| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 123952 | 2012-03-28 02:50:00 | trojan.win32.hosts2.gen | --Wolf-- (128) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1267151 | 2012-03-28 02:50:00 | Having to post this from my tablet as I can't even access webpages on the laptop now. Kaspersky pickedthis up and I Have run a disinfection on it 3times nnow but it keeps popping up. How the hell do I get rid of it for good? Is listed as being at system32\drivers\etc\hosts Thanks |
--Wolf-- (128) | ||
| 1267152 | 2012-03-28 03:05:00 | You're not the only one (forum.kaspersky.com) Sounds like a Kaspersky screwup to me |
Speedy Gonzales (78) | ||
| 1267153 | 2012-03-28 03:12:00 | Doesn't explain why i can't load webpages though. In saying that my hosts file seems to have been deleted now.... that can't be good? |
--Wolf-- (128) | ||
| 1267154 | 2012-03-28 03:21:00 | Get the fixit (support.microsoft.com). There's probably code or something in the hosts file, why Kaspersky is deleting it. What version of windows is installed? |
Speedy Gonzales (78) | ||
| 1267155 | 2012-03-28 03:22:00 | Win 7 | --Wolf-- (128) | ||
| 1267156 | 2012-03-28 03:30:00 | Ran that fixit but hosts file is still missing and still can't access webpages Edit ran it again and hosts file is there now and kaspersky is warning me again but still can't access webpagea |
--Wolf-- (128) | ||
| 1267157 | 2012-03-28 03:38:00 | Open the hosts file. And see whats in it. Disable system restore. Copy this and save it as hosts. Make sure it doesnt save it as a txt file. And put it in C:\windows\system32\drivers\etc folder. This is from Win7 x64. # Copyright (c) 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. # 127.0.0.1 localhost # ::1 localhost |
Speedy Gonzales (78) | ||
| 1267158 | 2012-03-28 03:45:00 | It says all that except at the top it says this file has been restored by kaspersky because of possible infection. It won't let me edit that out and save..says access denied EDIT: Back on the laptop now. Made another file, edited out the Kaspersky part, saved it then put it in and replaced the old one. Webpages seem to work now, but I had to bypass K9 Web Protection (into supervisory mode). Wonder if that is what was causing the problem? As far as the "trojan" - just ignore it? If it's definitely nothing to worry about then? |
--Wolf-- (128) | ||
| 1267159 | 2012-03-28 03:51:00 | Depends if Kaspersky will still pick it up as a trojan. If it deletes it, then you may not get online again | Speedy Gonzales (78) | ||
| 1267160 | 2012-03-28 03:53:00 | Depends if Kaspersky will still pick it up as a trojan. If it deletes it, then you may not get online again OK will monitor it. Thanks for your help Speedy, saved my ass. (as usual) |
--Wolf-- (128) | ||
| 1 2 | |||||