If you can, reboot into Safe Mode and try to initiate System Restore to go back to before it happened. If successful, temporarily disable System Restore to destroy the infected restore point.
If not there is an excellent removal guide here: http://www.bleepingcomputer.com/virus-removal/remove-antivirus-security-pro
Do not reboot to safemode, the virus immediately restarts your computer. Do not try to create a new clean account - it isn't limited to one account.
Almost no programs will open - but HTML help should.
- Tap Windows "R" to bring up the run prompt.
- type "hh h" and hit Enter.
- Right-Click the question mark in the top-left corner > select "Jump to URL..." from the list.
- Type in "downloads.malwarebytes.org/file/chameleon" and hit enter.
- Hit "Save" and save it to an easy-to-access location, like your user folder, root, or your desktop.
- Open it when it finishes and then extract the files.
- Just start double-clicking the listed files to run them until a command prompt comes up and stays on the screen.
(You just have to keep trying until one of the programs works. Just go down the list.)
- Once a DOS prompt is up and the file is in the process of killing it you are pretty much done. Just follow the prompts until MBAM launches and finishes it off.
- When the final scan completes you should have a minimum of infected files located. Select "Show Results" then delete the infected files.
- Restart your computer - you won.
I don't recommend running the free MBAM as your sole anti-virus as it lacks critical features of active protection. McAfee Internet Security or better should be purchased and installed when this virus has been completely removed.
Many thanks for your help. Your procedure got rid of Antivirus Security Pro from my PC.
My question for MacAfee is: why the expensive Total Protection that I have run before M BAM did not see anything wrong in my system?
Considering that Antivirus Security Pro appears to be affecting a lot of people I do not understand why MacAfee has done nothing to protect their customers from it. I am no expert and may be missing on the reason, but would like to be educated by you if you can spare the time.
Many thanks again
None of the major A/V software detects this sort of thing because of the way it works, requiring some interaction on behalf of the user to activate it. Even 1 keystroke or mouse click will activate this type of malware. If you do nothing and power off when you first see trouble emerging, then on again into Safe Mode and use System Restore, most likely you wouldn't have had to deal with it. Of course I can't ever be totally sure of that, but what I do know is that no antivirus is any good against most similar things.
See the last link in my signature below for hints and tools.