W32.Solow - Description  Browse by name    | misc | a | b | c | d | e | f | g | h | i | j | k | l | m | n | o | p | q | r | s | t | u | v | w | x | y | z | Description: W32.Solow is a worm that attempts to spread via removable storage drives and copies itself as exe files with various names. Alias: Category: Worm Automatic Removal: Most effective removal tool is: Easy SpyRemover Manual Removal: Stop Runnin Processes: %Windir%\pchealth\helpctr\binaries\msconfig.exe %Windir%\regedit.exe %System%\cmd.exe %System%\systeminit.exe %System%\taskmgr.exe %System%\wininit.exe %System%\winsystem.exe Unregister DLLs: Clean Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"wininit" = "%System%\wininit.exe" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\"Userinit" = "%System%\systeminit.exe" HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Window Title" = "Hacked by 1BYTE" HKEY_CURRENT_USER\Software\Microsoft\"nFlag" = "[NUMBER OF TIMES SCRIPT HAS RUN]" HKEY_CURRENT_USER\Software\Microsoft\"ServicePack" = "1.2" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\"SearchHidden" = "0" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\"SeachSystemDirs" = "0" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoDriveTypeAutoRun" = "0" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoFolderOptions" = "1" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"Hidden" = "1" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"HildeFileExt" = "1" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"ShowSuperHidden" = "0" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\"SuperHidden" = "1" HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\"Start" = "1" HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\"NoFolderOptions" = "1" Remove Files: %Windir%\pchealth\helpctr\binaries\msconfig.exe %Windir%\regedit.exe %System%\cmd.exe %System%\systeminit.exe %System%\taskmgr.exe %System%\wininit.exe %System%\winsystem.exe %SystemDrive%\kerneldrive.exe %SystemDrive%\autorun.inf		Latest Spyware Threats     Comodo Trust Toolbar     XP Antispyware 2009     Antivirus 2010     Freview     RegistryGreat     XPAntivirus     Windows Antivirus 2008     IE AntiVirus     SpywareQuake 4     Antivirus XP     SecurePCCleaner     Trojan.FakeAlert More...