Related to the well-known fake anti-spyware Malware Defense, Paladin Antivirus is a rogue antivirus program that tries to lure users into buying its software license. It reaches a user’s computer through Trojan viruses and other malware programs. Once installed, it tries to get the user to uninstall any legitimate antivirus programs that are on the system by giving the user a fake warning of an unauthorized antivirus program being present on the user’s system. Paladin Antivirus also performs fake scans of the user’s system, generating false reports stating that a myriad of invented viruses are present on the computer. It also gives false warnings that the computer is about to be attacked by a remote host. Paladin Antivirus repeatedly urges the user to purchase the ‘full’ version of the software, claiming that the currently installed ‘trial’ version is insufficient to remove all the detected ‘threats’. It is important not to fall for this trick as the ‘full’ version of this rogue software is just as incapable of scanning any system as the ‘trial’ version.

Paladin Antivirus

The process of Paladin Antivirus removal involves the killing of processes, unregistering of DLLs, deletion of files and folders and removal of registry entries.

File Removal Procedures

The first step in Paladin Antivirus removal is to kill the following processes:

  • pav.exe
  • uninstall.exe

Next, it is necessary to unregister the following DLL files:

  • pavext.dll
  • phook.dll

As the final step of file removal, delete the following files and folders:

  • c:\Program Files\Paladin Antivirus
  • c:\Program Files\Paladin Antivirus\help.ico
  • c:\Program Files\Paladin Antivirus\pav.db
  • c:\Program Files\Paladin Antivirus\pav.exe
  • c:\Program Files\Paladin Antivirus\pavext.dll
  • c:\Program Files\Paladin Antivirus\phook.dll
  • c:\Program Files\Paladin Antivirus\uninstall.exe
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Paladin Antivirus.lnk
  • %UserProfile%\Desktop\Paladin Antivirus Support.lnk
  • %UserProfile%\Desktop\Paladin Antivirus.lnk
  • %UserProfile%\Start Menu\Programs\Paladin Antivirus
  • %UserProfile%\Start Menu\Programs\Paladin Antivirus\Paladin Antivirus Support.lnk
  • %UserProfile%\Start Menu\Programs\Paladin Antivirus\Paladin Antivirus.lnk
  • %UserProfile%\Start Menu\Programs\Paladin Antivirus\Uninstall Paladin Antivirus.lnk

Once you have completed these steps, Paladin Antivirus no longer resides on your file system.

Registry Removal Procedures

As the final step in Paladin Antivirus removal, the following keys and settings should also be deleted from the registry:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Paladin Antivirus
  • HKEY_LOCAL_MACHINE\SOFTWARE\Paladin Antivirus

Once the registry is clean, Paladin Antivirus removal is complete. At this moment it is recommended to conduct a full system scan using legitimate antivirus software such as Spyware Doctor with Antivirus in order to avoid the risk of letting additional malware infections reside on your system.

Conclusion

Manual Paladin Antivirus removal is not recommended for inexperienced users, as any mistake on your part during removal could cause damage to the system. The best route to take for inexperienced users to get rid of this rouge software is to use a web-based repair service such as www.onlinecomputerrepair.org.

Be Sociable, Share!