currently not at my house, so i only have one file right now to add ok, well i know how everybody hates the malware and spyware issues when they get on the Computer, so i have in my time working on PCs, i have rounded up some info about a few of these nasty little buggers and here to share how to remove them ok, if anyone else info they would like to add about any buggers they have run into and i will be happy to add them. make sure to have at least this much on the removal process: Name of spy or malware class type: spyware, malware, combo brief description how to remove registry & folders have to boot up safe mode ok, here goes: Info: Name: Antivirus Scan Class Type: Malware Safe-mode: Yes brief detail info: this nasty little SOB sneaks in when you update the PC and reboot it, it acts like the Microsoft AV scanner you can download from the site and this bugger would go unnoticed until you reboot the PC and when you do, that is it, you have to manually turn off the pc, so you can get into safe mode, you can't tell you have this backstabber til its too late. remover process: Spoiler Antivirus Scan creates the following files and folders C:\Documents and Settings\Administrator\Local Settings\Temp\{RANDOM}\ C:\Documents and Settings\Administrator\Local Settings\Temp\{RANDOM}\{RANDOM}.exe Antivirus Scan creates the following registry keys and values HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter | “Enabled†= “0″ HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | “ProxyOverride†= “†HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | “ProxyServer†= “http=127.0.0.1:30215″ HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | “ProxyEnable†= “1″ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | {RANDOM} HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | {RANDOM}
