Jump to content
Kaspersky Support Forum

mvps Hosts file detected as Trojan.Win32.Host2.gen

Zac

By Zac
in Kaspersky Internet Security

 Share
Go to solution Solved by Wesly.Zhang,

Recommended Posts

Zac

Zac

Posted
  • Author
Posted

Hi - wondering if I could have you look over the following entries for me, please. Something in these is triggering the trojan alert again, but I can’t seem to pinpoint which one. I add them one at a time, but it seems to be a delayed reaction (sometimes hours) before the file is detected again.

0.0.0.0 avast.com
0.0.0.0 ipm-provider.ff.avast.com
0.0.0.0 dotomi.com
0.0.0.0 www.logmein.com
0.0.0.0 www.teamviewer.us
0.0.0.0 www.realvnc.com
0.0.0.0 cdn.blatungo.com
0.0.0.0 blatungo.com
0.0.0.0 facebook.com
0.0.0.0    www.facebook.com
0.0.0.0    fb.com
0.0.0.0    thesimsresource.com
0.0.0.0    www.thesimsresource.com
0.0.0.0 simsdom.com
0.0.0.0 www.simsdom.com
0.0.0.0 facebook.net
0.0.0.0 doubleclick.net
0.0.0.0 vacaneedasap.com
0.0.0.0 aol.com
0.0.0.0 oath.com
0.0.0.0 yahoo.com
0.0.0.0 netcheckcdn.xyz

Any thoughts or feedback would be appreciated !

Thanks 🤔🤓🙏

Wesly.Zhang

Wesly.Zhang

Posted
Posted

Hi - wondering if I could have you look over the following entries for me, please. Something in these is triggering the trojan alert again, but I can’t seem to pinpoint which one. I add them one at a time, but it seems to be a delayed reaction (sometimes hours) before the file is detected again.

0.0.0.0 avast.com
0.0.0.0 ipm-provider.ff.avast.com
0.0.0.0 dotomi.com
0.0.0.0 www.logmein.com
0.0.0.0 www.teamviewer.us
0.0.0.0 www.realvnc.com
0.0.0.0 cdn.blatungo.com
0.0.0.0 blatungo.com
0.0.0.0 facebook.com
0.0.0.0    www.facebook.com
0.0.0.0    fb.com
0.0.0.0    thesimsresource.com
0.0.0.0    www.thesimsresource.com
0.0.0.0 simsdom.com
0.0.0.0 www.simsdom.com
0.0.0.0 facebook.net
0.0.0.0 doubleclick.net
0.0.0.0 vacaneedasap.com
0.0.0.0 aol.com
0.0.0.0 oath.com
0.0.0.0 yahoo.com
0.0.0.0 netcheckcdn.xyz

Any thoughts or feedback would be appreciated !

Thanks 🤔🤓🙏


Hello,

You can delete one of them one by one, and use avp scan the file after you delete one rule(one line). If you find after you delete one rule, There is no alarm when you scan the hosts file, You will know which rule lead to this alarm. Good luck.

Attenion: It maybe have two or more rules will lead to this alarm, so please use time to check the rule.

Regards.

Wesly.Zhang

Wesly.Zhang

Posted
Posted

Hello @Zac 

I have checked the rules. You can not add rules for facebook.

Regards.

Zac

Zac

Posted
  • Author
Posted

@Wesly.Zhang Really? facebook? Well damn. THANK YOU very much for the extra effort. That’s the one I was sure wasn’t the problem. 

Another +1 for you my friend.

Zac

Zac

Posted
  • Author
Posted

@FLOOD Didn’t know I wouldn’t be able to mark more than one answer as helpful. +1 to you too!

Thanks all for your help with this.

Flood and Flood's wife

Flood and Flood's wife

Posted
Posted

Hello @Zac,

😂 , that’s not a problem, the goal here is to help you and we all appreciate your gratitude👌  

The ✔Best answer system works by changing the Topic status from❓Question to ✅Solved

Cheers,

Flood🐳

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...