Solved! Use MSEWT32.EXE (Trojan Agent) Removal Guide

I recommend you UnHackMe - Ultimate Malware Killer for fast malware removal:

Download UnHackMe
Fully Functional 30-day Trial. No credit card is required. Reviews. EULA. Privacy Policy.

MSEWT32.EXE – Trojan Agent removal

File MD5 Virus Alias
MSEWT32.EXE 144b70f1ba9a62a7d088fcd869beec06 Trojan Agent
MSEWT32.EXE 144b70f1ba9a62a7d088fcd869beec06 Trojan Small

MSEWT32.EXE size: 363251 bytes
MSEWT32.EXE hash: 144B70F1BA9A62A7D088FCD869BEEC06

Created files:

%WinDir%\spoolsv.exe
%SysDir%\concp32.exe
%SysDir%\explorer.exe
%SysDir%\msewt32.exe
%SysDir%\vcl32.exe

Autostart registry keys:

HKLM\Software\Microsoft\Active Setup\Installed Components\{E4883584-8B9A-11D5-EBA1-F78EEEEEE983}\StubPath: msewt32.exe
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\VCL: vcl32.exe
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\VCL: vcl32.exe

Detected by UnHackMe:

MSEWT32.EXE
Default location: %SYSDIR%\MSEWT32.EXE

Dropper information:
MD5: 63aa27ddf2e794d5f8214b57b570ba91
File size: 354717 bytes

Leave a Reply