Paladin Antivirus Trojan

While surfing the Internet today, a window popped up saying that it was downloading the Paladin Antivirus Software. I did not authorize this download and I was unable to close or cancel the window. Once the download finished, the program started up and began listing a bunch of viruses it supposedly found on my laptop. After doing some online research, I discovered that the Paladin Antivirus Software is actually a Trojan and that none of the viruses it found were real.

My problem is this: the Trojan disabled all of my anti-virus and anti-spyware software. Also, it disabled everything in Windows Security Center. So as of right now, my laptop has no protection and I have no idea how to resolve the problem. When I try to search the Internet for solutions, I am redirected to a spam website. (I actually am on a different computer right now because it won't let me access any of Microsoft's websites.)

I went to the Add/Remove programs in the Control Panel to uninstall the Trojan and deleted all of the registry values that it had put on my laptop. However, I'm still experiencing problems caused by the Trojan. My laptop is unusually slow starting up and loading and often freezes if I try to do anything. I attempted a System Restore to restore my laptop to a previous state, but it failed. Most websites with any information on the Paladin Antivirus Trojan ask me to download a tool to remove the virus. But I am hesitant to do so.

Can someone please help me with this problem? My laptop is very crucial to my work, so it's very important that I find a solution as soon as possible! Thank you in advance!

|
Answer
Answer
Hi,

You should continue with the checks and cleanup.

Start - type in Search box -> Services   find at top - Right Click on - RUN AS ADMIN

Then check the default services and dependencies to make sure they are running.
http://www.blackviper.com/WinVista/Services/Security_Center.htm

If needed set ALL the services to their defaults.
http://www.blackviper.com/WinVista/servicecfg.htm

Security Center Not Reporting Anti-Virus or Firewall Status Correctly
http://www.winhelponline.com/blog/security-center-not-reporting-anti-virus-or-firewall-status-correctly/

How to Fix the Vista Security Center Reporting Incorrect Information
http://www.vistax64.com/tutorials/195736-security-center-not-reporting-correct-information.html

How to Disable or Enable Security Center in Vista
http://www.vistax64.com/tutorials/67737-security-center.html

This thread might help as it might be a permissions issue.
http://social.answers.microsoft.com/Forums/en-US/vistawu/thread/3d2049ae-4581-439b-8e15-3f603f5c60f0/

Hope this helps.

Rob - Bicycle - Mark Twain said it right.
Rob Brown - past Microsoft MVP - Windows Insider MVP 2016 - 2021
Microsoft MVP Windows and Devices for IT 2009 - 2020

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

Answer
Answer
Hi,

Paladin Antivirus is a rogue antivirus, a scam to force you to pay for it while it has no benefits at all.

Remove Paladin Antivirus (Uninstall Guide)
http://www.bleepingcomputer.com/virus-removal/remove-paladin-antivirus

Download - SAVE - go to where you put it - Right Click on - RUN AS ADMIN

Revo Uninstaller - Free
http://www.revouninstaller.com/revo_uninstaller_free_download.html


These can be done in Safe Mode - repeatedly tap F8 as you boot however you should also run them in
regular Windows when you can.

Download malwarebytes and scan with it, run MRT, and add Prevx to be sure it is gone. (If Rootkits run UnHackMe)

Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN

Malwarebytes - free
http://www.malwarebytes.org/

Run the Microsoft Malicious Removal Tool

Start - type in Search box -> MRT  find at top of list - Right Click on it - RUN AS ADMIN.

You should be getting this tool and its updates via Windows Updates - if needed you can download it here.

Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN
(Then run MRT as above.)

Microsoft Malicious Removal Tool - 32 bit
http://www.microsoft.com/downloads/details.aspx?FamilyID=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

Microsoft Malicious Removal Tool - 64 bit
http://www.microsoft.com/downloads/details.aspx?FamilyId=585D2BDE-367F-495E-94E7-6349F4EFFC74&displaylang=en

also install Prevx to be sure it is all gone.

Download - SAVE - go to where you put it - Right Click on it - RUN AS ADMIN

Prevx - Home - Free - small, fast, exceptional CLOUD protection, works with other security programs. This is
a scanner only, VERY EFFECTIVE, if it finds something come back here or use Google to see how to remove. 
http://www.prevx.com/   <-- information
http://info.prevx.com/downloadcsi.asp  <-- download

PCmag - Prevx - Editor's Choice
http://www.pcmag.com/article2/0,2817,2346862,00.asp

Try the trial version of Hitman Pro :

Hitman Pro is a second opinion scanner, designed to rescue your computer from malware (viruses, trojans,
rootkits, etc.) that have infected your computer despite all the security measures you have taken (such as
anti virus software, firewalls, etc.).
http://www.surfright.nl/en/hitmanpro

--------------------------------------------------------

If needed here are some online free scanners to help

http://www.eset.com/onlinescan/

http://onecare.live.com/site/en-us/default.htm

http://www.kaspersky.com/virusscanner

Other Free online scans
http://www.google.com/search?hl=en&source=hp&q=antivirus+free+online+scan&aq=f&oq=&aqi=g1

--------------------------------------------------------

Also do these to cleanup general corruption and repair/replace damaged/missing system files.

Run DiskCleanup - Start - All Programs - Accessories - System Tools - Disk Cleanup

Start - type this in Search Box ->  COMMAND   find at top and RIGHT CLICK  -  RUN AS ADMIN

Enter this at the prompt - sfc /scannow

How to analyze the log file entries that the Microsoft Windows Resource Checker (SFC.exe) program
generates in Windows Vista cbs.log
http://support.microsoft.com/kb/928228


Run checkdisk - schedule it to run at next start and then Apply OK your way out then restart.

How to Run Check Disk at Startup in Vista
http://www.vistax64.com/tutorials/67612-check-disk-chkdsk.html

-----------------------------------------------------------------------

If any Rootkits are found use this thread and other suggestions. (Run UnHackMe)

http://social.answers.microsoft.com/Forums/en-US/InternetExplorer/thread/a8f665f0-c793-441a-a5b9-54b7e1e7a5a4/

Hope this helps.


Rob - Bicycle - Mark Twain said it right.
Rob Brown - past Microsoft MVP - Windows Insider MVP 2016 - 2021
Microsoft MVP Windows and Devices for IT 2009 - 2020

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info


Last updated February 18, 2021 Views 13,359 Applies to: