• There seems to be an uptick in Political comments in recent months. Those of us who are long time members of the site know that Political and Religious content has been banned for years. Nothing has changed. Please leave all political and religious comments out of the forums.

    If you recently joined the forums you were not presented with this restriction in the terms of service. This was due to a conversion error when we went from vBulletin to Xenforo. We have updated our terms of service to reflect these corrections.

    Please note any post refering to a politician will be considered political even if it is intended to be humor. Our experience is these topics have a way of dividing the forums and causing deep resentment among members. It is a poison to the community. We appreciate compliance with the rules.

    The Staff of SOH

  • Server side Maintenance is done. We still have an update to the forum software to run but that one will have to wait for a better time.

Moneypak virus

PRB

Administrator
Staff member
I got the “moneypak” virus. What a pain in the butt. It locks your computer completely. You can't do anything with it except turn it off. The only thing that saved me was that it only works if the computer is connected to the Internet. Malwarebytes didn't find it, Spybot Search and destroy didn't find it, nor did MS Security Essentials. All attempts at manual removal failed because it kept “coming back” upon reboot. And it wouldn't let me even run the task manager. The “last resort” suggestion, system restore, worked beautifully. I've never run system restore before, but I'm a fan now. I guess I always thought that it restored your computer to it's original state, 5 minutes after installing the OS. But it's really nice. I had a restore point one day before I got this thing, five minutes later I was back to normal.

I also love how some of the web sites that claim to tell you how to remove it refer to the “moneypak scam”. Scam? It's a &^%$# virus! I didn't spend a lot of time reading the message on my computer when I got it, but apparently you can pay these jerks 200 dollars and they'll unlock your computer! I find that hard to believe. And then this web site says “rather than pay the ransom, a better solution is to remove the software...” No, really? Are there people out there across the fruited www who are actually trying to pay these people?
 
You would be amazed at how many computer "illiterate" people fall for this kind of crap,I've had neighbors that have taken their infected PC's to places like Geek Squad and be charged $200-$300 dollars to do exactly what you did to fix the problem.....maybe I'm in the wrong business!:icon_lol:
 
3 weeks ago a good friend of mine got that virus. He was running windows XP
I went to walmarts and bought a windows 7 upgrade disk, that really worked and I saved his files they were in a folder called windows-old on his hard drive as soon as i got all he wanted I deletted the windows-old folder.
 
system restore is where many trojans like to hide. ask any network guy

Yes that is true any virus worth its salt will plant itself in the system restore points just to make sure you can't get rid of it that easily.

Your only true protection is having an up to date image of your hard drive that you can burn to your disk at need.

Unfortunately that means lots of work and plenty of spare disk space on a drive somewhere.
 
I got a virus earlier this week (don't know which one), the answers simple, re-format and re-install, end of problem!

Ian.
 
if you resolved with system restore then wasn't a so dangerous virus..i catch one that hit also system restore...that was very difficult to destroy. i find by myself the two folders created with an exe running but not visible on task manager plus two keys into the registry. Trying to restore at a previous time infected all system restore and every time you turn off the computer blocked fully the system at restrart and recreate new infected files. It blocked also malwarebytes, antivirus and firewall...after three days of deleting folder key registry and and a specified Kaspersky Virus Removal Tool i was able to remove completelyit was the trojan crypt gen2, hope will not arrive on your computer.
 
Probably I got lucky. The fact that it didn't affect the syetm if it wasn't connected to the Internet also probably indicates a "poorly written" virus.
 
my big computer only runs SOH and its servers, when i surf the internet i use a linux machine, and my network is setup not to talk to the other machines on the network.
 
Probabloy so. It blasted right pas MS Security Essentials, which was running, and up to date. Jerks.
 
PRB,

Thank you for your post. If you don't mind telling me - what were you doing when you found out you had the virus? Do you have any idea how you contracted it?

JAMES
 
Same way I got the last virus, searching various web sites for programming help. Great tool, Mr. Google, but tread carefully!
 
Was that the same as the 'Ukash' virus? Got that one last week, and it sounds like it was the same thing. Malwarebytes did find it, but I didn't have it installed when it infected me.
I think I got mine while downloading from Mediafire.
 
Most of these issue probably could have been avoided if you ran FireFox with the NoScript add on installed.

While Mediafire was probably not to blame it may have been an infected advertisement link on their website. With NoScript I can access a webpage and allow only the java script that I actually need. I can usually block all advertisements with impunity.
 
Same way I got the last virus, searching various web sites for programming help. Great tool, Mr. Google, but tread carefully!

I am always fearful of clicking on links from searches. You never know what you are going to get into.
 
Back
Top