Antivirus Pro 2010

How to remove Antivirus Pro 2010:

I had this virus on my own computer a year ago, when it was 2009. A simple install of Malwarebytes was all it took. This year, when my girlfriend's computer became infected, it was a totally different story.

After the jump, a list of the crazy but ingenious things that the new virus changed in order to make removal difficult, and how to fix them:


-Can not terminate programs (including the virus) using the Task Manager (Ctrl-Alt-Delete) Instead you get the error that says "Task Manager has been disabled by your administrator"
The virus messed with the registry. Follow this link or if that link dies, just Google, "Task Manager has been disabled by administrator" and follow instructions.

-Can not run System Restore. Instead you get an error that says "System Restore has been turned off by group policy. To turn on System Restore, contact your domain Administrator"
Click the Start button, select Run, and type "regedit.exe" in the box.
Find the following key--> HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\SystemRestore
On the right side, DELETE any of the following lines of text that appear:
DisableConfig
DisableSR
Then exit the Registry Editor.
Info from Ramesh's site

-Can not install Malwarebytes in order to run scan. This is the tricky one that took me awhile to figure out. What the virus does, is allow you to install the program all the way, then at the last second, it deletes the mbam.exe file, the executable file that actually runs the program.
To get around this, download and run the Malwarebytes program (if you don't want to get on the internet, then use another computer and move it onto the infected computer via flashdrive). Then run the installation program. Now when you try to run it after this, it will give an error.
Now navigate to the program folder. Go to MyComputer and open your C:\ drive. Navigate to C:\Program Files\Malwarebytes. Open the folder and resize the window so that you can see all the files and the desktop as well. Rerun the installation program and get it to the main installation process. Then select the my computer window again, and get ready to do some fast clicking. Right when you see the two new files show up at the bottom (should be mbam.exe and a .dll file) QUICKLY highlight them, either right click and click copy, or press Ctrl-C on the keyboard to copy the two files, then QUICKLY right click on the desktop and click paste, or minimize the windows and press Ctrl-V to paste the two files to the desktop. Let the installation program complete and wait a few seconds to let the virus program do its thing. Then copy and paste the files from the desktop back into the Malwarebytes folder. You should now be able to run the Malwarebytes program from this folder from now on. I would run it 2-3 times, restarting as it requests after each scan. Then install a good firewall AND virus program to prevent it from coming back as it did for me.


Whew....