Why does Symantec (Norton 2007) detect a possible malicious entry in the HOSTS file?
“A malicious entry in your hosts files could prevent LiveUpdate from retrieving updates for your Symantec products, including anti-virus updates. Generally, Symantec LiveUpdate server entries should not appear in your Windows hosts files. Update has detected a potential security compromise on your computer: one or more entries should not appear in your Windows hosts files.” Lists the address ‘om.symantec.com’ as being in the hosts file and ask what action to perform: Click the drop-down arrow and select option #2 (highlighted in bold below) 1.Leave the entry in the hosts file (warn me about them later) 2.Leave the entry in the hosts file (do not warn me about them later) 3.Remove the entry from the hosts file (Recommended) om.symantec.com is really an alias for symanteccom.112.2o7.net (Omniture is a 3rd party data miner) oms.symantec.com is really an alias for symantec.com.102.112.2o7.net (from Norton SafeWeb) These entries do not affect LiveUpdate. See screenshot here – and for more d
