Jump to content

How to make Kaspersky Free automatically block threats


Timy

Recommended Posts

I am currently using Kaspersky Free and Windows 10. Whenever there's a threat, a notification from Kaspersky will pop up, asking me to take action. Is there a way to make Kaspersky take action automatically?

Link to comment
Share on other sites

4 minutes ago, Timy said:

No, idk what hosts file is. Maybe the Trojan changed it since when it infects my PC, I can't access anything because I don't have the permission to or something

Hi, C:\Windows\System32\drivers\etc\host. If some application want to edit this file, the detection will maybe popup. I'm more interested in the conditions under which this detection event occurs.

  • Like 2
Link to comment
Share on other sites

Just now, Timy said:

Interesting, in the report, Kaspersky detected the trojan at C:\Windows\System32\drivers\etc\host

Yes, We all know it. So the next question is which application do the job. As I just asked the question, what applicaiton are you using when this detection occurs.

  • Like 1
Link to comment
Share on other sites

The Trojan was detected when I was running an app (I think it's an optimizer app) when a command prompt window popped up, there was a piece of text, it's not even a code, It popped up for like 2 seconds before closing and then Kaspersky asked me to take action as my PC started to behave strangely

Edited by Timy
Link to comment
Share on other sites

2 minutes ago, Timy said:

The Trojan was detected when I was running an app (I think it's an optimizer app) when a command prompt window popped up, there was a piece of text, it's not even a code, It popped up for like 2 seconds before closing and then Kaspersky asked me to take action as my PC started to behave strangely

OK, you can run the optimizer app again to check this situation. If it happened again, You should make a exclude rule for this host file in order to avoid detection.

2022-04-01_13-22-20.thumb.png.284197917ec53dae3413b5c0cc2dc3f1.png

Notice: You need to check the contents of this file frequently, normally it should be as follows. if some application add some rules in this file, you should check whether the content is normal or not. this file is a location DNS cache. it will change DNS query result.

2022-04-01_13-25-31.png.4aa70c14d787744c2c5dcd76a37744d6.png

  • Like 2
Link to comment
Share on other sites

Just now, Timy said:

So, was it a false positive

You can say yes or no, depending on what perspective you stand on. Under normal circumstances, this file will not be edited, keep default. Then there will be no chance of being detected, but once edited, as a potentially risky modification, there is no big problem being detected. 

Link to comment
Share on other sites

12 minutes ago, Timy said:

Why would an optimizer app want to edit the hosts file

You should check what settings related to this situation in the optimizer app, such as network speedup. The hosts file is an operating system file on Windows PC that lets you map specific domain names to an IP address. If you do not need to perform a DNS query, but directly convert the domain name into an IP address through the host file, and request an http link directly from the IP address, it will reduce the time required to request a DNS query, so some optimization software will use names such as network acceleration to realise. There is actually no speed change, for current internet speeds. But this file may be exploited by malicious programs. It is used to provide fake DNS requests and forge the requested IP address. Therefore, the modification of this file will be strictly controlled.

  • Like 2
Link to comment
Share on other sites

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now


×
×
  • Create New...