Jump to content
  • Announcements

    • Rodion Nagornov

      Долгое сохранение сообщений || Delays while posting   09/20/2017

      По техническим причинам возможно визуально долгое отправление сообщений на форуме. Фактически ваше сообщение публикуется мгновенно - долго отрабатывает графика. В случае подобной ситуации, пожалуйста, сначала обновите страницу (F5) и проверьте, появилось ли ваше сообщение. Не пытайтесь сразу отправить его заново.  || Due to some technical reasons visual delays are possible while message sending. Actually your message is published immediately - just interface works long. In such case, please, do not re-send your message immediately! Press F5 to reload the page and check if your message/topic is published.
mfn

KIS 2012 Now Detects mvps Hosts File as a Trojan

Recommended Posts

richbuff   

Welcome. Good question. If the Hosts file is modified, this Generic detection can happen. Why suddenly today. when the last time this issue came up was a while ago? Maybe because new detection thingies were added.

 

Spybot is modifying your Hosts file. Not to worry.

 

Anyway, please uninstall Spybot > reboot, then revert to the default host file: http://support.microsoft.com/kb/972034 You should be all good after that.

 

Name of Mystery unopenable program?

Share this post


Link to post
Share on other sites
nyderic   
The problem has been, finally, solved.

 

You're acting like it took them 5 years to fix it... :rolleyes:

 

You're right though, they fixed it. I'm using the modified version from Spybot Search & Destroy again.

Edited by richbuff
Or 510 204.08 years? Anyway, Closed as Fixed.

Share this post


Link to post
Share on other sites

 

 

I may get yelled at for posting this but as I still have this issue occurring then I still need a fix. KIS 2011 is still deleting/disinfecting Host file whenever I try to replace it.

 

The last thread about this issue said it was solved and closed the topic but as of posting this I still have the problem recurring each time I replace the host file. I keep the

 

downloaded copy from http://winhelp2002.mvps.org/hostswin7.htm on a flash drive and turn off KIS whilst I copy and paste the host file to replace the one KIS wipes out each time.

 

I then reboot and as soon as I go onto Google KIS detects it and removes it, it doesn't even ask for a preferred way to deal with it.

 

It is now deleting it before I log onto the net and doesn't even inform me of a detection, I have to search the detailed report to find what it's done. I've tried to put it under exceptions, no luck there

 

it just ignores any attempt to bypass the Host file.

 

So no, this has not been solved for everyone, maybe those with current 2013 KIS, I updated twice in the last couple of hours and still this issue persists.

 

Doop

Share this post


Link to post
Share on other sites
alex5723   
I may get yelled at for posting this but as I still have this issue occurring then I still need a fix. KIS 2011 is still deleting/disinfecting Host file whenever I try to replace it.

 

The last thread about this issue said it was solved and closed the topic but as of posting this I still have the problem recurring each time I replace the host file. I keep the

 

downloaded copy from http://winhelp2002.mvps.org/hostswin7.htm on a flash drive and turn off KIS whilst I copy and paste the host file to replace the one KIS wipes out each time.

 

I then reboot and as soon as I go onto Google KIS detects it and removes it, it doesn't even ask for a preferred way to deal with it.

 

It is now deleting it before I log onto the net and doesn't even inform me of a detection, I have to search the detailed report to find what it's done. I've tried to put it under exceptions, no luck there

 

it just ignores any attempt to bypass the Host file.

 

So no, this has not been solved for everyone, maybe those with current 2013 KIS, I updated twice in the last couple of hours and still this issue persists.

 

Doop

 

+1

 

I too don't understand why the topic has been closed. Nothing has been solved, and Kaspersky's inserted lines are a joke for those who need blocking sites via the HOSTS file.

I use KAV 2013.

Share this post


Link to post
Share on other sites
tradnav   

Using KIS 2013 here. Yesterday morning KIS 2013 hit on the MVPS Hosts file on my laptop and disinfected it. However, I noticed that it did not hit on my desktop. Being curious as to why I noticed that my desktop had the MVPS Hosts of 9 January - I had forgotten to update it. So the problem lies with the 25 February version.

 

I have just visited mvps.org to d/l and replace the one on my laptop. Couldn't - Kasperky hits on that and stops it in its tracks. I have now replaced the laptop one with the 9 January version and all is well - Kaspersky doesn't see anything wrong with it.

 

Not the answer of course but it will do until Kaspersky gets it sorted. These are the only Hosts on my PC's - I do not have Spybot .

Edited by tradnav

Share this post


Link to post
Share on other sites
KURSKS   
The problem has been, finally, solved.

 

At least in KIS 2013 with both Spybot modified HOSTS and MVPS HOSTS.

 

Update databases and reboot your system.

 

Regards.

Edited by Darkness Knight

Share this post


Link to post
Share on other sites
tradnav   
At least in KIS 2013 with both Spybot modified HOSTS and MVPS HOSTS.

 

Update databases and reboot your system.

 

Regards.

 

Gracias Darkness Knight. Had tried that earlier and it didn't work but just updated databases/rebooted and all working well.

 

Much obliged, thanks.

 

 

 

Share this post


Link to post
Share on other sites
KURSKS   
Please update databases > reboot. Any better?

 

You´re welcome... but it´s richbuff´s advice.

 

After important changes/modifications it´s always a good idea to reboot the system.

 

Glad you´ve solved your problem. Your nightmare has ended :laugh3:

 

Regards.

Edited by Darkness Knight

Share this post


Link to post
Share on other sites

Kaspersky Lab Forum > English User Forum > Protection for Home Users > Kaspersky Internet Security & Anti-Virus > KIS 2012 Now Detects mvps Hosts File as a Trojan

Starting a couple of hours ago, KIS 2012 has detected my HOSTS file as a "Trojan.Win32.Hosts2.gen". I've been using the mvps hosts file for years without any problems from Kaspersky. (I use the mvps file found here: http://winhelp2002.mvps.org/hosts.htm).

 

I compared my HOSTS file with a backup, and no changes have been made to this file since February 25, which is when I updated the file to the current latest mvps file.

 

Because I do regular full system image backups, I allowed KIS to "disinfect" and quarantine what it wanted to do. The result was that KIS overwrote the file to put it back to its Windows XP default version and did not make a quarantine file copy for restoration if needed.

 

For the moment, I have added the HOSTS file to KIS's exclusion list, but I would prefer KIS to monitor the file as it always has before without issues.

 

I also noticed a similar post made today in the Kaspersky PURE forum found here: Kaspersky PURE Forum Post.

 

My question is - is anybody else having this problem?

 

 

I experiences the same porblem last evening went through tha same process you seemed to follow. including the exclusion although I believe the

exclusion is no longer necessary with the KIS devault in place of the MVPS. Will continue to monitor this forum

 

Share this post


Link to post
Share on other sites

Kaspersky Lab Forum > English User Forum > Protection for Home Users > Kaspersky Internet Security & Anti-Virus > KIS 2012 Now Detects mvps Hosts File as a Trojan

 

It appears most here are dealing with SBS&D, I am seeing the same thing in ZoneAlarm Free AntiVirus and Firewall. HAve take the same actions aod gotton

similar results. I am going with Restore and Exclude and will watch closely

 

 

Share this post


Link to post
Share on other sites
mfn   

Hello all. I am the original poster of this thread.

 

As of today, March 16, my mvps hosts file being detected as a trojan problem in KIS 2012 seems to have been fixed with a KIS update. After deleting my exclusion rule for the hosts file, having KIS scan the file, and launching and using a browser and email client, all seems to be well.

 

Thank you all for your input.

Share this post


Link to post
Share on other sites
edge10   

Same here, KIS no longer detecting a Trojan after a recent database update and removal of the Exclusion with MVPS Host file 2/25/2013. No report back yet from KIS on my Hosts file virus analysis submission, but I think we can assume it was FP cause by the update file.

Share this post


Link to post
Share on other sites

Hey all. Just wanted to report back to this post and mention that I uninstalled Spybot S&D, and have not had the scary red Kaspersky alert go off since. ;)

I had a feeling that this was what was causing the issue (incompatibility between KIS2013 and SS&D) and it seems, so far, to be resolved.

 

I may as well mention that DANGGGG S S&D was pissed off when I uninstalled, lol. At first, I actually thought they weren't going to let me uninstall the software. During the uninstall, it asked the reason why I was taking this measure and a drop down box of reasons appeared. (Not kidding). I chose the "incompatibilities with Kaspersky" option, and immediately afterwards I got a pop-up box that was a bit like a break up letter, and I was the hated dumper.

 

I looked online to see what the heck crawled up Spybot's butt, lol. Discovered that there's a whole soap opera going on that I wasn't aware of, lol.

Anyway. Kaspersky? Spybot is really, REALLY MAD. :icon22:

I wish you two could get along. There's no reason why the two of you shouldn't co-exist together on the same hard drives. Oh well. I payed for Kaspersky, so Spybot has to go for now. (Damn, I do feel bad. Kinda....guilty. Like I ate meat on fish Friday and my Italian Roman Catholic mom found the McDonald's cheeseburger in my hand.)

 

Anyway...

Thanks for the help.

 

PS.

The mystery program that isn't working anymore is Corel PaintShop Pro X4.

Share this post


Link to post
Share on other sites

As of this morning all fixed and working ok...will be a bit like walking on thin ice for the next few days waiting to see if it's going to rear it's ugly self again to send me into an outta control ego spin!!

 

Big thanks to whoever sorted this one out as like most of us, I'd guess that wasting time on trying to fix, what seems to be unfixable, is definately the pitts. :angry: :blink: :laugh3:

 

Regards

 

Doop

 

 

 

I may get yelled at for posting this but as I still have this issue occurring then I still need a fix. KIS 2011 is still deleting/disinfecting Host file whenever I try to replace it.

 

The last thread about this issue said it was solved and closed the topic but as of posting this I still have the problem recurring each time I replace the host file. I keep the

 

downloaded copy from http://winhelp2002.mvps.org/hostswin7.htm on a flash drive and turn off KIS whilst I copy and paste the host file to replace the one KIS wipes out each time.

 

I then reboot and as soon as I go onto Google KIS detects it and removes it, it doesn't even ask for a preferred way to deal with it.

 

It is now deleting it before I log onto the net and doesn't even inform me of a detection, I have to search the detailed report to find what it's done. I've tried to put it under exceptions, no luck there

 

it just ignores any attempt to bypass the Host file.

 

So no, this has not been solved for everyone, maybe those with current 2013 KIS, I updated twice in the last couple of hours and still this issue persists.

 

Doop

 

Share this post


Link to post
Share on other sites
richbuff   
PS.

The mystery program that isn't working anymore is Corel PaintShop Pro X4.

 

You're welcome. Please try re-installing Corel, and if still no go, please open a new topic for that issue, because this one is closed as resolved, again.

 

At the close of this topic at this time, maybe I can try to offer a little bit of insight into what is going on with Kaspersky being protective of the Hosts file: In Eastern Europe and other regions, there is a severe flood of malware that modifies the Host file to redirect to yucky websites. Kaspersky stays on top of this, and detection adjustments may be made that sometimes need re-adjusting.

 

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

×