Description: Paladin Antivirus is a rogue antivirus software application from the same family as Malware Defense. It uses the same tactics as it’s relative to lure users in to buying a license for the software. Once installed, the virus will attempt to trick users into removing any installed legitimate antivirus programs by displaying alerts that an unauthorized antivirus software application is installed. It will also load at startup, performing a large number of fake virus scans on the system, generating false reports which warn the user about threats that are non-existent. It also generates fake warnings stating that the user’s computer is being attacked by a remote PC. After generating all these warnings, the software asks the user to pay for a license to the ‘full’ version of the software, claiming that the currently installed ‘trial’ version is inadequate to remove all the detected false ‘threats’. However it is important to note that Paladin Antivirus is a fake program that cannot scan your computer under any circumstances.
Paladin Antivirus
In order to remove Paladin Antivirus, you must stop its processes, unregister its DLL files, delete its files and folders and remove its registry entries.
Paladin Antivirus File Removal Instructions
The first step needed to remove the virus is to stop the following processes: ( Learn how to terminate a running process )
- pav.exe
- uninstall.exe
Next, it is necessary to unregister the following DLL files:
- pavext.dll
- phook.dll
As the final step of file removal, delete the following files and folders:
- c:\Program Files\Paladin Antivirus
- c:\Program Files\Paladin Antivirus\help.ico
- c:\Program Files\Paladin Antivirus\pav.db
- c:\Program Files\Paladin Antivirus\pav.exe
- c:\Program Files\Paladin Antivirus\pavext.dll
- c:\Program Files\Paladin Antivirus\phook.dll
- c:\Program Files\Paladin Antivirus\uninstall.exe
- %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Paladin Antivirus.lnk
- %UserProfile%\Desktop\Paladin Antivirus Support.lnk
- %UserProfile%\Desktop\Paladin Antivirus.lnk
- %UserProfile%\Start Menu\Programs\Paladin Antivirus
- %UserProfile%\Start Menu\Programs\Paladin Antivirus\Paladin Antivirus Support.lnk
- %UserProfile%\Start Menu\Programs\Paladin Antivirus\Paladin Antivirus.lnk
- %UserProfile%\Start Menu\Programs\Paladin Antivirus\Uninstall Paladin Antivirus.lnk
Once you have completed these steps, the threat no longer resides on your hard disk.
Registry Removal Instructions
File deletion alone is not enough to completely remove Paladin. The following keys and settings should also be deleted from the registry: (How to Edit Registry Here)
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Paladin Antivirus
- HKEY_LOCAL_MACHINE\SOFTWARE\Paladin Antivirus
Once the registry is clean, you have completely removed Paladin Antivirus from your computer. However, in order to make sure that this is the case it is recommended to conduct a full system scan using legitimate antivirus software such as Spyware Doctor with Antivirus in order to make sure that no additional threats reside on your computer.
Outside Resouces:
http://www.bleepingcomputer.com/virus-removal/remove-paladin-antivirus
Speak Your Mind