Paladin Antivirus Trojan

  Murielson 1 12:34 21 Feb 2010
Locked

It would appear that Paladin has my home PC by the short and curlies!!

I have searched the Helproom and found the following thread but it isn't helping me too much:

click here

I can't use anything when I get into windows so unable to download anything in this way. I have copied the various applications via my laptop to a memory stick and am now looking at how to get them onto the PC to start the recovery/repair process.

My main problem at the moment is that I can't get the PC to start in any safe mode (safe, with command prompt, with networking). It starts with a list of drivers that it appears to be loading and then hangs in this process at the same point each time. It always stops on:

multi(0)disk(0)rdisk(0)partition(1)\windows\system32\drivers\agpCPQ.sys

Running Windows XP Home Edition.

Any help appreciated as I am now well and truely stuck as the above stops me using any solutions I may have found via this site and Google. Thanks in advance.

  Input Overload 13:22 21 Feb 2010

Can you take the drive out & fit it in another PC and run AV Anti-Malware from there?

  Murielson 1 13:55 21 Feb 2010

Unfortunately not.

I have 2 hard drives fitted to this PC but it is booting into the one with the problem and I can't get into that, even in safe mode.

As it is a seagate, would it benefit me to run the Seagate repair file to see if it has a HD problem that is causing the problem with starting in safe mode? Might just try it anyway as I assume it will do no harm and it is set to look for CD boot first anyway.

  Murielson 1 18:01 21 Feb 2010

Update:

The Seatools I used has found no problems. I have located my system recovery disc but this just opens to a black screen when R is selected so I am now well and truely stuck folks.

To recap:

Paladin seems to have wiped me out.
No safe mode working at all.
System recovery not possible from disc
When I get into windows (I can boot into normal windows) it just goes straight into alerts etc and gives me no functionality.
Google doesn't appear to have my pericular problem detailed anywhere on any forums etc.

Help appreciated as daughters homework for Tuesday is now on a PC that I can't access.

  MAJ 18:41 21 Feb 2010

Can you open Task Manager when you get into Windows normally?

  Murielson 1 19:35 21 Feb 2010

MAJ - can't get anywhere within windows unfortunately.

I can start doing things whilst all the security alerts etc are starting up but they then stop me doing anything so no real windows functionality.

Tried the my computer route to hopefully put some anti-Paladin solutions onto the PC but I get nowhere really when the alerts start.

  MAJ 20:01 21 Feb 2010

If you can't do anything in Windows, Safe or Normal mode, Murielson 1, your options are limited. A few suggestions though:

What type of drive is in the PC, SATA or IDE? You could buy an external enclosure for the drive, attach it to your laptop via USB and scan with MBAM to get rid of the infection.

As the last option might take a little time and your daughter needs her homework for Tuesday, you could download a Linux live installation, burn it to disk and run it, on the infected PC, from CD, that would allow you to get your daughter's files on to a pen drive, then on to your laptop.

  Murielson 1 20:32 21 Feb 2010

Thanks MAJ

Belarc tells me the HD is Maxtor 6L250S0 [Hard drive] (250.99 GB) which is SATA.

I have external hard drive (x2) - could the hard drive be mounted one of these temporarily or would I most likely cause problems

If I take the 'Linux live installation' route what should I be doing or where to download please. I have searched on Google but slightly confused and could do with some direction please.

Would this allow me access to PC to run any possible solutions for infection?

I also have a second hard drive fitted in system but it is empty I think apart from some music.

  Murielson 1 10:30 22 Feb 2010

All - just wondered if anyone who wasn't around over the weekend or certainly yesterday had any advice on this as I am severely stuck at the moment.

Created a CD of Linux Mint 8 and currently downloading Ubuntu 9.10 to see what I can achieve with these but no real idea as to where to go next.

Any help appreciated.

  MAJ 10:54 22 Feb 2010

The download is an .iso file, which needs to be burnt as an image, rather than an ordinary Data CD. I'm not sure which burning software you're using, but try Imgburn click here to burn the image. Insert a blank CD, open Imgburn, choose the "Write Image File To Disk" option, browse to where you saved the downloaded Ubuntu .iso file, select it and click "Write" at the bottom of Imgburn. That will create a bootable Ubuntu Live CD. Restart your PC and follow the prompts to run Ubuntu, remember it will be a little slower than you are normally used to because it's running from CD rather than the hrd drive.

When Ubuntu loads, navigate to where your daughter's homework files are and copy them across to your USB pen drive.

Now run your antispyware program from the USB drive (MBAM click here should do it). If it wont run, come back and let us know, there are possible remedies for that.

  Murielson 1 11:32 22 Feb 2010

Maj - once again, many thanks for your response. I am using Roxio and it has a burn image option that I have used.

Hopefully this will give me what I need and I will try it on the offending PC when I get home this evening.

Is there any prefernce/benefit between Ubuntu 9.10 and Linux Mint 8? I am taking the opportunity to download and create disks for both so that I have either option. Never done Linux before so am also learning something completely new along with the fact that I now dislike Trojans, Paladin in particular, with a vengence!!

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Fujitsu Lifebook P727 laptop review

Microsoft Paint set to die after 32 years

Mac power user tips and hidden tricks

Comment désactiver la saisie intuitive et paramétrer votre clavier ?