Hi Everyone,
Yesterday, I ran a complete system scan with AVG free Version 7.5.432 & it said that everything was fine, except that it noted that there was a change to the hosts (Object Result Status
C:\WINDOWS\system32\drivers\etc\hosts Change Changed). I have pasted a copy of the report below, along with the report from last month which had no such note.
A few days ago, I did download a "test" from http://www.greenborder.com/ at http://www.greenborder.com/test/ & AVG identified it as a trojan, I just moved it to the virus vault and deleted it. I know it probably was not a trojan, but I just deleted it anyway. I also recently upgraded to the new Zone alarm Free 7.0.302.000 but I think I did the AVG full scan before installing the new ZA.
Is this anything to be alarmed about ? I would appreciate any advice or comments. I'm running Windows XP Media Center Version 2002 SP2. I'm also running Zone Alarm Free, Windows defender, and I scan periodically with AVG anti-spyware, spybot, and a-squared free.
Thanks
John
AVG Report from yesterday 1/19/2007
tem Name Item Value
General properties
Report name Complete Test
Start time 1/19/2007 3:50:44 PM
End time 1/19/2007 4:00:26 PM (total: 9:41.9 Min)
Launch method Scanning launched manually
Scanning result No threats found
Report status Scanning completed successfully
Object summary
Scanned 17241
Threats Found 0
Cleaned 0
Moved to vault 0
Deleted 0
Errors 0
Object Result Status
C:\WINDOWS\system32\drivers\etc\hosts Change Changed
AVG Report from 12/28/06
tem Name Item Value
General properties
Report name Complete Test
Start time 12/28/2006 11:44:00 PM
End time 12/28/2006 11:54:18 PM (total: 10:17.3 Min)
Launch method Scanning launched manually
Scanning result No threats found
Report status Scanning completed successfully
Object summary
Scanned 17240
Threats Found 0
Cleaned 0
Moved to vault 0
Deleted 0
Errors 0
Hi john2005...I'd say all is well. You can locate the Hosts file and open it in Notepad to make sure there is nothing amiss. A typical site block would look like this:
127.0.0.1 www.symantec.com
That blocks access to the Symantec site.
The Hosts file can also be used for malicious redirects (i.e. using a different IP address than that which corresponds to the URL). However, that would be obvious when you tried to access a site and were redirected.
127.0.0.1 www.symantec.com
That blocks access to the Symantec site.
The Hosts file can also be used for malicious redirects (i.e. using a different IP address than that which corresponds to the URL). However, that would be obvious when you tried to access a site and were redirected.
Hi HKEd,
Thanks for your reply.
John
Hi john2005...I'd say all is well. You can locate the Hosts file and open it in Notepad to make sure there is nothing amiss. A typical site block would look like this:
127.0.0.1 www.symantec.com
That blocks access to the Symantec site.
The Hosts file can also be used for malicious redirects (i.e. using a different IP address than that which corresponds to the URL). However, that would be obvious when you tried to access a site and were redirected.
Thanks for your reply.
John
QUOTE(HKEd @ Jan 20 2007, 09:53 PM) 
Hi john2005...I'd say all is well. You can locate the Hosts file and open it in Notepad to make sure there is nothing amiss. A typical site block would look like this:
127.0.0.1 www.symantec.com
That blocks access to the Symantec site.
The Hosts file can also be used for malicious redirects (i.e. using a different IP address than that which corresponds to the URL). However, that would be obvious when you tried to access a site and were redirected.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.