I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
CHENCKSZ.EXE – Trojan Agent removal
| File | MD5 | Virus Alias |
|---|---|---|
| CHENCKSZ.EXE | a5082b7ef68cbb6adc7ecfbe45190871 | Trojan Agent |
CHENCKSZ.EXE size: 40960 bytes
CHENCKSZ.EXE hash: A5082B7EF68CBB6ADC7ECFBE45190871
Created files:
%TEMP%\IXP000.TMP\big5hz.ov1
%TEMP%\IXP000.TMP\chenbfck.exe
%TEMP%\IXP000.TMP\chenbmxg.exe
%TEMP%\IXP000.TMP\chencksz.exe
%TEMP%\IXP000.TMP\chendhz.chh
%TEMP%\IXP000.TMP\chengbk.ovl
%TEMP%\IXP000.TMP\chenhfck.exe
%TEMP%\IXP000.TMP\chenhu5.com
%TEMP%\IXP000.TMP\chenjfk.ov1
%TEMP%\IXP000.TMP\chenpymb.ov1
%TEMP%\IXP000.TMP\chenskfh.chh
%TEMP%\IXP000.TMP\chenszsj.chh
%TEMP%\IXP000.TMP\chenxf.exe
%TEMP%\IXP000.TMP\chenznwb.exe
%TEMP%\IXP000.TMP\chgbkbh.chh
%TEMP%\IXP000.TMP\chszsj01.chh
%TEMP%\IXP000.TMP\chszsj02.chh
%TEMP%\IXP000.TMP\chszsj03.chh
%TEMP%\IXP000.TMP\chszsj04.chh
%TEMP%\IXP000.TMP\chszsj43.chh
%TEMP%\IXP000.TMP\chszsj44.chh
%TEMP%\IXP000.TMP\chword.chh
%TEMP%\IXP000.TMP\cwb.ov1
%TEMP%\IXP000.TMP\install.exe
%TEMP%\IXP000.TMP\uwb.chh
Autostart registry keys:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\wextract_cleanup0: rundll32.exe %WinDir%\System32\advpack.dll,DelNodeRunDLL32 “%TEMP%\IXP000.TMP\”
Detected by UnHackMe:
CHENCKSZ.EXE
Default location: %TEMP%\IXP000.TMP\CHENCKSZ.EXE
Dropper information:
MD5: 070e7ce419754d2d54ac99e5861ceed6
File size: 1078272 bytes