Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

My Security Shield removal worries


  • Please log in to reply
5 replies to this topic

#1 osonewatthis

osonewatthis

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 06 February 2011 - 12:28 PM

Hi all. I have been infected with My Security Shield and my head is bloody from pounding it against the desk! I have gone through steps 1 through 17 of bleepingcomputer's Remove My Security Shield (Uninstall Guide) but I am terrified to delete my Host files! Forgive my computer ignorance but I never backed up my computer before (I can hear your sighing). Is it okay to back up the pics, music, Word files etc before I delete? How do I go about getting back Word? If I delete the Host files, will I have a screen to get back to your site to download Windows 7? I am worried I will end up in that black screen at the beginning of the startup and never get beyond it. I am so new at this, I need some help to talk me off the ledge!
Thanks in advance

Edited by Orange Blossom, 06 February 2011 - 12:50 PM.
Move to AII. ~ OB


BC AdBot (Login to Remove)

 


#2 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:08:25 AM

Posted 06 February 2011 - 01:22 PM

Hi there,
You're not talking about reformating and reinstalling, are you? Because if you are, then that's unnecessary to do for a rogue. In my opinion, no one should go that route unless all other possibilities are exhausted. Just follow the instructions on the page, and yes it is possible for you to back everything up. Don't worry about that. Rogues don't transfer from one file to the other. They do not infect files, in other words. and don't worry about not being able to get beyond the black screen. That's very rare, and usually you can with a little bit of work using a bootable disc that will allow you to return to your desktop, remove the rest of the infection. And deleting your host files is really not a problem. You can use something like hostsman or host's expert to automatically reconfigure those files for you. You don't have to touch them! Don't make things harder than they have to be by doing unnecessary reinstalls of the operating system.

Chromebuster

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#3 osonewatthis

osonewatthis
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 06 February 2011 - 02:30 PM

Gosh, I am so bad at this. Step 18 on the bleepingcomputer's Remove My Security Shield (Uninstall Guide)says to delete the C:\windows\System32\Drivers\etc\HOSTS. Is that what you mean by reformatting and reinstalling? If they are the same things, should I still do it? I'm not trying to question the experts, just be clear if I have to do this, it seems like serious business.
Thank you for telling me I can back up my files. Whew, on that one!
Is the MSS virus a rogue? My computer terminology is lacking.
Do I need to make a bootable disk and if so, how do I make one or do I buy one?
I went to the hostsman site and don't quite understand...well, any of it.
Please forgive my lack of knowledge.
Thank you for answering me Chromebuster.

#4 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:08:25 AM

Posted 06 February 2011 - 04:11 PM

No problem at all! Gosh, don't worry about your lack of knowledge. We're here to help folks like you get better. And one thing I'll tell you, is if the guide says to delete the hosts file, do it. It means that the file is damaged. I'll explain the meaning of the hosts file for you. The hosts file is what Windows uses to determine what web sites are allowed to be accessed, and when it is altered, that effectively blocks access to certain sites. The only line you should see in the hosts file is 127.0.0.1, and anything else, for instance, google.com, eset.com, or kaspersky.com, if those are shown in the file, with numeric values (called IP addresses, how a computer is able to find it's way to other computers) preceding them, then that explains why you can't get into the internet. And no that is not the same as reinstalling the operating system. Reinstalling is when the hard drive is completely wiped clean, nothing left, and then you start fresh. You do not need to do that. Just follow the guide, and you'll be fine. Yes, My Security Shield is a rogue. In other words, all of the alerts you saw, I hope you did not heed them, as they are all fake, and the chances are very, very good that the files flagged as infections are either placed there by the rogue itself, or that they are legitimate Windows files that can cause havoc if deleted or damaged in any way. You do not need a bootable CD in this case. That is only if your computer cannot boot or something like that, and if you're on step 18 of the guide, obviously, you're not having that problem. One thing that is important to remember is that rogues often come from fake online scanning web sites, but the scanners are nothing but ads that tell you your computer is infected so that you'll give them more hits, and if you didn't have a community like us to explain it to you, you'd probably be off buying the rogue and falling for the scam. But we don't let our members do that here. We save member's computers. I'll go the hostman's site too, look it up, and I'll try to explain it to you in easier terms if you'd like. They probably use terms that they expect everyone to understand. It's all right, and you're doing fine. If you've run malwareBytes, you've probably got the darned thing half way out of there. Good luck, and please let me know if you need anything else. I'm delighted to help!

Chromebuster

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge


#5 osonewatthis

osonewatthis
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:25 AM

Posted 09 February 2011 - 12:27 PM

May I take this moment to thank Chromebuster very much for your help. My computer is up and running with no wear I can see so far. I would never have been brave enough to do it without you. Thank you for your kindness, it may seem like nothing to you but it was the gift of bravery for me.

#6 chromebuster

chromebuster

  • Members
  • 899 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:the crazy city of Boston, In the North East reaches of New England
  • Local time:08:25 AM

Posted 09 February 2011 - 01:39 PM

Good! And you're very welcome! just remember that any time you run into an issue, I'm always watching out for potential issues like this. Rogues, I can't say I've ever had one on my computer thank God, but I've been known to help people remove them. My friend had one, and after watching her lose the fight with it, I decided that I'd never allow people to have unsolved computer problems on my watch again. I'm very glad that your issue free now. If you have anything else though, I'll probably be roaming around here, and so chances are very good that I'll see it. I'm glad I was able to help!

Chromebuster

The AccessCop Network is just me and my crew. 

Some call me The Queen of Cambridge





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users