All Discussions > Steam Forums > Steam Discussions > Topic Details
This topic has been locked
0x57A1CFA117 Jul 29, 2020 @ 9:15am
Uhm. Valve, care to explain yourself?
While trapsing through my event log to track down a virtualization issue (completely unrelated since I'm running Steam outside of virtualization) I came across these little gems in my event viewer:

Error 7/28/2020 11:41:24 PM Service Control Manager 7000 None
The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error 7/28/2020 11:41:24 PM Service Control Manager 7009 None
A timeout was reached (600000 milliseconds) while waiting for the Steam Client Service service to connect.

Warning 7/28/2020 11:41:24 PM Microsoft Antimalware 1116 None
Microsoft Antimalware has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SettingsModifier:Win32/HostsFileHijack&threatid=265754&enterprise=0
Name: SettingsModifier:Win32/HostsFileHijack
ID: 265754
Severity: Severe
Category: Settings Modifier
Path: file:_C:\Windows\system32\drivers\etc\hosts
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: Real-Time Protection
User: <redacted>
Process Name: C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
Signature Version: AV: 1.321.49.0, AS: 1.321.49.0, NIS: 119.0.0.0
Engine Version: AM: 1.1.17300.4, NIS: 2.1.14600.4

Why are you trying to make static A record DNS changes (especially if they're supposed to resolve -correctly- anyway)?? And even better yet, why does your Chrome Embedded Framework have the ability to be told to attempt making these kinds of changes? Yeah... that seems... dangerous?
Last edited by 0x57A1CFA117; Jul 29, 2020 @ 9:17am

Something went wrong while displaying this content. Refresh

Error Reference: Community_9734361_
Loading CSS chunk 7561 failed.
(error: https://community.cloudflare.steamstatic.com/public/css/applications/community/communityawardsapp.css?contenthash=789dd1fbdb6c6b5c773d)
< 1 2 >
Showing 1-15 of 25 comments
happy Jul 29, 2020 @ 9:32am 
hurrdurr steam bad why you do this and that, im expert on this and know all.
#1
ShelLuser Jul 29, 2020 @ 10:18am 
They're not trying to make DNS changes, that's utterly ridiculous because your Windows client doesn't run a DNS server instance. This also makes the error message dubious at best because the hosts file is not a substitute. (edit): "sorta" :)

Better yet: because this file is hosted on your system drive and within the Windows system directory no regular processes can change this. It wouldn't even be caught by any protection services because the request in its entirety would fail in the first place.

So assuming this is a legit log entry (which I kind of doubt) I can't help wonder: why on earth are you running the Steam client process elevated in the first place? In other words: with admin privileges?

Because this is not the default behavior; everyone who has installed a game will know this: at some point you can get a notification that you need to elevate things ('become administrator'). If the Steam client process already had these privileges then they would have been inherited by the installation process. They're not.

Ergo... your post makes little sense, at least not to me.
Last edited by ShelLuser; Jul 29, 2020 @ 10:21am
#2
cinedine Jul 29, 2020 @ 10:29am 
Steam doesn't change or append anything to the hosts file. Looks more like you have another issue on your machine.
#3
Psycho Jul 29, 2020 @ 11:35am 
Wish I was smart enough to know what ANY of this stuff meant
#4
nikola_369 Jul 29, 2020 @ 11:48am 
Originally posted by Mike:
Wish I was smart enough to know what ANY of this stuff meant
Me too pal, me too.
#5
Nx Machina Jul 29, 2020 @ 11:49am 
False positive, report to Microsoft.

https://www.bleepingcomputer.com/forums/t/726952/threat-detected-settingsmodifierwin32hostsfilehijack/
#6
Xautos Jul 29, 2020 @ 12:31pm 
Originally posted by Mike:
Wish I was smart enough to know what ANY of this stuff meant

I also haven't much of a clue either and based on what i could make about anti-malware and the rest of it? i suspected it was also a false positive as well, considering Valve doesn't and will never put harmful worms, viruses, rootkits and other of those nasties in their programmes including the steam drm service. That seemed obvious before the question was asked by the OP.
#7
Satoru Jul 29, 2020 @ 12:44pm 
Originally posted by Mike:
Wish I was smart enough to know what ANY of this stuff meant

It’s ok not to know something. I know a lot about computers, but I don't know how my car works, where the oil goes or what a carburetor is. You cant know everything.

It’s not ok to not know something but then be all high and mighty in your ignorance like the OP. Especially saying utter nonsense like "making a static A record" when talking about a local hosts file is like laughable beyond recognition
Last edited by Spawn of Totoro; Jul 29, 2020 @ 4:03pm
#8
cinedine Jul 29, 2020 @ 1:01pm 
Originally posted by Mike:
Wish I was smart enough to know what ANY of this stuff meant

DNS: Domain Name System. Basically the thing that lets you type in steampowered.com and then resolves it into the IP adress. Think of it as the connection between "Aunt Maggie" in your phone book and the actual number that is dialed.

The hosts file is somewhat klike a list of these custom phone book entries. For example if you constantly find yourself mispelling googel.com you can use an alias to point to right address.
The dangerous part is in malware placing a redirect in this file so instead of steampowered.com you will land at myscamsite.org.

Chrome Embedded Framework - actually ChromIUM EF, the codebase behind the client which handles all the browser-based stuff. Most famously used by the Chrome web browser.

The whole last paragraph of the OP is pretty much "I just learned a few words that I now throw around" and is entirely pointless.
#9
Judgmental Amaterasu Jul 29, 2020 @ 2:34pm 
OP out here trying to deep dive Valve while the notion of a false positive from MICROSOFT ANTIMALWARE doesn't even cross their mind.
#10
rawWwRrr Jul 29, 2020 @ 3:27pm 
Odd how my event log goes back to March 5, 2020 and there are no MS Antimalware events for Steam.
#11
cinedine Jul 29, 2020 @ 3:58pm 
Originally posted by rawWwRrr:
Odd how my event log goes back to March 5, 2020 and there are no MS Antimalware events for Steam.

Even better:
if you check your hosts, you will see there are no changes (you didn't make).
#12
{ИЯm} Keith Jul 29, 2020 @ 3:59pm 
Originally posted by Satoru:
Originally posted by Mike:
Wish I was smart enough to know what ANY of this stuff meant

It’s ok not to know something. I know a lot about computers, but I don't know how my car works, where the oil goes or what a carburetor is. You cant know everything.

It’s not ok to not know something but then be all high and mighty in your ignorance like the OP. Especially saying utter nonsense like "making a static A record" when talking about a local hosts file is like laughable beyond recognition

You probably don't have a Carburetor unless you have a classic car. The oil goes where the oil goes. It works on the principle of "suck" "squeeze" "bang" "blow" or 4-stroke.

The OP is looking at the event viewer. Timeouts and failure to start / stop aren't really a big deal. It happens, and unless it keeps happening who cares. Virus scanners do false positive. It's a thing.
I generally like to actually find the targeted file itself. Check that it's in the correct location for that file and that Details tab is populated with legit information.

Not sure where OP found "chrome embedded framework"
Last edited by Spawn of Totoro; Jul 29, 2020 @ 4:03pm
#13
Mr. Bitches Jul 29, 2020 @ 7:40pm 
Here's your problem





Microsoft anti-malware sucks ass
#14
cinedine Jul 29, 2020 @ 11:06pm 
Originally posted by Honky-tonk Tabby:
Here's your problem





Microsoft anti-malware sucks ass

Except it doesn't.
If you bother to install the updates it is one of the best free products out there - because it doesn't behave like malware/PUP itself like certain anti-virus programs who think its a good idea to silently install a browser that phones home or bomard you with nag screens telling you how insecure your machine is because it "leaks" its IP and shows you a city on the other end of the country as proof ...

... seriously, Windows Defender Suite is just fine.
#15
< 1 2 >
Showing 1-15 of 25 comments
Per page: 1530 50

All Discussions > Steam Forums > Steam Discussions > Topic Details
Date Posted: Jul 29, 2020 @ 9:15am
Posts: 25
Start a New Discussion

Discussions Rules and Guidelines