How to get rid of Paladin Antispware Virus?

Hi, this can be quite difficult to remove. But here are the steps to try which are from bleepingcomputer:

Print out these instructions as we may need to close every window that is open later in the fix.

First you need to end the processes that belong to Paladin Antivirus so that it does not interfere with the cleaning procedure. To do this, download the following file to your desktop.
rkill
Once it is downloaded, double-click on the rkill.com in order to automatically attempt to stop any processes associated with Paladin Antivirus and other Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by Paladin Antivirus when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Paladin Antivirus . So, please try running Rkill until malware is no longer running. You will then be able to proceed with the rest of the guide.
If you continue having issues, you can download iExplore.exe, which is a renamed rkill.com and try that instead.
Do not reboot your computer after running rkill as the malware programs will start again.

Now you should download Malwarebytes' Anti-Malware, or MBAM, and save it to your desktop:
When the file has finished downloading, look on your desktop for mbam-setup.exe and right-click on it and select Rename. The title of the program will now have a blinking cursor where you can edit the name. Please change the name of the program to Explorer.exe.
After you rename the mbam-setup.exe to Explorer.exe, close all your programs and Windows on your computer, including this one.
Double-click on the icon on your desktop named Explorer.exe. This will start the installation of MBAM onto your computer.
When the installation begins, keep following the prompts in order to continue with the installation process. Do not make any changes to default settings and when the program has finished installing and is at the last screen, make sure you uncheck both of the Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware check boxes. Then click on the Finish button. If Malwarebytes' prompts you to reboot, please do not do so.
If you receive a code 2 error while installing Malwarebytes's, please press the OK button to close these errors as we will resolve them in future steps.
As this infection deletes a core executable of Malwarebytes', or does not allow it to run, we will need to download a new copy of it and put it in the C:\program files\Malwarebytes' Anti-Malware\ folder. To download the file please click on the following link:
Malwarebytes' EXE Download
When your browser prompts you where to save it to, please save it to the C:\program files\Malwarebytes' Anti-Malware\ folder. When downloading the file, it will have a random filename. Please leave the filename the way it is as it is important that it is not changed. You may want to write down the name of the file as you will need to know the name in the next step.
Once the file has been downloaded, open the C:\program files\Malwarebytes' Anti-Malware\ folder and double-click on the file you downloaded. MBAM will now start and you will be at the main program screen.
Before you can perform a scan, you must first update the program. To do this click on the Update tab, and that at the new screen click on the Check for Updates button. Malwarebytes' will now check for new updates and download and install them as necessary. When the update is completed, you will be prompted with a message stating either that you already have the latest updates or that they have been updated. Either way, you should now click on the OK button to continue.
Now click on the Scanner tab and make sure the the Perform full scan option is selected. Then click on the Scan button to start scanning your computer for Paladin Antivirus related files.
MBAM will now start scanning your computer for malware. This process can take quite a while, so we suggest you go and do something else and periodically check on the status of the scan
When the scan is finished a message box will appear You should click on the OK button to close the message box and continue with the Paladin Antivirus removal process.
You will now be back at the main Scanner screen. At this point you should click on the Show Results button.
A screen displaying all the malware that the program found will be shown
You should now click on the Remove Selected button to remove all the listed malware. MBAM will now delete all of the files and registry keys and add them to the programs quarantine. When removing the files, MBAM may require a reboot in order to remove some of them. If it displays a message stating that it needs to reboot, please allow it to do so. Once your computer has rebooted, and you are logged in, please continue with the rest of the steps.
When MBAM has finished removing the malware, it will open the scan log and display it in Notepad. Review the log as desired, and then close the Notepad window.
You can now exit the MBAM program. You can also delete the Explorer.exe program from your desktop.

Please post that log back here.

I think you should follow the removal instructions on these links:
http://www.bleepingcomputer.com/virus-removal/remove-paladin-antivirus
http://deletemalware.blogspot.com/2010/02/how-to-remove-paladin-antivirus-fake.html

Good luck!

I think you should follow the removal instructions on these links:
http://www.bleepingcomputer.com/virus-removal/remove-paladin-antivirus
http://deletemalware.blogspot.com/2010/02/how-to-remove-paladin-antivirus-fake.html

Good luck!

mcmike, you need to read all posts in a thread. The instructions I posted are the SAME ones given in the links you gave.

The first link that you have is the same link I all ready posted here.

Hi, this can be quite difficult to remove. But here are the steps to try which are from bleepingcomputer:

Please post that log back here.

Tried it. No Luck. Paladin has totally hijacked my kid's Dell laptop and won't allow access to ANY normal operations---not even opening Windows Explorer.
I try to tell them that hygiene is important in every facet of life. But do they listen?
The only thing I can think to do is wipe the hard drive, and re-install everything.
Any better suggestions?

Thanks,
organics1

If you have attempted all listed remedies, then no, I can't think of anything else to do but wipe it out and reformat. It will certainly be a good lesson because I image your child's computer has a lot of things that will be lost. Makes you think twice the next time.

Thanks J!
You're right, but I have trouble getting them to think ONCE...let alone twice.
Please keep us posted on any new developments with this monster.

Thanks J!
You're right, but I have trouble getting them to think ONCE...let alone twice.
Please keep us posted on any new developments with this monster.

Will do. Helped a friend earlier this year whose kids had infected the computer with one of the first types of this "monster", Antivirus 2009.
At the time it was also a "bear" to remove and the fact that it was a Vista computer without restore disks made it more so. I traced the infection to three P2P music files from a website AND one that came in via a flash drive, also originally a P2P shared album. I told her we would have to reformat but we couldn't get to the restore partition to even attempt that either. She called Dell and told them what the situation was and they mailed her all the disks for the restore. While waiting for those to arrive I continued to "play with" the computer as she had very important files on there because she is taking some classes herself which included a lot of online work that hopefully we could find a way to copy before the reformat. One of the things this infection did was make itself an entry in Scheduled Tasks which I found only by accident. I looked in there and found two unusual scheduled tasks...odd names which were scheduled to start when the computer started. Since we were going to do a reformat anyway I figured there was nothing to lose so I totally cleared out the Scheduled Tasks, everything in there even legitimate entries. So there were no scheduled tasks remaining at all.
Lo and behold on the next reboot I could run MBA-M and it removed a multitude of infections. I ran a couple more deep scans with one or two more programs, more infection was removed and then "there were none". Every scan came up 100% clean and she still had all of her important files to boot. I called her and told her what had happened and asked if she wanted the reformat or not. She chose no. BUT she had me remove every downloaded piece of music on the computer, even those legally purchased using gift iTunes cards...just so the kids knew they had to pay for their mistake.
If there are any new developments aiding in the removal of this thing I will certainly post it here.
Judy