mvps Hosts file detected as Trojan.Win32.Host2.gen

[Zac]

Hi - wondering if I could have you look over the following entries for me, please. Something in these is triggering the trojan alert again, but I can’t seem to pinpoint which one. I add them one at a time, but it seems to be a delayed reaction (sometimes hours) before the file is detected again.

0.0.0.0 avast.com
0.0.0.0 ipm-provider.ff.avast.com
0.0.0.0 dotomi.com
0.0.0.0 www.logmein.com
0.0.0.0 www.teamviewer.us
0.0.0.0 www.realvnc.com
0.0.0.0 cdn.blatungo.com
0.0.0.0 blatungo.com
0.0.0.0 facebook.com
0.0.0.0    www.facebook.com
0.0.0.0    fb.com
0.0.0.0    thesimsresource.com
0.0.0.0    www.thesimsresource.com
0.0.0.0 simsdom.com
0.0.0.0 www.simsdom.com
0.0.0.0 facebook.net
0.0.0.0 doubleclick.net
0.0.0.0 vacaneedasap.com
0.0.0.0 aol.com
0.0.0.0 oath.com
0.0.0.0 yahoo.com
0.0.0.0 netcheckcdn.xyz

Any thoughts or feedback would be appreciated !

Thanks 🤔🤓🙏

[Wesly.Zhang]

Hi - wondering if I could have you look over the following entries for me, please. Something in these is triggering the trojan alert again, but I can’t seem to pinpoint which one. I add them one at a time, but it seems to be a delayed reaction (sometimes hours) before the file is detected again.

0.0.0.0 avast.com
0.0.0.0 ipm-provider.ff.avast.com
0.0.0.0 dotomi.com
0.0.0.0 www.logmein.com
0.0.0.0 www.teamviewer.us
0.0.0.0 www.realvnc.com
0.0.0.0 cdn.blatungo.com
0.0.0.0 blatungo.com
0.0.0.0 facebook.com
0.0.0.0    www.facebook.com
0.0.0.0    fb.com
0.0.0.0    thesimsresource.com
0.0.0.0    www.thesimsresource.com
0.0.0.0 simsdom.com
0.0.0.0 www.simsdom.com
0.0.0.0 facebook.net
0.0.0.0 doubleclick.net
0.0.0.0 vacaneedasap.com
0.0.0.0 aol.com
0.0.0.0 oath.com
0.0.0.0 yahoo.com
0.0.0.0 netcheckcdn.xyz

Any thoughts or feedback would be appreciated !

Thanks 🤔🤓🙏

Hello,

You can delete one of them one by one, and use avp scan the file after you delete one rule（one line）. If you find after you delete one rule, There is no alarm when you scan the hosts file, You will know which rule lead to this alarm. Good luck.

Attenion: It maybe have two or more rules will lead to this alarm, so please use time to check the rule.

Regards.

[Wesly.Zhang]

Hello @Zac 

I have checked the rules. You can not add rules for facebook.

Regards.

[Zac]

@Wesly.Zhang Really? facebook? Well damn. THANK YOU very much for the extra effort. That’s the one I was sure wasn’t the problem. 

Another +1 for you my friend.

[Zac]

@FLOOD Didn’t know I wouldn’t be able to mark more than one answer as helpful. +1 to you too!

Thanks all for your help with this.

[Flood and Flood's wife]

Hello @Zac,

😂 , that’s not a problem, the goal here is to help you and we all appreciate your gratitude👌  

The ✔Best answer system works by changing the Topic status from❓Question to ✅Solved

Cheers,

Flood🐳