Knowledge Base - Your password is shitdad35

Below is an email I get from a spammer just about everyday for the last few weeks. If you see this email just delete it. It is coming from someone in France.
What happened is that I went to a site, not an adult site, and it installed a malware program.

The way I removed this virus was to install and run Malwarebytes Anti-Malware (free) (download it here)

============================================================

I do know shitdad35 one of your pass. Lets get directly to point. You do not know me and you're probably thinking why you're getting this e-mail? Not a single person has compensated me to check you. 

In fact, I actually placed a malware on the adult videos (pornographic material) web-site and guess what, you visited this site to experience fun (you know what I mean). While you were viewing videos, your browser started out functioning as a RDP having a keylogger which gave me access to your display screen as well as web camera. Immediately after that, my software program obtained every one of your contacts from your Messenger, social networks, and email . And then I made a double video. First part shows the video you were watching (you've got a nice taste : )), and second part shows the recording of your webcam, yea it is u. 

You have got a pair of options. We should study these options in particulars: 

First option is to dismiss this e mail. In that case, I most certainly will send your tape to all of your personal contacts and also think about regarding the shame yo u will see. And definitely should you be in an affair, precisely how it can affect? 

Second solution is to pay me $7000. Lets think of it as a donation. Subsequently, I most certainly will straightaway eliminate your video. You will go forward everyday life like this never took place and you never will hear back again from me. 

You will make the payment through Bitcoin (if you do not know this, search "how to buy bitcoin" in Google). 

BTC Address: 176oSx4DJW4M4ceSPoxNH3yfT6GMo8UzMg 
[CASE-SENSITIVE, copy & paste it] 

Should you are looking at going to the authorities, look, this e mail cannot be traced back to me. I have taken care of my moves. I am also not looking to charge you a lot, I only want to be paid. 

You have one day in order to make the payment. I've a unique pixel in this mail, and now I know that you have read this e-mail. If I do not receive the BitCoins, I definitely will send your video recording to all of your contacts including relatives, co-workers, and so on. Nonetheless, if I receive the payment, I'll destroy the recording right away. If you need proof, reply with Yup! and I will certainly send your video recording to your 10 contacts. It's a non:negotiable offer thus don't waste mine time & yours by replying to this e mail.

================================================================= 

Email Header 1:

Return-Path: <Aaron499Smith@yahoo.jp>
Delivered-To: info@.com
Received: from res203.servconfig.com
    by res203.servconfig.com with LMTP id MISbBRbXk1vLph4A25+V4A
    for <info@.com>; Sat, 08 Sep 2018 07:05:10 -0700
Return-path: <Aaron499Smith@yahoo.jp>
Envelope-to: info@.com
Delivery-date: Sat, 08 Sep 2018 07:05:10 -0700
Received: from [122.174.244.75] (port=50782 helo=yahoo.jp)
    by res203.servconfig.com with smtp (Exim 4.91)
    (envelope-from <Aaron499Smith@yahoo.jp>)
    id 1fydrI-008XIX-8A
    for info@.com; Sat, 08 Sep 2018 07:05:10 -0700
Received: from unknown (HELO smtp4.cyberemailings.com) (Sat, 08 Sep 2018 10:04:24 -0400)
    by relay-x.misswldrs.com with ASMTP; Sat, 08 Sep 2018 10:04:24 -0400
Received: from unknown (143.61.250.77)
    by rly04.hottestmile.com with LOCAL; Sat, 08 Sep 2018 09:52:37 -0400
Received: from unknown (HELO relay-x.misswldrs.com) (Sat, 08 Sep 2018 09:47:24 -0400)
    by smtp.doneohx.com with LOCAL; Sat, 08 Sep 2018 09:47:24 -0400
Received: from unknown (55.53.233.246)
    by mail.webhostings4u.com with NNFMP; Sat, 08 Sep 2018 09:41:28 -0400
Received: from unknown (197.170.114.86)
    by external.newsubdomain.com with SMTP; Sat, 08 Sep 2018 09:28:56 -0400
Message-ID: <479CF858.1B59842F@yahoo.jp>
Date: Sat, 08 Sep 2018 09:28:56 -0400
Reply-To: "Info" <Aaron499Smith@yahoo.jp>
From: "Info" <Aaron499Smith@yahoo.jp>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.19) Gecko/20090105 Thunderbird/2.0.0.19
X-Accept-Language: en-us
MIME-Version: 1.0
To: "shitface40" <info@.com>
Subject: shitdad35 
Content-Type: text/html;
    charset="us-ascii"
Content-Transfer-Encoding: base64

=================================================================

Email Header 2:

Return-Path: <Aaron324Smith@yahoo.jp>
Delivered-To: info@.com
Received: from res203.servconfig.com
    by res203.servconfig.com with LMTP id OAN0ABFLlVtJTwAA25+V4A
    for <info@.com>; Sun, 09 Sep 2018 09:32:17 -0700
Return-path: <Aaron324Smith@yahoo.jp>
Envelope-to: info@.com
Delivery-date: Sun, 09 Sep 2018 09:32:17 -0700
Received: from [86.127.64.212] (port=59317 helo=yahoo.jp)
    by res203.servconfig.com with smtp (Exim 4.91)
    (envelope-from <Aaron324Smith@yahoo.jp>)
    id 1fz2dD-0007R6-PM
    for info@.com; Sun, 09 Sep 2018 09:32:16 -0700
Received: from mx.reskind.net ([32.86.138.209]) by external.newsubdomain.com with LOCAL; Sun, 09 Sep 2018 12:22:35 -0400
Received: from unknown (66.114.228.29)
    by webmail.halftomorrow.com with ASMTP; Sun, 09 Sep 2018 12:20:38 -0400
Message-ID: <06446968.AD93EA33@yahoo.jp>
Date: Sun, 09 Sep 2018 12:20:38 -0400
Reply-To: "Info" <Aaron324Smith@yahoo.jp>
From: "Info" <Aaron324Smith@yahoo.jp>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.16) Gecko/20080723 Fedora/2.0.0.16-1.fc8 Thunderbird/2.0.0.16
X-Accept-Language: en-us
MIME-Version: 1.0
To: "shitface40" <info@.com>
Subject: shitdad35 
Content-Type: text/html;
    charset="us-ascii"
Content-Transfer-Encoding: base64

==================================================================

Email Header 3:

Return-Path: <Aaron253Smith@yahoo.jp>
Delivered-To: info@.com
Received: from res203.servconfig.com
    by res203.servconfig.com with LMTP id gJBcHzUqmVvsgg4A25+V4A
    for <info@.com>; Wed, 12 Sep 2018 08:01:09 -0700
Return-path: <Aaron253Smith@yahoo.jp>
Envelope-to: info@.com
Delivery-date: Wed, 12 Sep 2018 08:01:09 -0700
Received: from [181.88.178.93] (port=53330 helo=yahoo.jp)
    by res203.servconfig.com with smtp (Exim 4.91)
    (envelope-from <Aaron253Smith@yahoo.jp>)
    id 1g06df-0043W1-ND
    for info@.com; Wed, 12 Sep 2018 08:01:09 -0700
Received: from [144.231.50.25] by smtp-server1.cfdenselr.com with SMTP; Wed, 12 Sep 2018 10:50:15 -0400
Received: from unknown (11.174.172.31)
    by mmx09.tilkbans.com with LOCAL; Wed, 12 Sep 2018 10:34:30 -0400
Message-ID: <EB7F0334.4D58FCCD@yahoo.jp>
Date: Wed, 12 Sep 2018 10:34:30 -0400
From: "Info" <Aaron253Smith@yahoo.jp>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.18) Gecko/20081105 Thunderbird/2.0.0.18
X-Accept-Language: en-us
MIME-Version: 1.0
To: "shitface40" <info@.com>
Subject: shitdad35
Content-Type: text/html;
    charset="us-ascii"
Content-Transfer-Encoding: base64

================================================================

Email Header 4:

Return-Path: <Aaron419Smith@yahoo.jp>
Delivered-To: info@.com
Received: from res203.servconfig.com
    by res203.servconfig.com with LMTP id gDHtBldunVu9qgMA25+V4A
    for <info@.com>; Sat, 15 Sep 2018 13:40:55 -0700
Return-path: <Aaron419Smith@yahoo.jp>
Envelope-to: info@.com
Delivery-date: Sat, 15 Sep 2018 13:40:55 -0700
Received: from [181.167.254.25] (port=53245 helo=yahoo.jp)
    by res203.servconfig.com with smtp (Exim 4.91)
    (envelope-from <Aaron419Smith@yahoo.jp>)
    id 1g1HN7-001115-Oo
    for info@.com; Sat, 15 Sep 2018 13:40:55 -0700
Received: from unknown (178.214.228.80)
    by smtp.mixedthings.net with SMTP; Sat, 15 Sep 2018 16:41:02 -0400
Received: from unknown (HELO qrx.quickslick.com) (Sat, 15 Sep 2018 16:31:16 -0400)
    by mail.naihautsui.co.kr with QMQP; Sat, 15 Sep 2018 16:31:16 -0400
Received: from unknown (59.245.239.227)
    by mail.gimmicc.net with ESMTP; Sat, 15 Sep 2018 16:27:08 -0400
Message-ID: <A0BBE9AD.022A6F1D@yahoo.jp>
Date: Sat, 15 Sep 2018 16:27:08 -0400
Reply-To: "Info" <Aaron419Smith@yahoo.jp>
From: "Info" <Aaron419Smith@yahoo.jp>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.12) Gecko/20080227 Thunderbird/2.0.0.12
X-Accept-Language: en-us
MIME-Version: 1.0
To: "shitface40" <info@.com>
Subject: Your password is shitdad35
Content-Type: text/html;
    charset="iso-8859-1"
Content-Transfer-Encoding: base64

================================================================

Email Header 5:

Return-Path: <Aaron646Smith@yahoo.jp>
Delivered-To: info@.com
Received: from res203.servconfig.com
    by res203.servconfig.com with LMTP id QHFFDv5/nltCug0A25+V4A
    for <info@.com>; Sun, 16 Sep 2018 09:08:30 -0700
Return-path: <Aaron646Smith@yahoo.jp>
Envelope-to: info@.com
Delivery-date: Sun, 16 Sep 2018 09:08:30 -0700
Received: from [182.69.139.159] (port=51921 helo=yahoo.jp)
    by res203.servconfig.com with smtp (Exim 4.91)
    (envelope-from <Aaron646Smith@yahoo.jp>)
    id 1g1Zb2-003oxN-9R
    for info@.com; Sun, 16 Sep 2018 09:08:30 -0700
Received: from mtu23.bigping.com [210.140.178.232] by smtp-server1.cfdenselr.com with SMTP; Sun, 16 Sep 2018 11:59:57 -0400
Received: from m1.gns.snv.thisdomainl.com ([13.220.244.3]) by relay.2yahoo.com with ASMTP; Sun, 16 Sep 2018 11:50:23 -0400
Received: from unknown (HELO smtp.mixedthings.net) (Sun, 16 Sep 2018 11:37:07 -0400)
    by mts.locks.grgtween.net with NNFMP; Sun, 16 Sep 2018 11:37:07 -0400
Received: from smtp18.yenddx.com ([Sun, 16 Sep 2018 11:30:59 -0400])
    by group21.345mail.com with SMTP; Sun, 16 Sep 2018 11:30:59 -0400
Message-ID: <C30EA18D.F2AAE997@yahoo.jp>
Date: Sun, 16 Sep 2018 11:30:59 -0400
From: "Info" <Aaron646Smith@yahoo.jp>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.21) Gecko/20090302 Thunderbird/2.0.0.21
X-Accept-Language: en-us
MIME-Version: 1.0
To: "shitface40" <info@.com>
Subject: shitdad35
Content-Type: text/html;
    charset="us-ascii"
Content-Transfer-Encoding: base64

=================================================================

Email Header 6:

Return-Path: <Aaron548Smith@yahoo.jp>
Delivered-To: info@.com
Received: from res203.servconfig.com
    by res203.servconfig.com with LMTP id uG5iIYSyoFt8KSgA25+V4A
    for <info@.com>; Tue, 18 Sep 2018 01:08:36 -0700
Return-path: <Aaron548Smith@yahoo.jp>
Envelope-to: info@.com
Delivery-date: Tue, 18 Sep 2018 01:08:36 -0700
Received: from [91.244.114.47] (port=55747 helo=yahoo.jp)
    by res203.servconfig.com with smtp (Exim 4.91)
    (envelope-from <Aaron548Smith@yahoo.jp>)
    id 1g2B3j-00B6SL-KS
    for info@.com; Tue, 18 Sep 2018 01:08:36 -0700
Received: from mxs.perenter.com ([Tue, 18 Sep 2018 04:08:35 -0400])
    by m1.gns.snv.thisdomainl.com with ESMTP; Tue, 18 Sep 2018 04:08:35 -0400
Message-ID: <AB9A692D.8B352BDC@yahoo.jp>
Date: Tue, 18 Sep 2018 04:08:35 -0400
From: "Info" <Aaron548Smith@yahoo.jp>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.12) Gecko/20080213 Thunderbird/2.0.0.12
X-Accept-Language: en-us
MIME-Version: 1.0
To: "shitface40" <info@.com>
Subject: Your password is shitdad35
Content-Type: text/html;
    charset="iso-8859-1"
Content-Transfer-Encoding: base64

===============================================================

Email Header 7:

Return-Path: <Aaron793Smith@yahoo.jp>
Delivered-To: info@.com
Received: from res203.servconfig.com
    by res203.servconfig.com with LMTP id UBRNOke+oVtqfj4A25+V4A
    for <info@markslocksmith.com>; Tue, 18 Sep 2018 20:11:03 -0700
Return-path: <Aaron793Smith@yahoo.jp>
Envelope-to: info@.com
Delivery-date: Tue, 18 Sep 2018 20:11:03 -0700
Received: from [125.160.79.202] (port=27775 helo=yahoo.jp)
    by res203.servconfig.com with smtp (Exim 4.91)
    (envelope-from <Aaron793Smith@yahoo.jp>)
    id 1g2StK-00HCPt-Ik
    for info@.com; Tue, 18 Sep 2018 20:11:03 -0700
Received: from unknown (50.152.99.76)
    by mxs.perenter.com with ASMTP; Tue, 18 Sep 2018 22:53:44 -0400
Received: from qrx.quickslick.com ([80.191.162.195]) by webmail.halftomorrow.com with QMQP; Tue, 18 Sep 2018 22:45:17 -0400
Received: from external.newsubdomain.com ([135.219.61.9]) by smtp4.cyberemailings.com with SMTP; Tue, 18 Sep 2018 22:45:00 -0400
Received: from mail.gimmicc.net ([121.96.101.43]) by rsmail.alkoholic.net with SMTP; Tue, 18 Sep 2018 22:43:21 -0400
Received: from mail.webhostings4u.com ([59.107.186.65]) by m1.gns.snv.thisdomainl.com with NNFMP; Tue, 18 Sep 2018 22:26:47 -0400
Message-ID: <675B5401.721EB94A@yahoo.jp>
Date: Tue, 18 Sep 2018 22:26:47 -0400
From: "Info" <Aaron793Smith@yahoo.jp>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.16) Gecko/20080723 Fedora/2.0.0.16-1.fc8 Thunderbird/2.0.0.16
X-Accept-Language: en-us
MIME-Version: 1.0
To: "shitface40" <info@.com>
Subject: Your password is shitdad35
Content-Type: text/html;
    charset="iso-8859-1"
Content-Transfer-Encoding: base64

================================================================

Details

Created : 2018-09-18 21:24:30, Last Modified : 2018-09-18 22:02:45