<!-- m --><a class="postlink" rel="nofollow" href="http://www.bleepingcomputer.com/virus-r">http://www.bleepingcomputer.com/virus-r</a><!-- m --> ... vista-2010
<!-- m --><a class="postlink" rel="nofollow" href="http://getridof-virus-infected-for-free.blogspot.com/">http://getridof-virus-infected-for-free.blogspot.com/</a><!-- m -->
<!-- m --><a class="postlink" rel="nofollow" href="http://www.spywareremove.com/removeVist">http://www.spywareremove.com/removeVist</a><!-- m --> ... o2010.html
<!-- m --><a class="postlink" rel="nofollow" href="http://www.xp-vista.com/spyware-removal">http://www.xp-vista.com/spyware-removal</a><!-- m --> ... ivirus-pro
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "av.exe" /START "%1? %*"
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command "(Default)" = "av.exe" /START "%1? %*"
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = "av.exe" /START "%1? %*"
HKEY_CLASSES_ROOT\secfile\shell\open\command "(Default)" = "av.exe" /START "%1? %*"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = "av.exe" /START "firefox.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = "av.exe" /START "firefox.exe" -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = "av.exe" /START "iexplore.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = "1"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = "1"
%Documents and Settings%\[UserName]\Application Data\av.exe
%Documents and Settings%\[UserName]\Application Data\WRblt8464P
All of those have suggestions of programs to use, solutions to rid it of your computer, and How to manually get into your systems and eradicate it. If you can get Task Manager open through alternative means, go to processes and look for "Av.exe" that the antivirus pro malware. End it before anything can load and start up. You have to be quick about it. Till then it's one of those I'd have to see it to fix it things. This is also why I love XP. So simple to navigate through hehehe. Out of date maybe, but still very simple
And those above are the registry keys it creates to override your shit and hijack it. If you can open the registry search for those by following the string, and then delete them one by one. Specifically the last two.
Also, Biiiig Note for those who don't know and are using Windows 7 which was originally thought immune to the Antivirus Pro virus.
<!-- m --><a class="postlink" rel="nofollow" href="http://www.pandasecurity.com/homeusers/">http://www.pandasecurity.com/homeusers/</a><!-- m --> ... antivirus/
It's evolved with adding the name "Panda" to it and is now compatible to Windows 7. Stay away from it. Seriously.