MagicControl Description:

MagicControl is a commercial trojan from dialer manufacturer Electronic Group (eGroup). It seems to contain code aimed at avoiding personal firewall software installed on the local machine.

MagicControl/MC : versions 1.0.1.0 to 1.0.1.4, stored in a folder called 'mc' in the Windows folder.

MagicControl/Wintrim : versions 1.0.1.5 to 1.0.2.7; folder is now called 'wintrim'.

MagicControl/Wincomp : version 1.0.2.8; folder is called 'wincomp'.

MagicControl/Winmgts : version 1.0.2.9; folder is called 'winmgts'.

Also known as: The Wintrim variant is detected as Persis by F-Secure anti-virus. The Wintrim and Wincomp variants are detected as TROJ_WINTRIM.A by Trend anti-virus.

MagicControl Automatic Removal:

Using Spyware Doctor to detect and remove MagicControl AUTOMATICALLY!

MagicControl Manual Removal:

Open a DOS command prompt window (from Start->Programs->Accessories) and enter the following commands. For the MC variant:

Or, for the Wintrim variant:

Or, for the Wincomp variant:

Or, for the Winmgts variant:

Next, open the registry (click 'Start', choose 'Run' and enter 'regedit'), and find the key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run. Delete the 'cpntmgc' entry.

Restart the computer and you should be able to delete the entire 'mc', 'wintrim' or 'wincomp' folder inside the Windows folder, and the 'msegcompid.dll' file from the System folder (inside the Windows folder; called 'System32' on Windows NT, 2000 and XP).

You can delete the 'iexplore' folder in Program Files, too ( not 'Internet Explorer', which is the real IE program folder). Also check to see if you have IEAccess loaded and/or the eGroup certificate in your IE Trusted Publishers list.

More Removal Instructions for Adware/Spyware Programs - 'M'