DON'T.
Okay, if you already downloaded it, chances are you might have experienced an annoying pop-up in the corner of your screen regarding MonaRonaDona and the fact it is a virus. Apparently someone is pissed about something regarding human rights and they decided what better way to protest a "Human Rights Violation" than to annoy the living crap out of innocent computer users who thought it may have been a good idea to download software that would clean up their Registry.
The repercussions of this virus so far are:
1) lack of use of Taskmanager - a messageBox pops up stating you don't have Administrator privileges (even though you probably very well are the Administrator)
2) Start Button doesn't say "Start" in it. My Start button still works although I've heard reports that some have lost the use of their Start button.
3) Lack of use of Regedit - Type "regedit" in the run prompt and you get a window that flashes on for a fraction of a second then doesn't take. You can access regedit in safe mode. For a while. It eventually made it to operate the same as my TaskManager where Admin privileges were needed For a list of files to look for in the registry see the first link below.
4) Internet Explorer title bar has the website name plus " - MonaRonaDona" . Inadvertantly, your homepage is now going to be a wikipedia site about Human Rights. I do't know what happened that got the author(s) of this virus so riled up but they really have some social issue they're pounding.
UPDATE IN BOLD
Here's what I did:
-Delete SRVSPOOL.exe from Start/Programs/Startup
(I had to do it in safe mode)
-Check "C:\Windows\pss" for SRVSPOOL.exeConfigureStartup or something similar. Delete it of course.
-Edit your Registry. See sites below for tips and steps on that process.
Here are some sites I found useful in my hunt for eradicating this beast:
xp-vista site
A step by step process for XP or Vista users
Specifically about Task Manager
There are probably other sites but I found this useful for how to get Taskmanager working again
About Regedit
I found this tip particularly useful because it sets disableRegistryTools to false
As of yesterday (March 9, 2008, about 5pm EST)I finally got myself rid of the virus and it's lingering effects. It is possible that others have different experiences with what the virus wants to do. I've mentioned my symptoms. I didn't open too many of my other programs because I figured if the virus changes registry values particular to Office or something, I would rather not hunt for those values.
May you not get malicious viruses
.:Sween:.
No comments:
Post a Comment