Friends, I opened an email from some name I tought was familiar. Immediately I did, an application called Security Shield quickly installed itself, scanned my laptop and claimed to have detected many very harmful viruses, etc. which must be removed! I was then offered to pay $79 online to purchase the application for my laptop; I declined becos I did not choose to buy it; I already have an antivirus running on my latop. I feel people are trying to force money from me online. This has been a real nuissance! It is preventing me from smooth use of my laptop. How do I get rid of it and have some peace of mind? Thanks.
Onthelimit! thanks for sending the solution to the attack. I have successfully performed the automated removal instructions right up to instruction 17. However, I seem to be stuck at instruction 18. I deleted the old hosts file as per the path in the instruction. My OS is Vista so I clicked on the second list given in instruction 18, but the contents of the default hosts file opened up in the browser. Then as directed, I right clicked the same link and clicked "Save Target As" to download the default hosts file. I browsed to C:\Windows\System32\Drivers\etc folder to save hosts file in but the following error message popped up:
You dont have permission to save in this location. Contact the administrator to obtain permission. Would you like to save in the Prosperity folder instead? Y/N
What could have gone wrong? I am the sole user of the laptop which connects to the internet through an ISP. Is the Prosperity user not also the administrator on Vista pcs? Thanks.
Thanks for suggestion to wait and see if someone else has an idea as to how to handle the problem in my last post. I'll sure wait.
One more thing, onthelimit. After removing "My Security Shield" from my laptop I see that a message appears in the bottom right corner of my screen each time I start the laptop saying:
"Windows has blocked some startup programs.
Windows blocks programs that require permission
to run when Windows starts"
I am not used to that appearing each time I start my laptop, but before I do anything foolish and maybe mess up again I'd like to ask for your opinion: How do I address/fix this message? Thanx.
Yes, I did open it up and found there are many programs that require permission to run when Windows starts. Almost all of them are classified as "permitted" programs except the following which are not yet classified.
1. LightScribe (from HP) which is "Not yet classified,
2. hppusg (from unavailable publisher) which is "Not yet classified".
Beneath the table of programs there is an option to Remove/Disable/Enable whichever is selected.
I really can't figure out what to do with all this. Pls help. Thanks.
Thanks, but I keep wondering, ................... what could be the consequences of having the C:\Windows\System32\Drivers\etc\HOSTS file deleted from my laptop? I'm using it after cleaning off the "My Security Shield" threat. Remember, I have no permission to save the default HOSTS file in the above folder even though I was allowed to delete the exixting one and I am the PROSPERITY (administrator) user of my Vista OS laptop.
I have used the "Fix it for me" option twice to reset the "hosts" file to default automatically but it didn't work. Even though the process went through, I found that the default "hosts" file has not been restored into the C:\Windows\System32\drivers\etc folder. I thought I must then use the "Let me fix it myself" option, but I notice that option assumes the "hosts" file changed by "My Security Shield" is still in the above folder which is not the case because I had to delete it when cleaning the threat the other day, remember? In any case, is %systemroot%\system32\drivers\etc the same as C:\Windows\System32\drivers\etc? If they're same, then I can use the "Let me fix it myself" option to reset the "hosts" file back to default. What do you think? Remember I had to delete the file earlier on. Thanks.
How do I do this?
onthelimit, I've done something as follows:
1. Set a restore point.
2. Looked for the deleted "hosts" file in the recycle bin and restored it to the "etc" folder.
3. Ran the "Fix it for me" option given in the "How do I reset the hosts file back to the default?" article you gave me, in order to reset the deleted and restored hosts file back to the default automatically. The laptop reported it processed.
4. I checked to verify this by going into the "etc" folder. I found that the "hosts" file which I'd put back in there from the recycle bin has been renamed as "hosts.old" and dated the same as the other 4 files that had remained after deleting the "hosts"file.
I'd like to believe the jod is now complete. Let me know if you think otherwise. Thanks.
Yes indeed, I'll use it and see what happens. Do you know how a pc behaves when it has no "hosts" file in the C:\\Windows\System 32\drivers\etc folder? Please share with me. Thanks.
"Do you know how a pc behaves when it has no "hosts" file in the C:\\Windows\System 32\drivers\"
Windows will automatically create a new hosts file.
This thread is now locked and can not be replied to.