I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:
Free Download Fully Functional 30-day Trial. No credit card is required.
Reviews. EULA. Privacy Policy. Uninstall.
IAGZFC.DLL – Trojan PcClient removal
| File | MD5 | Virus Alias |
|---|---|---|
| IAGZFC.DLL | 90edb6a699aa5b50551865b2e19019cf | Trojan PcClient |
| IAGZFC.DLL | 90edb6a699aa5b50551865b2e19019cf | Trojan Eldorado |
| IAGZFC.DLL | 90edb6a699aa5b50551865b2e19019cf | Trojan Vundo |
| IAGZFC.DLL | 90edb6a699aa5b50551865b2e19019cf | Backdoor PcClien |
| IAGZFC.DLL | 90edb6a699aa5b50551865b2e19019cf | Trojan Agent |
IAGZFC.DLL size: 95880 bytes
IAGZFC.DLL hash: 90EDB6A699AA5B50551865B2E19019CF
Created files:
%SysDir%\drivers\iagzfc.sys
%SysDir%\iagzfc.dll
Autostart registry keys:
HKLM\System\CurrentControlSet\Services\yguenhze\Type: 01000000
HKLM\System\CurrentControlSet\Services\yguenhze\Start: 02000000
HKLM\System\CurrentControlSet\Services\yguenhze\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\yguenhze\DisplayName: yguenhze
HKLM\System\CurrentControlSet\Services\yguenhze\ImagePath: %WinDir%\System32\drivers\iagzfc.sys
HKLM\System\CurrentControlSet\Services\zguenh\Type: 10010000
HKLM\System\CurrentControlSet\Services\zguenh\Start: 02000000
HKLM\System\CurrentControlSet\Services\zguenh\ErrorControl: 01000000
HKLM\System\CurrentControlSet\Services\zguenh\DisplayName: zguenh
HKLM\System\CurrentControlSet\Services\zguenh\ImagePath: %WinDir%\System32\svchost.exe -k zguenh
HKLM\System\CurrentControlSet\Services\zguenh\Description: Microsoft .NET Framework TPM
HKLM\System\CurrentControlSet\Services\zguenh\Parameters\ServiceDll: 2500530079007300740065006D0052006F006F00740025005C00530079007300740065006D00330032005C006900610067007A00660063002E0064006C006C000000
Detected by UnHackMe:
IAGZFC.DLL
Default location: %SYSDIR%\IAGZFC.DLL
Dropper information:
MD5: 1b860d2865bc0a4eca7cd0234bf74cc6
File size: 65119 bytes