Peaches Posted March 12, 2009 Report Share Posted March 12, 2009 Windows Defender: False alarm triggered by hosts file Since Monday evening, Microsoft's Windows Defender spyware detection software has mistakenly raised the Win32/PossibleHostsFileHijack alarm on some clean PCs. According to Microsoft, the error is caused by a flawed signature deployed via automatic update on Monday. Another signature update has now been issued to solve the problem. In our German partners' editorial offices, the erroneous behaviour has so far only affected a few Windows Vista systems. The exact conditions that trigger the false alarm are still unclear. According to Microsoft, the problem is caused by the hosts file. Windows uses this file for the static name resolution between computer names and IP addresses and many malware samples target it for manipulating network traffic. Users are advised to ignore the warning and update the signature database of Windows Defender via the Windows Update feature. Those who have put the alleged intruder into quarantine, or even deleted it, should use the Notepad text editor to at least create a minimal hosts file consisting of the following two lines:127.0.0.1 localhost::1 localhostHeise security - http://www.h-online.com/security/Windows-D...e--/news/112814>>>>>>>>>>>>>>>>>>> Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.