W32.Solow - Description  Browse by name    | misc | a | b | c | d | e | f | g | h | i | j | k | l | m | n | o | p | q | r | s | t | u | v | w | x | y | z | Description: W32.Solow is a worm that attempts to spread via removable storage drives and copies itself as exe files with various names. Alias: Category: Worm Automatic Removal: Most effective removal tool is: Easy SpyRemover Manual Removal: Stop Runnin Processes: %Windir%\pchealth\helpctr\binaries\msconfig.exe %Windir%\regedit.exe %System%\cmd.exe %System%\systeminit.exe %System%\taskmgr.exe %System%\wininit.exe %System%\winsystem.exe Unregister DLLs: Clean Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"wininit" = "%System%\wininit.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Userinit" = "%System%\systeminit.exe" HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Window Title" = "Hacked by 1BYTE" HKEY_CURRENT_USER\Software\Microsoft\"nFlag" = "[NUMBER OF TIMES SCRIPT HAS RUN]" HKEY_CURRENT_USER\Software\Microsoft\"ServicePack" = "1.2" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\"SearchHidden" = "0" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\"SeachSystemDirs" = "0" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoDriveTypeAutoRun" = "0" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoFolderOptions" = "1" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"Hidden" = "1" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"HildeFileExt" = "1" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"ShowSuperHidden" = "0" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"SuperHidden" = "1" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\"Start" = "1" HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoFolderOptions" = "1" Remove Files: %Windir%\pchealth\helpctr\binaries\msconfig.exe %Windir%\regedit.exe %System%\cmd.exe %System%\systeminit.exe %System%\taskmgr.exe %System%\wininit.exe %System%\winsystem.exe %SystemDrive%\kerneldrive.exe %SystemDrive%\autorun.inf		Latest Spyware Threats     Rapid Antivirus     RealAV     PC MightyMax     Internet Antivirus Pro     Expert Antivirus 2009     Spy Guard 2008     Spyware Guard 2009     MicroAV Security Center     Sagipsul     Comodo Trust Toolbar     XP Antispyware 2009     Antivirus 2010 More...