Agent Trojan Removal: Remove Agent Trojan Forever

Let our support team solve your problem with Agent Trojan and repair Agent Trojan right now!

Leave the detailed description of your Agent Trojan problem in the form below. Our support team will contact you in several minutes and give a step-by-step instruction on how to fix Agent Trojan problem. Please be specific. Do your best describing the problem. This will help us recommend right and complete Agent Trojan problem removal solution.

Describe your problem here and we'll contact you in several minutes:

* Name: * E-mail: * Problem summary: * Detailed problem description:

We'll contact you in 10 minutes or less after you click on this button! Individual solution guaranteed!

Warning:

1) We hate spam as much as you do. We will not share your email with any third party or publish it anywhere. Your email is used only to contact you and give you Agent Trojan removal solution.
2) All fields of this form are obligatory.

Guaranteed Problem Solution	Threat's description and solution are developed by Security Stronghold security team. Let professionals make your problems solved now!
What is Agent Trojan? Technical details of Agent Trojan problem and Agent Trojan removal tool Methods for manual Agent Trojan removal Free download of a program that will solve your problem automatically Free instant professional support in solving Agent Trojan error from our Security Support Team

Threat's profile

	Name of the threat: Agent Trojan
	Command or file name: 123i_[1].exe
	Threat type: Spyware\trojan
	Affected OS: Win32 (Windows 9x, Windows XP, Windows Vista)

Agent Trojan intrusion method

Agent Trojan copies its file(s) to your hard disk. Its typical file name is 123i_[1].exe. Then it creates new startup key with name Agent Trojan and value 123i_[1].exe. You can also find it in your processes list with name 123i_[1].exe or Agent Trojan.

If you have further questions about Agent Trojan, please fill in the form above and we'll contact you shortly.

» Download program to remove Agent Trojan (Agent Trojan Removal Tool)

Recommended Solution

If you are not sure what to delete, use our award winning program - Agent Trojan Removal Tool.

Agent Trojan Removal Tool will find and fully remove Agent Trojan and all problems associated with Agent Trojan virus.

Fast, easy, and handy, Agent Trojan Removal Tool protects your computer against Agent Trojan that does harm to your computer and breaks your privacy. Agent Trojan Removal Tool scans your hard disks and registry and destroys any manifestation of Agent Trojan. Standard anti-virus software can do nothing against malicious programs like Agent Trojan. Remove Agent Trojan straight away!

» Download Agent Trojan Removal Tool now for free

How to fix Agent Trojan

This problem can be solved manually by deleting all registry keys and files connected with Agent Trojan, removing it from starup list and unregistering all corresponding DLLs. Additionally missing DLL's should be restored from distribution in case they are corrupted by Agent Trojan.

To get rid of Agent Trojan, you should:

1. Kill the following processes and delete the appropriate files:

• 123_[1].dll
• 123_[1].exe
• 2236_27.dll
• adv_1[1].exe
• clcbt.exe
• colainfo[1].txt
• ddhjp32.dll
• di.exe
• dsrss.exe
• dsrss[1].exe
• hs[1].txt
• ib15.dll
• ib15[1].dll
• ieserver[1].exe
• ipconfigs.exe
• ipv6monl.dll
• kiil.hta
• msits.exe
• pstore_070419_104842.txt
• Sgp.exe
• sihjp32.exe
• sshjp32.exe
• svchosts.exe
• unsvchosts.lzma
• update32.exe
• uvcx.exe
• windhcp
• windhcp.ocx
• winsys.hta
• wins[1].exe
• winv6drv.exe
• winv6drv[1].exe

Warning: you should delete only those files which checksums are listed as malicious. There may be valid files with the same names in your system. We recommend you to use Agent Trojan Removal Tool for safe problem solution.

2. Delete the following malicious folders:

• C:\Windows\System\drv32dta\

3. Delete the following malicious registry entries and\or values:

• Key: Software\ewrew

• Key: Software\ewrew\adv_1[1]

• Key: Software\ewrew\adv_1[1]\main
  Value: cid

• Key: Software\ewrew\uvcx

• Key: Software\ewrew\uvcx\main
  Value: cid

• Key: AppID\{36DBC179-A19F-48F2-B16A-6A3E19B42A87}

• Key: CLSID\{36DBC179-A19F-48F2-B16A-6A3E19B42A87}

• Key: CLSID\{36DBC179-A19F-48F2-B16A-6A3E19B42A87}\InprocServer32

• Key: SOFTWARE\Classes\CLSID\{36DBC179-A19F-48F2-B16A-6A3E19B42A87}\InprocServer32
  Value: ThreadingModel

• Key: SOFTWARE\Classes\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}

• Key: SOFTWARE\Classes\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}\3.0

• Key: SOFTWARE\Classes\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}\3.0\FLAGS

• Key: SOFTWARE\Classes\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}\3.0\0

• Key: SOFTWARE\Classes\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}\3.0\0\win32

• Key: SOFTWARE\Classes\TypeLib\{14A5F3E7-B235-4D98-9264-5C67D2657BC4}\3.0\HELPDIR

• Key: Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}

• Key: SOFTWARE\Classes\Interface\{0A51D436-5C4D-4A56-98D1-FCDA488CE240}

• Key: SOFTWARE\Classes\Interface\{0A51D436-5C4D-4A56-98D1-FCDA488CE240}\ProxyStubClsid

• Key: SOFTWARE\Classes\Interface\{0A51D436-5C4D-4A56-98D1-FCDA488CE240}\ProxyStubClsid32

• Key: SOFTWARE\Classes\Interface\{0A51D436-5C4D-4A56-98D1-FCDA488CE240}\TypeLib
  Value: Version

• Key: SOFTWARE\Classes\Interface\{0A51D436-5C4D-4A56-98D1-FCDA488CE240}\

• Key: CLSID\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}

• Key: CLSID\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}\Implemented Categories

• Key: CLSID\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}\Programmable

• Key: CLSID\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}\Implemented Categories\{40FC6ED5-2438-11CF-A3DB-080036F12502}

• Key: SOFTWARE\Classes\CLSID\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}\

• Key: SOFTWARE\Classes\CLSID\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}\ProgID

• Key: SOFTWARE\Classes\CLSID\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}\InprocServer32
  Value: ThreadingModel

• Key: SOFTWARE\Classes\CLSID\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}\InprocServer32\

• Key: SOFTWARE\Classes\CLSID\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}\TypeLib

• Key: SOFTWARE\Classes\CLSID\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}\VERSION

• Key: SOFTWARE\Classes\CLSID\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69}

• Key: ib15_1.CBrowserHelper

• Key: SOFTWARE\Classes\ib15_1.CBrowserHelper\

• Key: SOFTWARE\Classes\ib15_1.CBrowserHelper\Clsid

• Key: SOFTWARE\Classes\ib15_1.CBrowserHelper

• Key: Interface\{0A51D436-5C4D-4A56-98D1-FCDA488CE240}

• Key: SYSTEM\CurrentControlSet\Control\InitRegKey\admin\

• Key: SYSTEM\CurrentControlSet\Control\InitRegKey

• Key: SYSTEM\CurrentControlSet\Control\InitRegKey\geoinfo

• Key: SYSTEM\CurrentControlSet\Control\InitRegKey\admin

• Key: SYSTEM\CurrentControlSet\Control\InitRegKey\admin\soft

• Key: Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
  Value: {2C1CD3D7-86AC-4068-93BC-A02304BB8C34}

• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbjt32
  Value: DllName

• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbjt32
  Value: Startup

• Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbjt32
  Value: Shutdown

• Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbjt32
  Value: DllName

• Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbjt32
  Value: Startup

• Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winbjt32
  Value: Shutdown

• Key: Software\Microsoft\Windows NT\CurrentVersion\Windows
  Value: AppInit_DLLs

• Key: Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
  Value: {2C1CD3D7-86AC-4068-93BC-A02304BB2236}

• Key: Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad
  Value: DCOM Server 2236

• Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensSrv
  Value: StartShell

• Key: Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensSrv
  Value: DllName

• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes

• Key: System\CurrentControlSet\Services\Client IP-IPX
  Value: ImagePath

• Key: Software\Microsoft\Windows\CurrentVersion\Explorer\Run
  Value: {74306DB1-089F-1033-1203-0500002}

• Key: SYSTEM\ControlSet001\Control\InitRegKey
  Value: initURLHTTP

• Key: SYSTEM\ControlSet001\Control\InitRegKey
  Value: initWWW4FTPupdate

• Key: SYSTEM\ControlSet001\Control\InitRegKey
  Value: initWWW4FTPbackup

• Key: SYSTEM\ControlSet001\Control\InitRegKey
  Value: initWWW4FileRedir

• Key: SYSTEM\ControlSet001\Control\InitRegKey\admin
  Value: staticloaderver

• Key: SYSTEM\ControlSet001\Control\InitRegKey\admin
  Value: proxy

• Key: SYSTEM\ControlSet001\Control\InitRegKey\admin
  Value: soft

• Key: SYSTEM\ControlSet001\Control\InitRegKey\admin
  Value: ftpaddress

• Key: SYSTEM\ControlSet001\Control\InitRegKey\admin
  Value: ftpport

• Key: SYSTEM\ControlSet001\Control\InitRegKey\admin
  Value: ftplogin

• Key: SYSTEM\ControlSet001\Control\InitRegKey\admin
  Value: ftppassword

• Key: SYSTEM\ControlSet001\Control\InitRegKey\admin\soft
  Value: i4678296c

• Key: SYSTEM\ControlSet001\Control\InitRegKey\admin\soft
  Value: i1136587c

• Key: SYSTEM\ControlSet001\Control\InitRegKey\mod
  Value: jpeg

• Key: SYSTEM\ControlSet001\Control\InitRegKey
  Value: initSmss

• Key: SYSTEM\ControlSet001\Control\InitRegKey
  Value: initAnyFile2AllNumber

• Key: SYSTEM\ControlSet001\Control\InitRegKey
  Value: initInstalled

• Key: SYSTEM\ControlSet001\Control\InitRegKey
  Value: initCount

• Key: SYSTEM\ControlSet001\Control\InitRegKey
  Value: initNotAlive

• Key: SYSTEM\ControlSet001\Control\InitRegKey
  Value: initID

• Key: SYSTEM\ControlSet001\Control\InitRegKey\geoinfo
  Value: iso

• Key: SYSTEM\ControlSet001\Control\InitRegKey\geoinfo
  Value: country

• Key: SYSTEM\ControlSet001\Control\InitRegKey\geoinfo
  Value: region

• Key: SYSTEM\ControlSet001\Control\InitRegKey\geoinfo
  Value: city

• Key: SYSTEM\ControlSet001\Control\InitRegKey\geoinfo
  Value: latitude

• Key: SYSTEM\ControlSet001\Control\InitRegKey\geoinfo
  Value: longitude

• Key: SYSTEM\ControlSet001\Control\InitRegKey\geoinfo
  Value: ip

• Key: Software\Microsoft\Internet Explorer\Main
  Value: Use Search Asst

• Key: Software\Microsoft\Internet Explorer\Search
  Value: CustomizeSearch

• Key: Software\Microsoft\Internet Explorer\Search
  Value: SearchAssistant

• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix

• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes
  Value: Prefixes

• Key: SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes
  Value: www

• Key: SOFTWARE\Microsoft\Internet Explorer\Main
  Value: Default_Page_URL

• Key: SOFTWARE\Microsoft\Internet Explorer\Main
  Value: Search Bar

• Key: SOFTWARE\Microsoft\Internet Explorer\Main
  Value: Search Page

• Key: SOFTWARE\Microsoft\Internet Explorer\Main
  Value: Start Page

• Key: Software\Microsoft\Internet Explorer\Main
  Value: Default_Page_URL

• Key: Software\Microsoft\Internet Explorer\Main
  Value: Search Bar

• Key: Software\Microsoft\Internet Explorer\Main
  Value: Search Page

• Key: Software\Microsoft\Internet Explorer\Main
  Value: Start Page

Warning: If value is listed for some registry entries, you should only clear these values and leave keys with such values untouched. We recommend you to use Agent Trojan Removal Tool for safe problem solution.

Here are the descriptions of problems connected with Agent Trojan and 123i_[1].exe we received earlier:

TRUE SWORD WONT REMOVE A TROJAN

Problem Summary: TRUE SWORD WONT REMOVE A TROJAN
YOU CLAIME THIS PRODUCT WILL REMOVE THIS PROBLE ALL I AM GETTING IS AN AUTO RESPONSE WHY

Next threat: Agent ZH Trojan »

Learn more about Agent Trojan and 123i_[1].exe »

« Back to catalog