An Old Trojan in New Clothing - Killing the Trojan
(Page 3 of 5 )
I'm going to tell you what Phil and I did to remove this annoyance. I haven't been bugged by pop-up alerts or warning messages since. However, I can't guarantee that my computer isn't still infected; I plan to run some more checks. In the meantime, I'm including some links I suggest you follow for more information about this malware.
Bill Mullins offers some good information about Perfect Defender in his blog and explains how to remove it, complete with links to software.
Someone asked about this on Yahoo! Answers about a week ago; 11 people offered solutions.
Spywarevoid provided a good description of how to remove Perfect Defender 2009 manually, complete with a list of which files to look for.
The problem with spyware like Perfect Defender 2009 is that it's skilled at hiding itself in your system and, once it gets its hooks in, can be difficult to remove. I never downloaded anything at that site, though I did visit it – and it might have downloaded something automatically without my being aware of it. That said, in the next few paragraphs I'm going to explain the removal method that seems to have worked for me.
First, we had to reboot my computer and start over in safe mode. As I have Microsoft Windows XP Home Edition, this involved hitting F8 as soon as I saw anything at all on my screen after telling my computer to reboot. There were a couple of things I had to highlight, but I'm going to assume that anyone reading this probably knows how to get their computer into safe mode.
Next, we had to force my computer to display hidden files and folders. Windows doesn't display everything by default, in part as a safety measure; if users always had access to every file in the operating system, they might delete something they shouldn't. Open a directory window (click on your C drive from My computer); pull down the Tools menu, and select Folder Options. Click on the top tab marked View. You will see a box marked Advanced Settings. It should look something like this:
Take a look at the above screen shot under Advanced settings. You should see a folder marked “Hidden files and folders.” Now look at the radio button under it. Normally “Do not show hidden files and folders” is clicked by default; you want to show them. Click “Show hidden files and folders,” then click “apply,” and you're on your way.
Now you need to go to your users folders. You might even see a new users folders after you've made Windows show you the hidden ones. In each of these folders, look for another folder that says Application Data. Within the Application Data folder, look for a Google folder. The two malicious files I mentioned above should be in the Google folder.
Take these files and move them to your recycle bin. Now delete everything in your recycle bin. Make sure you're in safe mode when you do this, as I mentioned at the beginning, or else this won't work.
As a final step, I rebooted my system and ran a full scan with my Norton anti-virus software.
Next: How Does Symantec Respond? >>
More Web Hosting News Articles
More By Terri Wells
/ 6 
