Overall Risk Level: 
Windows Antivirus Pro is an addition to the long list of rogue security applications that will perform various intimidation on users of the compomised computer. Users will be ask to purchase the registered version of Windows Antivirus Pro to be able to remove the threats. This rogue program can be acquired by manually executing the malicious file from scam website that can install malware on to the computer.
Windows Antivirus Pro will also prevent some programs from running and display alerts that the program trying to access is already infected with a virus.
Alias: -
Damage Level: Medium
Systems Affected: Windows
Symptoms:
1. Presence of files ANTI_files.exe, svchast.exe, bennuar.old, dddesot.dll, desot.exe, sysnet.dat, msvcm80.dll, msvcp80.dll, msvcr80.dll, Windows Antivirus Pro.exe, dbsinit.exe, wispex.html, i1.gif, j1.gif, jj1.gif, l1.gif, l2.gif, l3.gif, pix.gif, t1.gif, t2.gif, up1.gif, up2.gif, w1.gif, wt1.gif, ppp1.dat
2. It will redirect internet browser to fake security websites.
3. Number of fake warning alerts and messages will be displayed.
4. Infiltration alert message about HalfLemon detection.
Screenshot
Remove Windows Antivirus Pro with MalwareBytes’ AntiMalware:
1. Download Malwarebytes’ Anti-Malware (mbam-setup.exe) and save it on your Desktop.
2. After downloading, double-click on mbam-setup.exe to install the application.
3. Follow the prompts and install as “default” only
4. Before the installation completes, check on the following prompts:
- Update Malwarebytes’ Anti-Malware
- Launch Malwarebytes’ Anti-Malware
5. Click “Finish.” Program will run automatically and you will be prompt to update the program before doing a scan. Please update.
6. Scan your computer thoroughly.
7. When scanning is finished click on the “Show Results”
8. Make sure that all detected threats are marked, click on Remove Selected.
9. Restart your computer.
Note: Windows Antivirus Pro may prevent mbam-setup.exe from downloading and running. You can download and rename this program from a different computer before running it on infected system.
How to Remove Windows Antivirus Pro:
On this page is our suggested (by precisesecurity) removal procedure and Visitor's own suggestion. We cannot control and evaluate each suggested procedure so please use it at your own risks. If no suggestion is present to remove virus, spyware, adware and malware, you may try the following:- Scan Windows Antivirus Pro with MalwareByte's Anti-Malware
- Remove Windows Antivirus Pro with Standard Virus Scan
For Windows Antivirus Pro activation key, activation code, registration key, serial number and refund inquiries, please proceed here for the solution.
All contents, text and images related to "Windows Antivirus Pro" are part of this website's information dissemination purposes. We don't endorse, sell or in any way connected to it.
23 Responses for "Windows Antivirus Pro"
You guys rate this risk a 2 of 5, are you kiding me? This thing is a nusance at first, then it become a problem, and eventually it becomes lethal. It works like quicksand in that when you try different removal tolls and struggle against it….it gets worse eventually not letting you operate system controls, then regular everyday programs, and eventually you get the blue screen of death. You all need to rethink how you evaluate this, because it’s terminal and widespread.
OMG, I agree with the first response. I’m hoping that I’ll just be able to wipe my computer clean with a reinstall. Every time a tried something new last night it got worse and worse…this morning I couldn’t get my computer to come up.
Can anyone tell me the procedure for removing this virus from my computer? Computer boots but I cannot open any programs.
Floyd, did you try in SafeMode? My laptop also have this boot cycle but it doesnt do it in SafeMode so I scan my computer in that mode.
I can’t get rid of it either. It has gotten into the safe mode and I can’t run or download anything there. any results anywhere? did it work when you reinstalled your OS?
If you pull up Windows Task Manager while having one of the “Windows Antivirus” windows up, it’ll show the window in the Applications Tab of the Task Manager. Right click it and go to “Go To Process”, and it’ll switch to the process. End it, and you have a 5-10 second window to open any program you want. I used this time to download “Malwarebytes Anti-Malware” and am removing it as I type.
Even after the svchast and Windows Antivirus processes are terminated, I cannot run anything, including the install of the Anti-Malware. Thoughts?
Hey Bob, did this last entry you put up work? Let me know, thanks!
Couple things, delete window antivirus pro from program files directory AND registry. Do not uninstall it! Also, you can start IE as long as you start WITHOUT addons-right click and select this. It will still hijack search results from google, etc-soooo you have to copy the URL from the search results and open that page directly using copy and paste. If you want to run another program, run it as a different user. I can super antispyware pro and AVG, seemed to allow me to run program, IE is still hijacked however. Will try this approach
I did something similar to Bob’s method and it didn’t work for me. Basically, Malwarebytes gets killed in the middle of its scan and is shutdown automatically. This was done in safe mode, too. I also cannot even pull up the registry editor as the infected user. If I login as admin Windows Police Pro doesn’t show up in the registry. If anyone is infected to the level I am and figures this out, please come back to post here or e-mail me. I’ll do the same. Thanks.
So here’s the update. I finally got this thing cured. In the end I had to use Combofix. The tricky part was getting it to work. I had to use a registry fix file but before that I had to find a way around the virus/malware to allow me to fix the registry. This was done with two files: 1) a VB script which enabled registry editing and 2) a registry fix which allows me to run programs. Next I deleted the files associated with Windows Police Pro. Finally I ran Combofix. After Combofix did its thing I was able to run all my other apps. I ran MBAM and Spybot, both detected malware not removed by Combofix. Here’s a link to the VB script:
hxxp://www.pchell.com/support/registryeditordisabled.shtml
Here’s a link to the registry fix file:
hxxp://www.bleepingcomputer.com/virus-removal/remove-windows-police-pro
Please note that neither of these links are direct downloads. They are links to guides and the download links are about 1/3 of the way down. If you actually read through the guide you won’t miss it. Hope this helps you all.
I got this crap on my comp aswell, I could not run any exe files, or access regedit, not allowed to boot to safemode it would just restart. But I tried Bob’s ctrl+alt+del to temp kill the spyware program and update and run Malware bytes, and also delete the folder from program files. It seems to have helped as now I have access to my computer, but I had abruptly stopped Malware bytes from full scan so I am running the scan and let it remove all that it finds, also running norton, it was auto protect but didnt work.
My friend is having the same problem but she can not get on the internet, she lives in the midwest and i am on the east coast, how would she download malewarebytes if she can not get online either? It just pops an error on her IE.
Wow. This is a nasty little virus. I can’t boot in Safe-Mode, I can’t bring up the Task Manager, I can’t run Malware and can’t do ctrl-alt-del. What else can I try?
I am about to do my 3rd reinstall of windows this week…This thing keeps getting back in, I can’t figure out how to prevent it
wrong rating people. it is a monster. go to malwarebytes forum and read. it disables mbam and most everything else.
Yikes… I hear ya!! Their “low” rating is not at all the right one! My kid got it and it’s a pain… same as Mac’s situation. I have Norton’s latest and didn’t do anything to block it, also have Webroot Spy Sweeper… nada help.
I’ve gotten 3 different versions of this virus in the past few weeks so unfortunately I’m becoming pretty good at getting rid of it. Depending on the version you have you can stop the constant pop-ups by ending svchast.exe in task manager… if you can get task manager open that is. If you can’t get it open I found a great site that explains how to fix that – hxxp://ask-leo.com/why_is_my_task_manager_disabled_and_how_do_i_fix_it.html It’s pretty easy to follow and doesn’t take much time.
Another life saver I found when all my normal applications (pretty much everything in the control panel) were more or less dead restores original window files back to normal (i used it for my exe programs) hxxp://www.dougknox.com/xp/file_assoc.htm
Malwarebytes has been the only (free) program to actually wipe it out. If it won’t install and/or run after downloading here is a great post explaining what to do. hxxp://www.bleepingcomputer.com/forums/lofiversion/index.php/t246392.html NOTE: make sure to get the latest version.
I hope these are helpful to someone. I’m a pretty low level computer user so sorry for the non-tech lingo.
Dude this is another copy of the Windows Police Pro… Most Likely, some little kid scripted it t_T just factory settings ur comp and yea T_T forget restoring the files they are all infected
i ran malware bytes and it found 0 infected files anyone else have this problem? am i doomed?
I encountered the problem yesterday with os-guard pro2010, couldnt do anything and forums didnt help either, I fixed this problem by going into safe mode and restoring system to earlier date and it fixed my problem.
This malware popped up on my laptop last night and took over my machine,every thing I tried to open was infected.
I did a System Restore to the previous day and it seemed to take care of it. I then ran my aniti-virus program and malware program and they said I was clean.
This thing is nasty. It took two days to get my PC back. A combination of Malwarebytes, registry vb script and the best site of all was the dougnox site to fix all the associations.
Any Response?