SkyMonk

SkyMonk

This software does not change the Windows boot time.

SKYMONK.EXE
Description: SkyMonk Client SkyMonk Client 1.75
MD5= 1437FD71154B7E6E481B086587B8C684
File is not signed.
File size= 377856
Related registry changes:
HKLM\SOFTWARE\CLASSES\*\SHELL\SMONKCLI\COMMAND\: “C:\PROGRAM FILES\SKYMONK\SKYMONK.EXE “%1″”
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SKYMONK CLIENT\DISPLAYICON: “C:\PROGRAM FILES\SKYMONK\SKYMONK.EXE
HKCU\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\SKYMONK: “C:\PROGRAM FILES\SKYMONK\SKYMONK.EXE -TRAY”
GUARDMAILRU.EXE
Description: GuardMailRu Module GuardMailRu Module 1, 0, 0, 317
MD5= 998AFA5DD3F294EFEB13A6B75A5B656A
File is signed and the signature was verified.
File size= 1746496
Related registry changes:
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\GUARD.MAIL.RU.GUI: “”C:\PROGRAM FILES\MAIL.RU\GUARD\GUARDMAILRU.EXE” /GUI”
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GUARD.MAIL.RU\DISPLAYICON: “”C:\PROGRAM FILES\MAIL.RU\GUARD\GUARDMAILRU.EXE“”
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GUARD.MAIL.RU\UNINSTALLSTRING: “”C:\PROGRAM FILES\MAIL.RU\GUARD\GUARDMAILRU.EXE” /UNINSTALL”
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GUARD.MAIL.RU\IMAGEPATH: “”C:\PROGRAM FILES\MAIL.RU\GUARD\GUARDMAILRU.EXE“”
MAILRUSPUTNIK.DLL
Description: MailRuSputnik Module @Mail.Ru MailRuSputnik Module 2, 4, 0, 508
MD5= 3BA030992D9AF481025605741C400767
File is signed and the signature was verified.
File size= 1590336
Related registry changes:
HKLM\SOFTWARE\CLASSES\CLSID\{09900DE8-1DCA-443F-9243-26FF581438AF}\INPROCSERVER32\: “C:\PROGRAM FILES\MAIL.RU\SPUTNIK\MAILRUSPUTNIK.DLL
HKLM\SOFTWARE\CLASSES\CLSID\{8984B388-A5BB-4DF7-B274-77B879E179DB}\INPROCSERVER32\: “C:\PROGRAM FILES\MAIL.RU\SPUTNIK\MAILRUSPUTNIK.DLL

Removed after installation:
IEFRAME.DLL
Description: Internet Explorer Microsoft Corporation Windows® Internet Explorer 7.00.6000.16757
MD5= 9A647EB36A8D4C97A15F46CD560E98E2
File is signed and the signature was verified.
File size= 6066176
Modified during installation:

~+ [INTERNET EXPLORER] [CURRENT HOME PAGE] :HKCU START PAGE=HTTP://WWW.MAIL.RU/CNT/9514
~- [INTERNET EXPLORER] [CURRENT HOME PAGE] :HKCU START PAGE=HTTP://WWW.GOOGLE.COM/

FILES ADDED:25

C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DX3TJUNF\IMG0.IMGSMAIL.RU\R\MY\IPLAYER_SP2.SWF\FLASHCOOKIE.SOL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#IMG0.IMGSMAIL.RU\SETTINGS.SOL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MICROSOFT\PROTECT\S-1-5-21-1659004503-1708537768-1801674531-500\98FABFBE-1D27-4ED6-9FB3-384CB5D30DE6
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\SKYMONK\CONFIG.INI
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\SKYMONK\MD5CACHE.INI
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\DESKTOP\?????? ? ?????????.URL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\MAIL.RU\GOMAILRU.ICO
C:\DOCUMENTS AND SETTINGS\ALL USERS\DESKTOP\SKYMONK.LNK
C:\DOCUMENTS AND SETTINGS\ALL USERS\FAVORITES\MAIL.RU ????? – ????????? ??? ???????!.URL
C:\DOCUMENTS AND SETTINGS\ALL USERS\FAVORITES\MAIL.RU.URL
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\SKYMONK CLIENT\SKYMONK.LNK
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\SKYMONK CLIENT\UNINSTALL SKYMONK.LNK
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\{DCD48218-E972-4D0C-9E5F-43462BC13E3B}\{9BED5EE2-0547-4706-8600-D3897629ADE0}
C:\PROGRAM FILES\MAIL.RU\GUARD\GUARDMAILRU.EXE
C:\PROGRAM FILES\MAIL.RU\SPUTNIK\MAILRUSPUTNIK.DLL
C:\PROGRAM FILES\MAIL.RU\SPUTNIK\MAILRUSPUTNIK_RFRLETITBIT2_S_MPCLN9514.EXE
C:\PROGRAM FILES\MAIL.RU\SPUTNIK\SPUTNIKFLASHPLAYER.EXE
C:\PROGRAM FILES\MAIL.RU\SPUTNIK\SPUTNIKHELPER.EXE
C:\PROGRAM FILES\SKYMONK\ENGLISH.LOC
C:\PROGRAM FILES\SKYMONK\FILTER.DLL
C:\PROGRAM FILES\SKYMONK\RUSSIAN.LOC
C:\PROGRAM FILES\SKYMONK\SKYMONK.DAT
C:\PROGRAM FILES\SKYMONK\SKYMONK.EXE
C:\PROGRAM FILES\SKYMONK\UNINSTALL.EXE
C:\PROGRAM FILES\SKYMONK\UPDATE.EXE

FILES[ATTR]MODIFIED:4

C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\SETTINGS.SOL
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MICROSOFT\PROTECT\S-1-5-21-1659004503-1708537768-1801674531-500\PREFERRED
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\FEEDS CACHE\INDEX.DAT
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\TEMP\CE4CF87733651BF1F44DD1E02FC1A8E8

FOLDERS ADDED:13

C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DX3TJUNF\IMG0.IMGSMAIL.RU
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DX3TJUNF\IMG0.IMGSMAIL.RU\R
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DX3TJUNF\IMG0.IMGSMAIL.RU\R\MY
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\DX3TJUNF\IMG0.IMGSMAIL.RU\R\MY\IPLAYER_SP2.SWF
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#IMG0.IMGSMAIL.RU
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\SKYMONK
C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\LOCAL SETTINGS\APPLICATION DATA\MAIL.RU
C:\DOCUMENTS AND SETTINGS\ALL USERS\START MENU\PROGRAMS\SKYMONK CLIENT
C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\APPLICATION DATA\{DCD48218-E972-4D0C-9E5F-43462BC13E3B}
C:\PROGRAM FILES\MAIL.RU
C:\PROGRAM FILES\MAIL.RU\GUARD
C:\PROGRAM FILES\MAIL.RU\SPUTNIK
C:\PROGRAM FILES\SKYMONK

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit is required. Reviews. EULA. Privacy Policy.

Leave a Reply