Palladium virus

[Scary]

i have had a really nasty virus on my PC called Palladium it masks it self as part of microsoft security essentials.

it starts with a microsoft security essentials warning asking to run as scan, and as normal when i get these types of warnings i clicked scan.

It then comes back with only one security threat detected, but the only option it gives you is to press the tab to go online to get rid of it.

at this point i didnt go any further, but it had already downloaded the palladium software.

it then asks you to restart you pc, if you do you you cannot access start bar or any program apart from palladium, which tells you it can only get rid of the virus if you purchse palladium pro.

best course of action, do not restart you pc, run malwarebytes if you have it after a full scan it will detect around 18 threts doted around you main drive clean it then do a reboot and run it again, also run your security software too, but as i am doing in the morning would really recommend doing a reinstall of your OS.

[Kymmy]

Quote:

Palladium Removal Instructions

Step1: Use anti-virus program to do a full scan and then remove this Palladium virus once it was detected by the Safeguard program.

Step2: To stop all Palladium processes, press CTRL+ALT+DELETE to open the Windows Task Manager. Click on the "Processes" tab, search for the virus, then right-click it and select "End Process" key.

Step3: Remove the Palladium virus from registry editor. Click "Start" button and selecting "Run." Type "regedit" into the box and click "OK." Once the Registry Editor is open, search for the registry keys below:

%Programs%\Palladium Antivirus\Palladium Antivirus.lnk

%Programs%\Startup\Palladium Antivirus.lnk

%AppData%\Palladium.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Run "Palladium Antivirus"

Read more: http://www.articlesbase.com/security...#ixzz1CHJORqV3
Under Creative Commons License: Attribution

Lots of info online.. In the end it's not a true virus just a fraudulent program

[Peter_]

Quote:

Originally Posted by Kymmy

Lots of info online.. In the end it's not a true virus just a fraudulent program

One of many little devils out there.

[Scary]

thanks for the info

[Down the Pub]

there are plenty of then out there, problem is that it affects the system in safe mode as well. thats why i have a another drive with a vanilla install on it - which allows me to scan my main drive and squash the nasties.

[Scary]

i managed to get rid of it and the brother in law came round and checked and removed some more stuff, even though you think youve got rid of it all the little bugger hasnt gone completly

[Scrubbs]

so the next question is?? where did you get it from?

[Down the Pub]

what else do you think newsgroups are for - apart from ............................

[Scary]

yeah got it from newzbin, i scanned it when it downloaded and it said it was ok

so far all but one of these fake avs have been easy to uninstall using rkill to stop the processes and malwarebytes to clean. If you download rkill download the version iexplore.exe and you may need to change the malwarebytes exe to get it to install