Do you hate those programmes which tell you that you have 000's of viruses and it takes you to a payment site to buy the software to remove the viruses? This is probably scare-ware, a program which tells you about fake viruses so they can get money out of you. Don't do it! Try following these steps below.
Most scare ware software cant run in safe mode these days because Microsoft has increased their security on the core operating system (if you've done your updates)
Therefore, its relatively easy to remove malicious programmes as they all have an entry in the windows start-up list.
(there are two locations in the registry, your users run list and the machines run list). Deleting stuff from the registry is not recommended especially if you've never heard about the run folders before. Instead, spy bot advanced tools has a user interface to disable stuff for you.
First, you need to get yourself into safe mode (with networking support… you want to be able to download spybot.) To do this, switch off your PC, and start it up whilst hammering F8. Eventually you will see a screen giving you the option to enter safe mode with networking.
Get yourself logged into windows, and download and spybot, available here: http://www.safer-networking.org/en/ownmirrors1/index.html
You can follow the wizard if you like, personally, I wouldn't bother backing up the registry, it takes ages.
Although you should immunize and do the normal scan (do that at your own leisure), you need to click on Mode, then Advanced then a hidden menu will appear. Under tools, click System Start-up and you can see the programs which start when your computer starts.
If you click on the arrows on the right, if there is any information about the entry, it will tell you if it is safe/not required/potential virus. This is a very good way to speed up your PC, however, you wouldn't want to disable all of them, especially the Windows Logon ones (for XP)
The Key section will either say, LM (Local Machine) or CU (Current User). If it is current user, typically, anything you disable will be absolutely fine as it is tied in with your user account only.
