Web Hosting News

  Home arrow Web Hosting News arrow Page 3 - An Old Trojan in New Clothing
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WEB HOSTING NEWS

An Old Trojan in New Clothing
By: Terri Wells
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 7
    2008-12-10

    Table of Contents:
  • An Old Trojan in New Clothing
  • It's a Trap!
  • Killing the Trojan
  • How Does Symantec Respond?
  • The Cat-and-Mouse Game

  • Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     

    SEARCH WEB HOSTERS

    TOOLS YOU CAN USE

    advertisement

    An Old Trojan in New Clothing - Killing the Trojan


    (Page 3 of 5 )

    I'm going to tell you what Phil and I did to remove this annoyance. I haven't been bugged by pop-up alerts or warning messages since. However, I can't guarantee that my computer isn't still infected; I plan to run some more checks. In the meantime, I'm including some links I suggest you follow for more information about this malware.

    Bill Mullins offers some good information about Perfect Defender in his blog and explains how to remove it, complete with links to software.

    Someone asked about this on Yahoo! Answers about a week ago; 11 people offered solutions.

    Spywarevoid provided a good description of how to remove Perfect Defender 2009 manually, complete with a list of which files to look for.

    The problem with spyware like Perfect Defender 2009 is that it's skilled at hiding itself in your system and, once it gets its hooks in, can be difficult to remove. I never downloaded anything at that site, though I did visit it – and it might have downloaded something automatically without my being aware of it. That said, in the next few paragraphs I'm going to explain the removal method that seems to have worked for me.

    First, we had to reboot my computer and start over in safe mode. As I have Microsoft Windows XP Home Edition, this involved hitting F8 as soon as I saw anything at all on my screen after telling my computer to reboot. There were a couple of things I had to highlight, but I'm going to assume that anyone reading this probably knows how to get their computer into safe mode.

    Next, we had to force my computer to display hidden files and folders. Windows doesn't display everything by default, in part as a safety measure; if users always had access to every file in the operating system, they might delete something they shouldn't. Open a directory window (click on your C drive from My computer); pull down the Tools menu, and select Folder Options. Click on the top tab marked View. You will see a box marked Advanced Settings. It should look something like this:

    Take a look at the above screen shot under Advanced settings. You should see a folder marked “Hidden files and folders.” Now look at the radio button under it. Normally “Do not show hidden files and folders” is clicked by default; you want to show them. Click “Show hidden files and folders,” then click “apply,” and you're on your way.

    Now you need to go to your users folders. You might even see a new users folders after you've made Windows show you the hidden ones. In each of these folders, look for another folder that says Application Data. Within the Application Data folder, look for a Google folder. The two malicious files I mentioned above should be in the Google folder.

    Take these files and move them to your recycle bin. Now delete everything in your recycle bin. Make sure you're in safe mode when you do this, as I mentioned at the beginning, or else this won't work.

    As a final step, I rebooted my system and ran a full scan with my Norton anti-virus software.

    More Web Hosting News Articles
    More By Terri Wells

    WEB HOSTING NEWS ARTICLES

    - FreedomPop Offering Open Wi-Fi Service
    - Go Daddy Goes to India
    - Netelligent, Savvis Add New Canadian Web Hos...
    - World IPv6 Launch Happens Today
    - IT Teams Struggle to Keep Pace with Malware
    - Lulz Security Hacks CIA, Takes Requests
    - Apple Unveils iCloud
    - Rackspace Introduces Cloud Load Balancers
    - Amazon Offers Cloud Drive, Disses Music Indu...
    - New Android.Pjapps Trojan
    - Copyright Fight over Hurt Locker Downloads I...
    - Data Reveals Many Browsers Remain Unpatched
    - PandaLabs Report - What Happens to Stolen In...
    - Safari Books Online Review
    - Hackers Targeting Human Rights Groups

    Developer Shed Affiliates

     




    © 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap