Quantcast
Channel: How to Remove Malware
Viewing all articles
Browse latest Browse all 38585

CHUNKVNC.EXE is Backdoor Delf.jfq

$
0
0

The program CHUNKVNC.EXE is used for hidden penetration into PC and its remote administration.
UnHackMe is recommended as a reliable program for solving the problem with CHUNKVNC.EXE.
Download for free: http://www.unhackme.com

Malware Analysis of CHUNKVNC.EXE
Full path on a computer: %Program Files%\ChunkVNC\ChunkVNC.exe

Detected by UnHackMe:

CHUNKVNC.EXE
Default location: %Program Files%\ChunkVNC\ChunkVNC.exe

Removal Results: Success
Number of reboot: 1

CHUNKVNC.EXE is known as:

Backdoor.Delf.jfq, W32.Harakit.D.worm

CHUNKVNC.EXE hash:

  • MD5: 13ce13417d83a7325b9302221f921eea
The file tries to connect to the dangerous web site.
How to quickly detect CHUNKVNC.EXE presence?
Registry:
  • HKLM\System\CurrentControlSet\Services\uvnc_service\ImagePath: “”%Program Files%\ChunkVNC\InstantSupportVNC.exe” -service”
  • HKLM\System\CurrentControlSet\Services\uvnc_service\DisplayName: “uvnc_service”
  • HKLM\System\CurrentControlSet\Services\uvnc_service\ObjectName: “LocalSystem”
  • HKLM\System\CurrentControlSet\Services\uvnc_service\Description: “Provides secure remote desktop sharing”
Folders:
  • %Program Files%\ChunkVNC
Files:
  • %Common Desktopdirectory%\Desinstalar Soporte.lnk
  • %Program Files%\ChunkVNC\cad.exe
  • %Program Files%\ChunkVNC\ChunkVNC.exe
  • %Program Files%\ChunkVNC\chunkvnc.ini
  • %Program Files%\ChunkVNC\InstantSupportVNC.exe
  • %Program Files%\ChunkVNC\logo.jpg
  • %Program Files%\ChunkVNC\MSRC4Plugin.dsm
  • %Program Files%\ChunkVNC\rc4.key
  • %Program Files%\ChunkVNC\schook.dll
  • %Program Files%\ChunkVNC\ultravnc.ini


Viewing all articles
Browse latest Browse all 38585

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>