There’s nothing like frustrating over removing malware from a Windows PC. This blog post will give you directions, although time consuming, on how to remove Windows Police Pro. Below are four different thumbnails of what Windows Police Pro looks like.
Windows Police Pro masks itself as an anti-virus or malware remover application. It’s neither and it’s quite the opposite. It’s a malicious rootkit that will install itself to Windows and will take over your screen and resources. Windows Police Pro makes your computer inoperable. So how do you remove Windows Police Pro if your computer is inoperable?
I recommend:
- Using another PC to download removal tools
- A thumb drive
- Back up your documents
The one question I get from a lot of people is “How did it get on there in the first place?” and I can’t answer that question. You can get it from malicious websites or from plugging someone elses infected thumb drive into your pc.
All these steps should be done while disconnected from the Internet. Disable your LAN and Wireless connections.
This is only a guide to removing malware from a computer. I am in no way responsible for any hardware/software complications or loss of data.
First Step
First things first. You need to purchase an anti-virus program. You either did not have one before, were using a free one, or your current one expired/out-dated. Either way, it slipped passed your defenses. Here are some recommendations for anti-virus:
Choose only one and download the installer to your thumb drive. Download the current updates as well to your thumb drive.
Second Step
This is where it can get difficult. When you plug your thumb drive into your computer, Windows Police Pro will deny the anti-virus installer to run. IT’S THAT SMART. What I did was right click on the task bar and select Task Manager. Windows Police Pro will show up under the Processes tab. With the quickness, right click the Windows Police Pro process and end the process. Now quickly run your anti-virus installer.
If you had success stopping the Windows Police Pro process from automatically starting please provide your input. My attempts in Safe Mode did not completely remove Windows Police Pro.
The anti-virus installer will continue to run as Windows Police Pro process keeps running. I recommend keeping the task manager open and regularly ending the process because it will continue to eat up computer resources.
Third Step
Like the second step, we will do the same thing but install the updates.
Fourth Step
Once you have successfully installed your anti-virus program, end the Windows Police Pro process and run your anti-virus program. It will catch any trojans, worms, viruses, etc. The first scan will catch most of the malware but this process will usually require more scans and more anti-malware programs.
Fifth Step
Now that your anti-virus program has removed some malware, let’s download another useful tool:
Combofix will search for known malware and attempt to remove it. This is not a child’s toy so I’d be cautious using this. Follow the directions and if you have any questions please comment below. Combofix will also generate a report which you should save on your thumb drive.
Sixth Step
If combofix found more malware and removed it then awesome! It’s very likely that you may have rootkits on your computer and if the above tools weren’t enough and you’re still experiencing some weirdness then I recommend using:
Rootkits are very bad and hard to remove. Sophos is a small business to enterprise level anti-virus solution. The anti-rootkit is easy to use and all you have to do is follow the instructions.
Seventh Step
Lastly, I recommend downloading Spybot and Adaware. Download the updates individually and manually update each software on the infected computer if you are unable to run the updater. In my experience, Spybot was able to remove a lot of malicious software. I also use Adaware as a cleanup tool to catch anything Spybot didn’t. Do run each software separately and not at the same time.
Conclusion
At this point your computer should be clean of the Windows Police Pro infection. Removing it is a very lengthy process that takes time and patience. If you are still seeing some malware then I recommend disconnecting the infected computer from the Internet and running all scans from Safe Mode. It’s important that you keep the infected off the Internet because it will make a call out to it’s mothership notifying it’s master that it is being removed. It will then just replicate itself elsewhere, most likely on a file that the anti-virus already scanned.
If you have any questions, concerns, input or feedback please comment below.
Related posts:
- Windows Server 2003 Event ID 1030 & 1058
- Disable Dell Wireless Lan Utility and Use Built-In Windows Utility
