Monday, February 8, 2010

How to remove Paladin Antivirus fake security program? (Uninstall guide)

Paladin Antivirus is one of many fake (rogue) anti-virus programs. If you’ve got a computer infected by this virus then you probably know how irritating it can be. There can be a bunch of different ways how Paladin Antivirus gets into a computer. However, most of the time, this virus is promoted through the use of Trojans and other malicious software. Usually, Trojans come from rogue websites and misleading online ads. Fake pop-ups may also come up on well know and trusted websites like Facebook and MySpace. That’s why you should always check twice before accepting, downloading and installing files from the Internet.



Paladin Antivirus video: (thanks to rogueamp)


Once installed, Paladin Antivirus will be configured to scan your computer automatically each time Windows starts. Of course, it only imitates a system scan and then reports predetermined system threats just to scare you into thinking that your computer is infected with Trojans, worms and other viruses. Then it will prompt you to pay for a full version of the program to remove the infections which don’t even exist.



Simply ignore those false reports and remove Paladin Antivirus from your computer as soon as possible. Remember, don’t remove any of the reported threats because they may actually be a legitimate Windows files. Read the Paladin Antivirus removal instructions below.

This fake security program is from the same family as Malware Defense. It’s not an exact copy of Malware Defense, but it uses the same misleading methods to protect itself from being removed. When running, Paladin Antivirus will claim that that you must remove currently installed antivirus software in order to avoid conflicts. The rogue program will attempt to remove the following anti-virus software:
  • Malwarebytes Anti-Malware
  • F-Secure
  • AVG8
  • ESET NOD32
  • Norton Internet Security
  • Avira AntiVir
  • Avast!
Furthermore, it will display numerous fake alerts and pop-ups claiming that your computer is compromised or is being attacked from a remote PC.



"Adware module detected on your PC!
Zlob.Porn.Ad adware has been detected. This adware module advertises websites with explicit content. Be advised of such content being possibly illegal. Please click the button below to locate and remove this threat now."

Just like the false scan results, these fake warnings were designed to make you think that your computer is infected when in reality it’s not. If you find that your computer is infected with this virus, please don’t delay and get rid of Paladin Antivirus immediately.


Paladin Antivirus removal instructions:

1. Download the file TDSSKiller.zip and extract it into a folder
2. Execute the file TDSSKiller.exe (NOTE: you may have to rename TDSSKiller.exe to explorer.com yourself or download already renamed explorer.com file in order to run it)
3. Wait for the scan and disinfection process to be over. Close all programs and press “Y” key to restart your computer.
More detail TDSSKiller tutorial: http://support.kaspersky.com/viruses/solutions?qid=208280684
4. Download one of the following anti-malware software and run a full system scan:

Paladin Antivirus associated files and registry values:

Files:
  • %UserProfile%\Start Menu\Programs\Paladin Antivirus
  • C:\Program Files\Paladin Antivirus
  • C:\Program Files\Paladin Antivirus\help.ico
  • C:\Program Files\Paladin Antivirus\pav.db
  • C:\Program Files\Paladin Antivirus\pav.exe
  • C:\Program Files\Paladin Antivirus\pavext.dll
  • C:\Program Files\Paladin Antivirus\phook.dll
  • C:\Program Files\Paladin Antivirus\uninstall.exe
Registry:
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Paladin Antivirus
  • HKEY_LOCAL_MACHINE\SOFTWARE\Paladin Antivirus

Please share this information with other people:

No comments:

Post a Comment