Options
Need help fast
Earlier today i installed the newest windows defender signatures.I run Vista Ultimate.Norton internet security 2008 on both this and a XP machine.Have used my Technet+ subscription tonight to no use.Defender comes upp with this message:SettingsModifier:Win32/PossibleHostFileHijack.
Norton does not se any problems.
Defender wont let me delete it.
Norton does not se any problems.
Defender wont let me delete it.
Working on 642-845ONT
Comments
-
Optionsjay47 Member Posts: 17 ■□□□□□□□□□just the defefender signature updates.could these be givving me a false positive?Have talked to MS.Took some time.No answer.Working on 642-845ONT
-
Optionsjay47 Member Posts: 17 ■□□□□□□□□□What a dramatic first post for me.I'm not often at a lost but i am now.Perhaps i have been attacked?On the 27 og February i saw in the log a portscan.I am starting to question my own abilities.I am nat'ing on one device.A fw on the next.I also use fw/av on all my machines.Working on 642-845ONT
-
Optionsjay47 Member Posts: 17 ■□□□□□□□□□Some more info:
Category:
Settings Modifier
Description:
This program has potentially unwanted behavior.
Advice:
Review the alert details to see why the software was detected. If you do not like how the software operates or if you do not recognize and trust the publisher, consider blocking or removing the software.
Resources:
file:
C:\Windows\winsxs\x86_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.0.6000.16386_none_024e4071fa6fea95\hosts
Working on 642-845ONT -
OptionsDanielHughes Member Posts: 54 ■■□□□□□□□□I had the same this morning No software has been installed etc for a few days, Defender has scanned since the last time I installed something new.
Description:
This program has potentially unwanted behavior.
Advice:
Permit this detected item only if you trust the program or the software publisher.
Resources:
file:
C:\Windows\system32\drivers\etc\hosts
Category:
Not Yet Classified
http://www.microsoft.com/security/portal/Entry.aspx?name=SettingsModifier%3aWin32%2fPossibleHostsFileHijack&threatid=1758608427027806866 -
Optionsjay47 Member Posts: 17 ■□□□□□□□□□The same link as the MS employee gave me.Did you fix it?Why fix it if there is nothing wrong?The first one i talked to said that i should dissable my antivirus.Got a good laught thereWorking on 642-845ONT
-
Optionsundomiel Member Posts: 2,818Have you checked your hosts file to see if there is anything worrisome in there? If not then I wouldn't worry about it.Jumping on the IT blogging band wagon -- http://www.jefferyland.com/
-
Optionsjay47 Member Posts: 17 ■□□□□□□□□□i find the whole file worrisome.havent worked much with windows since w2k.cisco guy now.can you help?do not like the winsxs file.sounds strange.Working on 642-845ONT
-
OptionsTalic Member Posts: 423Try a online scan? I'm a Cisco guy myself but I thought I would throw that out there.
Kaspersky and some others have online scanners. -
OptionsDanielHughes Member Posts: 54 ■■□□□□□□□□Have you checked your hosts file to see if there is anything worrisome in there? If not then I wouldn't worry about it.
There were only two entries. One was 127.0.0.1 Localhost, the other one was one of my client servers that I put there a while back for testing.
I figured it must have not been a real alert and have allowed it. Will keep you posted if something bad happens -
Optionsjay47 Member Posts: 17 ■□□□□□□□□□have to install active x and java.do not like thatWorking on 642-845ONT
-
Optionsjay47 Member Posts: 17 ■□□□□□□□□□i think there is a failure on the MS part with regards to the new signatures.One of the people i talked to also said it was not possible to run norton/symantec with defender.Working on 642-845ONT
-
Optionstiersten Member Posts: 4,505Can you put spaces into your Certifications list instead of periods? Its screwing up the formatting of your threads.
-
Optionsjay47 Member Posts: 17 ■□□□□□□□□□As i suspected.Faulty deffinitions from MS.New updates today and everyrhing is back to normal.Working on 642-845ONT
-
OptionsAndretii Member Posts: 210Up all morning for this lolXBL: Andretii
"I have 16 Millions different ways of pinging myself. Sounded kind of dirty but that's not how I meant it." J. Conrad
Working on:
VCP4 » 0%
LPIC-1 » 0% -
Optionstiersten Member Posts: 4,505As i suspected.Faulty deffinitions from MS.New updates today and everyrhing is back to normal.