Hosts file changes not detected by Symantec Antivirus
Updated: 29 Sep 2009 | 1 comment
Please help.
The antivirus would need to record a log of the change that takes place at the hosts file (c:\windows\system32\drivers\etc). Because this can be hacked and be used by unauthorized persons.
And the Symantec antivirus should identify these changes to the file.
THKS.
Comments
Try this..?
I'm wondering if as a temporary stopgap you can set the read-only flag on the HOSTS file. I agree that SAV/SEP should monitor this file however programs that make HOSTS file changes are generally malware that is infecting the PC. If you have malware infecting the PC then SAV/SEP has already failed.
Would you like to reply?
Login or Register to post your comment.