Malware Removal: Monikey Removal

Monikey is a rapidly spreading Internet worm, which propagates by e-mail and through file sharing networks.

Once executed, Monikey silently installs itself to the system and runs a spreading routine. The parasite searches certain files for e-mail addresses and sends messages containing malicious links that install the worm to all the addresses collected. Most texts in such letters are written in Russian. Monikey also creates infected files with meaningful names in shared folders of installed peer-to-peer applications.

The worm's payload is comprised of several harmful functions. Monikey blocks access to the most popular security-related web sites and runs an integrated trojan designed to steal user confidential information. This threat collects passwords, login names and other user sensitive data and sends it out by e-mail.

Monikey automatically runs on every Windows startup.

Related files: chkdskw.exe, mstcpmon.exe, sfc32.exe, itstore.dll, karnal32.dll, mslogon.dll, mswshell.dll

Monikey properties:
Sends out logs by FTP or email
Hides from the user
Stays resident in background Remove Monikey, removal instructions

Linked by shanmuga Friday, 4th November 2005 1:32PM