Jump to content

Malwarebytes false positive on window's hosts file?

Theminecraftaddict555
By Theminecraftaddict555
in Windows
 Share
Go to solution Solved by vanished,
2 minutes ago, Theminecraftaddict555 said:

So I checked the etc folder and I had two host files...One host file that was the previous one that was blank and renamed to something else and one that is named "hosts"...The hosts file contained a note pad full of information I copied from the official microsoft website in order to restore my hosts file, which again was blank therefore needed to be restored...

 

The information on my notepad:

https://support.microsoft.com/en-us/kb/972034 (look at windows 7)

Well of that's all that's in there it must be a false positive, but you could try humouring your AV and let it quarantine the file, and then just restore it/make a new one again

Posted

Just a screenshot showing this: http://imgur.com/wdpdsPC

 

I recently just restored my host file with an approved method by Microsoft themselves since my previous host file showed nothing on it...Hopefully its just a false positive?

 

#Paranoiaplshelp

Don't call me a nerd, it makes me look slightly smarter than you

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

It may have noticed a bad line that redirects you from some URL to that of a malicious URL 

Solve your own audio issues  |  First Steps with RPi 3  |  Humidity & Condensation  |  Sleep & Hibernation  |  Overclocking RAM  |  Making Backups  |  Displays  |  4K / 8K / 16K / etc.  |  Do I need 80+ Platinum?

If you can read this you're using the wrong theme.  You can change it at the bottom.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
1 minute ago, Ryan_Vickers said:

It may have noticed a bad line that redirects you from some URL to that of a malicious URL 

So false positive?

Don't call me a nerd, it makes me look slightly smarter than you

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
2 minutes ago, Theminecraftaddict555 said:

So false positive?

Well, no, not if it's what I said, but it could be a false positive... can't you just open it and check?  It's just a text file after all

Solve your own audio issues  |  First Steps with RPi 3  |  Humidity & Condensation  |  Sleep & Hibernation  |  Overclocking RAM  |  Making Backups  |  Displays  |  4K / 8K / 16K / etc.  |  Do I need 80+ Platinum?

If you can read this you're using the wrong theme.  You can change it at the bottom.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
3 minutes ago, Ryan_Vickers said:

Well, no, not if it's what I said, but it could be a false positive... can't you just open it and check?  It's just a text file after all

But, effort required....

[Out-of-date] Want to learn how to make your own custom Windows 10 image?

 

Desktop: AMD R9 3900X | ASUS ROG Strix X570-F | Radeon RX 5700 XT | EVGA GTX 1080 SC | 32GB Trident Z Neo 3600MHz | 1TB 970 EVO | 256GB 840 EVO | 960GB Corsair Force LE | EVGA G2 850W | Phanteks P400S

Laptop: Intel M-5Y10c | Intel HD Graphics | 8GB RAM | 250GB Micron SSD | Asus UX305FA

Server 01: Intel Xeon D 1541 | ASRock Rack D1541D4I-2L2T | 32GB Hynix ECC DDR4 | 4x8TB Western Digital HDDs | 32TB Raw 16TB Usable

Server 02: Intel i7 7700K | Gigabye Z170N Gaming5 | 16GB Trident Z 3200MHz

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
2 minutes ago, Ryan_Vickers said:

Well, no, not if it's what I said, but it could be a false positive... can't you just open it and check?  It's just a text file after all

So I checked the etc folder and I had two host files...One host file that was the previous one that was blank and renamed to something else and one that is named "hosts"...The hosts file contained a note pad full of information I copied from the official microsoft website in order to restore my hosts file, which again was blank therefore needed to be restored...

 

The information on my notepad:

https://support.microsoft.com/en-us/kb/972034 (look at windows 7)

Don't call me a nerd, it makes me look slightly smarter than you

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Solution
2 minutes ago, Theminecraftaddict555 said:

So I checked the etc folder and I had two host files...One host file that was the previous one that was blank and renamed to something else and one that is named "hosts"...The hosts file contained a note pad full of information I copied from the official microsoft website in order to restore my hosts file, which again was blank therefore needed to be restored...

 

The information on my notepad:

https://support.microsoft.com/en-us/kb/972034 (look at windows 7)

Well of that's all that's in there it must be a false positive, but you could try humouring your AV and let it quarantine the file, and then just restore it/make a new one again

Solve your own audio issues  |  First Steps with RPi 3  |  Humidity & Condensation  |  Sleep & Hibernation  |  Overclocking RAM  |  Making Backups  |  Displays  |  4K / 8K / 16K / etc.  |  Do I need 80+ Platinum?

If you can read this you're using the wrong theme.  You can change it at the bottom.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
4 minutes ago, Theminecraftaddict555 said:

So I checked the etc folder and I had two host files...One host file that was the previous one that was blank and renamed to something else and one that is named "hosts"...The hosts file contained a note pad full of information I copied from the official microsoft website in order to restore my hosts file, which again was blank therefore needed to be restored...

 

The information on my notepad:

https://support.microsoft.com/en-us/kb/972034 (look at windows 7)

If every line has the #, then it is effectively empty as each line is commented out. By the way, you do understand the purpose of the host file right?

[Out-of-date] Want to learn how to make your own custom Windows 10 image?

 

Desktop: AMD R9 3900X | ASUS ROG Strix X570-F | Radeon RX 5700 XT | EVGA GTX 1080 SC | 32GB Trident Z Neo 3600MHz | 1TB 970 EVO | 256GB 840 EVO | 960GB Corsair Force LE | EVGA G2 850W | Phanteks P400S

Laptop: Intel M-5Y10c | Intel HD Graphics | 8GB RAM | 250GB Micron SSD | Asus UX305FA

Server 01: Intel Xeon D 1541 | ASRock Rack D1541D4I-2L2T | 32GB Hynix ECC DDR4 | 4x8TB Western Digital HDDs | 32TB Raw 16TB Usable

Server 02: Intel i7 7700K | Gigabye Z170N Gaming5 | 16GB Trident Z 3200MHz

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
4 minutes ago, Ryan_Vickers said:

Well of that's all that's in there it must be a false positive, but you could try humouring your AV and let it quarantine the file, and then just restore it/make a new one again

Since its just most likely a false positive, since I created that file from advice of the official microsoft website..Then there should be nothing else to do then to just look at it as a false positive....Thanks for your help on my paranoia

5 minutes ago, DeadEyePsycho said:

If every line has the #, then it is effectively empty as each line is commented out. By the way, you do understand the purpose of the host file right?

I would like a brief summary on the host file...But to specify my previous host file, it was entirely blank empty so I had to restore it with microsoft's method 

Don't call me a nerd, it makes me look slightly smarter than you

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
7 hours ago, Theminecraftaddict555 said:

Since its just most likely a false positive, since I created that file from advice of the official microsoft website..Then there should be nothing else to do then to just look at it as a false positive....Thanks for your help on my paranoia

I would like a brief summary on the host file...But to specify my previous host file, it was entirely blank empty so I had to restore it with microsoft's method 

Yes, every line with a # is a comment so you only need the 1 or two lines that mention "localhost".  The point of this file is to map one IP address or URL to another.

Solve your own audio issues  |  First Steps with RPi 3  |  Humidity & Condensation  |  Sleep & Hibernation  |  Overclocking RAM  |  Making Backups  |  Displays  |  4K / 8K / 16K / etc.  |  Do I need 80+ Platinum?

If you can read this you're using the wrong theme.  You can change it at the bottom.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Windows

×