New TOUGH MoneyPack virus.

Home Forums Windows New TOUGH MoneyPack virus.

This topic contains 4 replies, has 2 voices, and was last updated by  Slammer 4 years, 4 months ago.

Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #820

    Slammer
    Participant

    Got whacked this morning with an obligitory FBI, MoneyPack… Usually that’s a cake walk to fix. This one however was a monster. It imbedded the façade in the Documents folder and ran a Macro to block all updating of the usual Anti Malware programs. Yet, of course will allow network activity for those unfortunate enough to actually send these scumbags money. It blocked install of portable AV’s off of USB as well with unusual shut downs.

    It blew right past AVG…

    This is the resolution:
    Boot into safe mode with a Dos prompt.
    C:> Regedit
    Search the registry for 666a16ca.dll Mine was in the Windows Documents folder. It’s likely that the .DLL file will morph it’s actual name, but look in that location for a suspect file established the time and date of the infection. Delete this DLL and the associated values with the editor.

    You can search the Users/your computers name/Documents/Dir/p (Dir/p will allow to paginate the screen output) to find the date stamp. The malicious files will have dated themselves, look for the day and time of the infection.

    I hate script Kiddies and it getting to be time to go all ThirdWorld on these creeps.

    • This topic was modified 4 years, 4 months ago by  Slammer.
    • This topic was modified 4 years, 4 months ago by  Slammer.
    • This topic was modified 4 years, 4 months ago by  Slammer.
    #824
    Christian
    Christian
    Participant

    Glad you were able to successfully remove it. Do you know how it infected your system in the first place?

    Slightly related, I was just reading about how some media companies want to be able to send out viruses just like this:

    http://boingboing.net/2013/05/26/us-entertainment-industry-to-c.html

    #828

    Slammer
    Participant

    It came in on my lunch brake while importing a ‘Momentum’ game. I LOVE those types of games and have since long before Angry Birds. (The original ‘Splitter’ is still the king.)

    I suppose it was bound to happen. But it was a great challenge of my aging DOS skills. DOS is still an excellent OS.

    I’m like the local Virus Guru so I should know better, right? 😉

    #833
    Christian
    Christian
    Participant

    Never heard of Splitter before. I just went to look it up and ended up playing for at least half an hour 🙂

    I love DOS games (maybe just because I was more of a PC gamer back then). Many months ago I hunted down a copy of some old ones, Chuck Yeager’s Air Combat and the Super Solvers games. I got them loaded on some DOS emulator, either DOSEMU or DOSBox. The flight simulator wasn’t as good as I remembered but it’s probably because I didn’t have the joystick.

    #836

    Slammer
    Participant

    I bought an ATI graphics and TV card years ago. It worked great and came with a Helicopter sym called Team Apache. It was DOS base.

    But, it would only work with the ATI card. The machine died, the replacement did not have the required PCI card slot… so I never got to finish the game ;(

    It was incredible and cost me about a year of my life due to the addiction. I was surprised to find several versions on Amazon a few years back. But I just never found the time to pick it back up.

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

Comments are closed.