Windows Police Pro
Yes folks, it’s Windows Police Pro, the gift that keeps on giving apparently. It’s crawled back into Googles top searches tonight. If you want to see how to remove it look at Windows Police Pro Removal, you may be interested in Who is behind Windows Police Pro and probably will need to visit the virus tool removal list. The worst trick this virus plays….
Is associating all exe files in the registry with it’s own desote.exe process. That’s pure clever evil genius. This way you may not be able to run regular exe files from the virus removal toolkit. Here’s a trick YOU can play in cleaning it up.
Rename your download executable (such as malwarebytes antimalware) to a .com file. Yes, why does it need to be .exe when .com will bypass the slimey *!*@*&#@ of Windows Police Pro.
If you don’t want to hack the registry manually to restore the correct association for exe files, then you look at this:
There is a batch script to restore exe file associations here that may solve the issue. (About the 9th one down.)
(Note to MicroSoft, why are exe file associations allowed to be overridden in the registry?) It’s really amazing to me that I’m still getting so much traffic on this one pest. I’ve read of many people getting rid of it only to have the system hosed (.exe association) can’t launch programs, give up and reinstall.
By the way if you’ve already removed desote.exe and still need to fix the registry. Regedit.exe can be renamed to regedit.com to bypass the file association that Windows Police Pro uses.
From kellyscorner (from whence the above registry fix for exe files comes):
NOTE: If your EXE file associations are corrupted, it can be difficult to open REGEDIT, or to even import REG files. To work around this, press CTRL-ALT-DEL and open Task Manager. Once there, click File, then hold down the CTRL key and click New Task (Run). This will open a Command Prompt window. Enter REGEDIT.EXE and press Enter.