Severity scale:  

Pony virus. How to remove? (Uninstall guide)

removal by Jake Doevan - -   Also known as Pony | Type: Trojans

Pony virus – a dangerous malware that can harvest personal data

Pony virus
Pony virus - a malicious program that seeks to steal personal information and use it for illegal purposes

Pony virus is a trojan that infiltrates computers using deceptive techniques, such as fake Adobe Flash updates,[1] The HoeflerText Font Wasn't Found scam, spam emails, or as a drive-by download.[2] As soon as the user initiates the code, it loads Pony Loader into Windows, which is the main executable of malware (it is automatically terminated after the execution). The malicious application has one goal – to steal sensitive information and send it to hacker's hands. While losing personal data to cybercrooks is quite devastating, dealing with additional malware downloaded by Pony virus can be frustrating, to say the least.

Name Pony virus
Type Trojan
Main functionality Steals personal data and sends it to hackers
Main dangers Money loss and additional malware infections
Symptoms Rarely any, although users might experience system or software crashes
Distribution Fake Adobe Flash updates, spam emails, The HoeflerText Font Wasn't Found scam, etc.
Elimination Use anti-spyware software like Reimage or Plumbytes Anti-MalwareNorton Internet Security

Pony virus was designed in order to steal personal passwords that are saved on more than a hundred apps and social media, games, banking and other accounts. As soon as the data is harvested, it is sent to Command & Control Server – a remote server that is only accessible to the attackers. This is precisely how ransomware infection behaves when it tries to send the generated key to criminals.

Similarly to ransomware, Pony virus has only one goal – to retrieve money from unsuspecting victims illegally. For example, stolen banking credentials can be used to access users' money directly. Additionally, any other personal data (such as name, address, email, Social Security number, driver's license number, etc.) can be sold on the Dark Web or used for identity theft. As you can see, the consequences can be catastrophic. To prevent malware from causing more harm, you should remove Pony virus ASAP.

Another terrifying trait of Pony virus is that it is connected to a botnet[3] which can make the targeted computer into malicious malware spreading tool. For example, the infamous Rustock botnet was capable of sending out 192 phishing emails per compromised PC per minute. And of course, the more people click on the contaminated attachment, the more infected machines distribute malware automatically.

Furthermore, Pony virus serves as a backdoor to other malware. It is not uncommon for trojans to distribute ransomware. For example, one of the most prominent botnets – Necrus – is delivering such treats as Locky or GlobeImposter. These malicious applications are capable of completely locking up personal files and demanding a ransom to be paid in Bitcoin or another crypto.

Pony virus is also capable stealing of digital wallets that contain cryptocurrency. According to reports,[4] the malware targets different currencies, such as Bitcoin, Litecoin, and others. Victims are known to suffer more than $220,000 in damages caused by Pony trojan.

If you suspect that you could be infected with the malware (for example, you recently opened a suspicious attachment in the spam email), make sure you scan your computer using Reimage, Plumbytes Anti-MalwareNorton Internet Security or other reliable anti-malware software. This action will guarantee a prompt Pony virus removal.

Ways trojans can enter machines

Trojans can be attached to almost anything: free games, illegal programs, malicious browser plug-ins, and other questionable software. Such programs are a perfect distribution mechanism for viruses, so there is no surprise that hackers are usually using them for spreading their threats around.

How could you avoid malware? First of all, make sure you don't download any executables (they might be disguised under different extensions, such as .pdf, .html, .scr, etc.) from spam emails. Clicking links inside questionable messages would result in the infection as well. Therefore, make sure the email you are viewing is legitimate and comes from the person it is supposed to be.

When downloading and installing programs, it is advised to do a small research about them and check how your desired program is reviewed online. You should look for comments and similar reviews that could let you know about the trustworthiness of the application. Also, make sure you avoid fraudulent websites that might be filled with misleading/illegal/malicious content.

For users who are using digital currencies, security experts[5] strongly advice to store them in safe and encrypted e-wallets. In this case, the best solution would be choosing an offline storing device that guarantees better protection.

Finally, install powerful anti-spyware that is capable of preventing infiltration of such threats like this one. If you think that the virus has already infiltrated your computer and now is trying to steal your money, you should follow the guidelines below and check the system for this virus.

Ways to remove Pony virus

Pony virus removal should be your top priority, as it can cause more damage as the time goes on (e.g., additional malware infiltration). Therefore, download and install reputable security software an perform a full system scan. We recommend using Reimage or Plumbytes Anti-MalwareNorton Internet Security, as these security applications are capable of detecting malware and eliminating all its tracers on the computer.

Security experts do not recommend trying to remove Pony virus manually. Such action can lead to severe damage to system files and will ultimately fail to get rid of the malicious application entirely. Only trained IT professionals are capable of such action.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use. By Downloading any provided Anti-spyware software you agree to our privacy policy and agreement of use.
do it now!
Reimage (remover) Happiness
Reimage (remover) Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to remove virus damage. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.
More information about this program can be found in Reimage review.

If you decided to select another anti-spyware, uninstall Reimage from your computer.
Press mentions on Reimage
Alternate Software
Alternate Software

To remove Pony virus, follow these steps:

Remove Pony using Safe Mode with Networking

To disable the Pony virus safely, enter Safe Mode with networking:

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove Pony

    Log in to your infected account and start the browser. Download Reimage or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete Pony removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove Pony using System Restore

You can also use System Restore for malware elimination:

  • Step 1: Reboot your computer to Safe Mode with Command Prompt

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of Pony. After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with Reimage and make sure that Pony removal is performed successfully.

About the author

Jake Doevan
Jake Doevan - Computer technology expert

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Jake Doevan
About the company Esolutions


Removal guides in other languages