To some data - received by polling your browser. He could also exploit a hole in it by installing Trojans for you.
The computer must be immediately turned off (better, directly from the outlet - with a regular shutdown, the bastard can frolic), boot from the LIVE-carrier, take a picture of the hard drive. Wait two or three weeks, check it with the latest antiviruses, extract the missing data.
On the computer itself, the operating system should be deleted, the disks formatted, and the data restored from backups made before the incident.
In addition, it is advisable to reset the Internet session if you have a dynamic white IP.
Then with a probability of 95% the threat will be removed.

It's not a virus. When you request a picture, your browser transmits a bunch of information about your system and, having access to the server logs, you can see it.

Then he gave out what kind of Windows I have!

When I dabbled with the Metasploit program many years ago, throwing incomprehensible links to the guys in "Naska", I knew all the ADSL logins and passwords of the users of my local network (which I used until I got stuck :)), had Trojans thrown by me as backdoors, and so on .
When users followed the link, I got the ability to exploit an open hole in the system / program / something else.
Exploit
Answer: You can.