Pony Botnet

Message boards : Number crunching : Pony Botnet
Message board moderation

To post messages, you must log in.

AuthorMessage
Profile Paul D Harris
Volunteer tester

Send message
Joined: 1 Dec 99
Posts: 1122
Credit: 33,600,005
RAC: 0
United States
Message 1450712 - Posted: 6 Dec 2013, 17:55:43 UTC

What is the best way to detect this Trojan Pony Botnet?
ID: 1450712 · Report as offensive
rob smithSpecial Project $250 donor
Volunteer tester

Send message
Joined: 7 Mar 03
Posts: 15369
Credit: 257,957,409
RAC: 262,655
United Kingdom
Message 1450718 - Posted: 6 Dec 2013, 18:19:07 UTC

Here's what one of the anti-virus/security companies says:

Once installed, Pony botnet will be configured to start automatically when you start Windows. Once started, the Pony botnet program will perform a scan, and when done, it will list a variety of legitimate or nonexistent files as infections that cannot be removed unless you first purchase the Pony botnet program. Pony botnet will try to intimidate the user by flooding him with popups and fake system notifications, which present him with a false message of infection. The Pony botnet parasite will try to reassure this claim by providing falsified system scan reports, which mark such files as explorer.exe and alg.exe as serious threats. Pony botnet will then execute a “scan” of your computer. This so-called “scan” will always have the same result: that your computer is heavily infected and compromised by malware and spyware. It is very critical to remove Pony botnet and all its components.

Bob Smith
Member of Seti PIPPS (Pluto is a Planet Protest Society)
Somewhere in the (un)known Universe?
ID: 1450718 · Report as offensive
Cosmic_Ocean
Avatar

Send message
Joined: 23 Dec 00
Posts: 2913
Credit: 10,894,722
RAC: 395
United States
Message 1450859 - Posted: 6 Dec 2013, 23:20:45 UTC

Of course if you're not sure if you're clean or not.. I don't know what you have/use for anti-virus, but Avira has always worked well for me. However, that won't find a lot of things, so I end up pairing it with MBAM and Spybot Search & Destroy. The last two typically find and remove everything I've encountered, usually MBAM is the one that does the heavy lifting.. I just run Spybot as a follow-up to make sure no crumbs were left behind.
Linux laptop:
record uptime: 1511d 20h 19m (ended due to the power brick giving-up)
ID: 1450859 · Report as offensive
Profile Paul D Harris
Volunteer tester

Send message
Joined: 1 Dec 99
Posts: 1122
Credit: 33,600,005
RAC: 0
United States
Message 1450896 - Posted: 7 Dec 2013, 0:37:04 UTC - in response to Message 1450859.  

Of course if you're not sure if you're clean or not.. I don't know what you have/use for anti-virus, but Avira has always worked well for me. However, that won't find a lot of things, so I end up pairing it with MBAM and Spybot Search & Destroy. The last two typically find and remove everything I've encountered, usually MBAM is the one that does the heavy lifting.. I just run Spybot as a follow-up to make sure no crumbs were left behind.


Thanks I will try them windows defender says my system is clean.
ID: 1450896 · Report as offensive
Profile Valerie Chilton
Volunteer tester
Avatar

Send message
Joined: 14 Jan 08
Posts: 53
Credit: 20,682,710
RAC: 0
United States
Message 1452315 - Posted: 10 Dec 2013, 14:13:02 UTC

Best to use offline defender before you run mbam & Sybot, then run combofix last, that will kill orphaned registry entries. Advanced System Care doesn't hurt in the virus murdering procedures

Val

And after the spanking comes...



Ni !
ID: 1452315 · Report as offensive

Message boards : Number crunching : Pony Botnet


 
©2017 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.