot tab
  • Remove the check near Safe boot


Video with trojan virus





Share your feedback to help other people
1 1 1 1 1 1 1 1 1 1 Rating 0.00 [0 Votes]

You have no rights to post comments



Acronis suggestion to CrashPlans users

Around a month ago, there was an accident with CrashPlans backup software.

What is MicTrayDebugger and is it dangerous

This is a brief entry about MicTrayDebugger: what is it, how it appeared in the system, is it dangerous and how to get rid of it.

What is HoeflerText and is it dangerous?


This article is dedicated to the fraud scheme that is called HoeflerText font wasn't found. We will explain you what is this scheme and how to avoid it.

What is Wpad.dat virus and how it is used

The topic of our today's article is a script that had been unjustly called a virus. It’s Wpad.dat, and it is not a virus. We will explain what is Wpad.dat and how to prevent fraudsters to deceive yourself with its help.


Cancer virus trollware

This is an article about crazy Cancer virus and the madness that it brings to victim's computer.

This website uses cookies to improve your experience