hi, i’m completely new at using hostfiles and hostman. i have online armor free edition, hm.exe and hostssrv.exe are detected as keylogger and screen logger. Is this normal? should I allow or block them?
thanks in advance.
You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page. You can’t do this with the file securely in the chest, you need to extract it to a temporary (not original) location first, see below.
Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.
thanks DavidR
here are the results
http://www.virustotal.com/analisis/6e8ef70813d7e9a97a082442ce84d3bb626e511a138f3b02eab8ae901a10b753-1250704810
actually avast and mbam doesn’t detect them. only online armour flags them as keylogger and screenlogger.
Then I would say that online armor has it wrong, anything that is going to presumably update and protect the hosts file (though why you need two applications to do that) would have to be monitoring activity, which may be misinterpreted.
So I would suggest you contact online armor with the virustotal results URLs and that you feel the key logger categorisation is incorrect. They should then investigate the two applications and possibly add them to its knowledge base.