I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
ET54FG.SYS – Trojan Agent removal
| File | MD5 | Virus Alias |
|---|---|---|
| ET54FG.SYS | 405abc02ff29846af95ccf9711038601 | Trojan Agent |
| ET54FG.SYS | 405abc02ff29846af95ccf9711038601 | Trojan PcClient |
| ET54FG.SYS | 405abc02ff29846af95ccf9711038601 | Trojan Generic |
| ET54FG.SYS | 405abc02ff29846af95ccf9711038601 | Backdoor PcClien |
ET54FG.SYS size: 7168 bytes
ET54FG.SYS hash: 405ABC02FF29846AF95CCF9711038601
Created files:
%WinDir%\system.exe
%SysDir%\et54fg.sys
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\et54fg\Type: 01000000
HKLM\System\CurrentControlSet\Services\et54fg\Start: 03000000
HKLM\System\CurrentControlSet\Services\et54fg\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\et54fg\DisplayName: et54fg
HKLM\System\CurrentControlSet\Services\et54fg\ImagePath: %WinDir%\System32\et54fg.sys
HKLM\System\CurrentControlSet\Services\Messenger\Start: 04000000
HKLM\System\CurrentControlSet\Services\RemoteRegistry\Start: 04000000
HKLM\System\CurrentControlSet\Services\Systemboot\Type: 10010000
HKLM\System\CurrentControlSet\Services\Systemboot\Start: 02000000
HKLM\System\CurrentControlSet\Services\Systemboot\DisplayName: Systemboot
HKLM\System\CurrentControlSet\Services\Systemboot\ImagePath: “%WinDir%\System.exe”
HKLM\System\CurrentControlSet\Services\TlntSvr\Start: 04000000
HKLM\System\CurrentControlSet\Services\wscsvc\Start: 04000000
Detected by UnHackMe:
ET54FG.SYS
Default location: %SYSDIR%\ET54FG.SYS
Dropper information:
MD5: c5b6a1fa33e1c69c507a2fd657aafad2
File size: 97171 bytes