dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
23

NanDog
The Pup Was Female, I'M Not
Premium Member
join:2003-12-28
Bremerton, WA

NanDog to bcastner

Premium Member

to bcastner

Re: MonaRonaDona "virus"?

So has anyone yet figured out what the infection vector is? In googling about I can read about lots of folks with the issue but can't find any info about how they think they contracted this POS.

DevilFrank
join:2003-07-13

DevilFrank

Member

said by NanDog:

So has anyone yet figured out what the infection vector is? In googling about I can read about lots of folks with the issue but can't find any info about how they think they contracted this POS.
This question is still open. Do we know the way?

bcastner
MVM
join:2002-09-25
Chevy Chase, MD

1 edit

bcastner

MVM

It will likely stay open as a question for at least a while. The practice in the anti-malware research community is not to discuss the gory details.

It is a very safe bet that this infection, (as is the case with most) are actively researched. However, for good reason the results are not always publicly disclosed. Every Forum post, every AV software that detects the anomalous file, every online scanner that was used, .etc feeds into several common pools of identified questionable files and heuristic behaviors, and action is taken.

Which is why if your antivirus or other anti-malware tool has a "Community" or "Net" of some kind you have the option to join, please do so. In addition, letting the AV vendors know in their Forums about an issue that is not resolved with current definitions helps immensly. Some anti-malware programs will automatically submit over the internet questionable files for anlaysis if so configured. It is in your interest to use these resources to fight the good fight.

DevilFrank
join:2003-07-13

DevilFrank

Member

I have not a problem with this malware and I do know that "my community" is informed (»forums.microsoft.com/Win ··· SiteID=2).

But I think it is important to know which way is this malware using. Prevention is better than detection - I think.

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

2 edits

Name Game

Premium Member

said by DevilFrank:

I have not a problem with this malware and I do know that "my community" is informed (»forums.microsoft.com/Win ··· SiteID=2).

But I think it is important to know which way is this malware using. Prevention is better than detection - I think.
Yup..seems it is really getting deep out there with the UniGrapes...

»forums.microsoft.com/win ··· pageid=1

If you want a theory in Spanish try this link..

»www.psicofxp.com/forums/ ··· ona.html

If you want another vector theory..seems people who have downloaded and installed something called REGISTRYCLEANFIX2008.. a crack keygen thing.. also shows in many highjack logs along with MonaRonaDona. It might be a connection

paul newbee
@blueyonder.co.uk

paul newbee to bcastner

Anon

to bcastner
Thanks so much for ur info keep up the good work

sicilianshorty
@bresnan.net

sicilianshorty to NanDog

Anon

to NanDog
i'm wondering if it was from the registry clean fix 2008. That's when I noticed it and someone else mentioned that too.