1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

2010 Rogue Malware (Paladin antivirus/windows defender) Removal tutorial

Discussion in 'Windows - Virus and spyware problems' started by Phyto, Feb 23, 2010.

  1. Phyto

    Phyto Guest

    The other day i went idol on thepiratebay.com to go to the bathroom, I came back and my computer was being hacked.

    I stopped it as they were gaining admin privledges so i would imagine nothing to bad happened.

    So here's the problem... when i boot up my computer a virus version of windows defender boots over the normal one and the my comp starts to install "Paladin anti virus".

    Internet explorer barely responds Kaspersky and avast can't catch the virus.

    It deleted the exe file of malwarebytes and when i try to reinstall off the internet i cannot same with spybot search and destroy.

    When i try and install them or run them from a flash drive or external harddrive the same thing happens.

    My recovery drive is also corrupted.

    With all that said any ideas?
     
    Phyto, Feb 23, 2010
    #1
  2. Phyto

    Phyto Guest

    Also bootsect.bak is now in the root of my C drive
     
    Phyto, Feb 23, 2010
    #2
  3. Phyto

    Phyto Guest

    okay now i got malwarebytes running but when i start a scan my comp gets the blue screen of death and crashs even in safe mode.

    I have no way of using other programs either because spybot won't run the installer in normal mode and you cannot install it in safe mode.......

    Help me =/
     
    Phyto, Feb 23, 2010
    #3
  4. Phyto

    Phyto Guest

    Okay i figured this out myself here is how to fix it...

    *This malware program immitates windows defender as well as windows security alerts.
    *Kills .exe files which it deems dangerous and blocks your internet connection.
    *MALWAREBYTES WILL NOT WORK...even if the exe file is renamed your comp will get the blue screen of death 3 secs after starting the scan.

    so with that said.....

    1.Run a system scan with your antivirus and delete the infected files it finds

    2.REMOVE from system 32 these files: DSSEC.DAT,FNTCACHE.DAT,perfh009.dat as well as perf c d and i,mlang.DAT,NOISE.DAT, and finally perfstringbackup.txt

    3.After those files are deleted you will be able to run system backup, do this and revert to whenever you want as long as it was before the virus (i did 10 days)

    4.Alot of your shortcuts will be dead now so fix your Iexplorer shortcuts and if you have Utorrent reinstall it and do the same for Malwarebytes and spybot S&D.

    5.Run your antivirus do another system scan to finish off the rest of it.
     
    Phyto, Feb 23, 2010
    #4

Share This Page