W32.Proyo

1. Temporarily Disable System Restore (Windows Me/XP). [how to]
2. Update the virus definitions.
3. Reboot computer in SafeMode [how to]
4. Run a full system scan and clean/delete all infected file(s)
5. Delete/Modify any values added to the registry. [how to edit registry]
Navigate to and restore the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\SafeBoot\Minimal
\{4D36E967-E325-11CE-BFC1-08002BE10318}

Navigate to and restore the following registry entries to their original values, if needed:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder
\Hidden\SHOWALL\”CheckedValue” = “0″
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\[FILE NAME]\”Debugger” = “0″

[FILE NAME] represents the following string:
360tray.exe
360Safe.exe
360Safe.com
avp.com
avp.exe
CCenter.exe
msconfig.exe
IceSword.exe
IceSword.com
rav.exe
RavMon.exe
RavMonD.exe
RavTask.exe
runiep.exe
nod32.exe
nod32krn.exe
KWatch.exe
KVScan.kxp
KAV32.exe
KAVPFW.exe
MagicSet.exe
nod32kui.exe

6. Exit registry editor and restart the computer.
7. In order to make sure that threat is completely eliminated from your computer, carry out a full scan of your computer using AntiVirus and Antispyware Software. Another way to delete the virus using various Antivirus Program without the need to install can be done with Online Virus Scanner.