Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unable to delete HOSTS file


  • Please log in to reply
No replies to this topic

#1 CyclingStone

CyclingStone

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:52 AM

Posted 05 May 2010 - 02:56 PM

Hello all,

The "My Security Engine" infection took place in a laptop running XP SP2. I was able to complete all steps in the guide except #18, the deletion of the C:\windows\system32\drivers\etc\hosts file. The batch HOSTSperm.bat failed to make HOSTS accessible, as did I when I attempted to use the ATTRIB command manually. I tried it in safe mode w/command prompt, always getting the "access denied" message even after I terminated all the tasks that Task Manager allowed me to kill. I also tried disabling Microsoft Security Essentials and Windows' built-in firewall. The attributes of this file remain as +S +H +R no matter what I do. I am only allowed to EDIT the file (and can see the IP addresses placed there by "My Security Engine"), but needless to say there is no possibility of modifying it. My goal is to restore the laptop to its original state and save myself the trouble of reinstalling windows.

(1) Is there another way to delete HOSTS?
(2) Is my infected HOSTS file dangerous even after successfully completing all previous steps?
(3) Does Microsoft Security Essentials protect my laptop against "My Security Engine"?

Thanks in advance!

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users