The Emsi Software malware research team has discoverd a new outbreak of the Paladin Antivirus adware. a-squared Anti-Malware detects this malware as Adware.Win32.PaladinAntivirus.

Paladin Antivirus is a rogue application. This rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you purchase.

Create new files:

• %ProgramFiles%\Paladin Antivirus\phook.dll
• %ProgramFiles%\Paladin Antivirus\uninstall.exe
• %ProgramFiles%\Paladin Antivirus\help.ico
• %ProgramFiles%\Paladin Antivirus\pav.db
• %ProgramFiles%\Paladin Antivirus\pav.exe
• %ProgramFiles%\Paladin Antivirus\pavext.dll
• %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Paladin Antivirus.lnk
• %UserProfile%\Desktop\Paladin Antivirus.lnk
• %UserProfile%\Desktop\Paladin Antivirus Support.lnk
• %UserProfile%\Start Menu\Programs\Paladin Antivirus\Paladin Antivirus.lnk
• %UserProfile%\Start Menu\Programs\Paladin Antivirus\Paladin Antivirus Support.lnk
• %UserProfile%\Start Menu\Programs\Paladin Antivirus\Uninstall Paladin Antivirus.lnk

Create new registry entries:

• HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Uninstall\Paladin Antivirus
• HKEY_LOCAL_MACHINE\software\Paladin Antivirus
• HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run, “Paladin Antivirus”

Screenshots:

How to remove the infection of Paladin Antivirus (Adware.Win32.PaladinAntivirus)?

To delete this malware infection, please download and install a-squared Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.