liptonvillag Registered User
#16

youcancallmeal said:
Yep this did the trick for me too.
I see it has made the news now too


Glad to hear it worked for you. Interesting article. Annoys people got scammed. I would have thrown the lap top in the bin rather then pay it even it was going to be unlocked. Hopefully it raises awareness.

take it easy

fryup Registered User
#17

i got the feckin thing on saturday (frighten the life out of me...till i saw they were looking for money then it clicked)

so i did a safe mode > system restore

then did a spybot scan and it came back with...fraud-hotspot-shield is this whats behind the garda scam??

Well i removed it, but now i can't use mobile bb ??

RossieMan Registered User
#18

fryup said:
i got the feckin thing on saturday (frighten the life out of me...till i saw they were looking for money then it clicked)

so i did a safe mode > system restore

then did a spybot scan and it came back with...fraud-hotspot-shield is this whats behind the garda scam??

Well i removed it, but now i can't use mobile bb ??



i've seen it 10+ times and its always been a file called Skype.dat somewhere in your files.

Not seen it done with a system restore before.

Safe mode, run malwarebytes, reboot.
That's the way i'd recommend someone who doesn't have access to an external caddy to do it.

With your broadband issue, who knows what you've deleted. Maybe try a system restore to get it back and hope it works? then boot into safe mode, install malwarebytes, delete the file(probably skype.dat) and reboot.

Then run a well known, trusted spyware to remove any leftovers.

wilddarts Registered User
#19

I got this Garda virus recently, about a week after my McAfee subscription ran out and I hadn't renewed unfortunately.

It wouldn't allow Windows to start up in any mode, but I could access Toshiba's HDD Recovery option as well as other options that didn't work, the System Restore showed no previous dates that I could revert back to. Anyway I ran the HDD recovery option as I hadn't anything of critical importance on that laptop and wouldn't be familiar with the remedies posted here.

To get the point, can anyone please tell me if my McAfee Subscription had been active (Antivirus Plus), would it have picked up this thing or do I need software that's better and probably more expensive to prevent it happening again??

Thanks in advance for any replies.

johndoe99 Registered User
#20

I've been hit a few times with that pesky Garda Ransomware, each time I've been Running AVG free edition. However a few days ago an AVG pop-up informed me that the Garda ransomware and been detected and quarantined. AVG must have finally created an update.

fryup Registered User
#21

where does this virus reside?? does it attach itself to a download? i did come across a hacked website last week was it then that i got it??

jsa112 Registered User
#22

Hard to say for sure, but I'd imagine it uses exploits in javascript or java to get in. Of course, anything you download is a potential entry point, eg: torrents etc.

wildarts, not many AV's stop, pickup or remove this virus. mcafee isn't very good in the first place though. Check out Avast, its free and excellent, and malwarebytes, and a good browser like chrome

1 person has thanked this post
RossieMan Registered User
#23

fryup said:
where does this virus reside?? does it attach itself to a download? i did come across a hacked website last week was it then that i got it??


never seen the cause of it as i've not had it myself.

and to answer the question bout Mcafee, it still gets it.
Nearly all computers i've seen have had anti-virus and it hasn't made a bit of difference. It does seem that most are now releasing updates for it, however.

fryup Registered User
#24

jsa112 said:
Hard to say for sure, but I'd imagine it uses exploits in javascript or java to get in.


websites with live webcams??

jsa112 Registered User
#25

yeah you are taking a big chance with anything like that, especially if its a pr0n/chatroulette type thing. If it asks you to install programs/toolbars then you are going to get the pc infected.

if you are suspicious of links you scan them/find out more info with these extensions

http://www.freedrweb.com/linkchecker/
https://www.mywot.com/
http://www.siteadvisor.com/

1 person has thanked this post
TheBoffin Registered User
#26

Hi,

I have wrote an article on this issue (at least I think its the same issue) - http://social.technet.microsoft.com/wiki/contents/articles/17375.work-around-for-ransomwaremoneypack-issue.aspx

RossieMan Registered User
#27

TheBoffin said:
Hi,

I have wrote an article on this issue (at least I think its the same issue) - http://social.technet.microsoft.com/wiki/contents/articles/17375.work-around-for-ransomwaremoneypack-issue.aspx


that's an awful lot of work, when there is much easier ways to get rid of it.

Want to share your thoughts?

Login here to discuss!