AV-UPDATE-BLOCK

Stephan Pringle Wednesday, April 1, 2026

Are your chromium-based browsers looking and functioning weird? If you have Firefox installed, you should know that it is one of the free internet browser that will give you a chance to surf the web to find a repair solution and upload your files to a safe location.

For clients, I skipped that option and went straight to resetting the PC.

* Your hosts file (see below) will be compromised.
* Your Firewall will have Outbound Rules.
* Your Chrome Browser will be fake and from “The Google LLC”.
* Your Edge Browser will be fake and resemble Google Chrome.
* Your Search results will be hijacked.
* Microsoft Print to PDF may stop working
* Windows Update will be blocked
* Antivirus programs will close upon launch.
* Restore Points will be either be deleted, corrupted or made after the malware is installed.

Compromised Hosts File# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a ‘#’ symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
#
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
#
# BEGIN AV-UPDATE-BLOCK-v1 (ClockRemoval.ps1)
# Managed block: ClockRemoval.ps1 -AvHostsBlockRevert / -AvHostsBlockApply
# Redirect target: 0.0.0.0 (null-route)
#
# KASPERSKY
0.0.0.0 activation-v2.kaspersky.com
0.0.0.0 click.kaspersky.com
0.0.0.0 cm.k.kaspersky-labs.com
0.0.0.0 crl.kaspersky.com
0.0.0.0 ds.kaspersky.com
0.0.0.0 downloads.kaspersky-labs.com
0.0.0.0 downloads.upd.kaspersky.com
0.0.0.0 kaspersky.com
0.0.0.0 kaspersky-labs.com
0.0.0.0 ksn-asia-geo.kaspersky-labs.com
0.0.0.0 ksn-cis-geo.kaspersky-labs.com
0.0.0.0 ksn-eu-geo.kaspersky-labs.com
0.0.0.0 ksn-us-geo.kaspersky-labs.com
0.0.0.0 ocsp.kaspersky.com
0.0.0.0 p00.upd.kaspersky.com
0.0.0.0 p01.upd.kaspersky.com
0.0.0.0 p02.upd.kaspersky.com
0.0.0.0 p03.upd.kaspersky.com
0.0.0.0 p04.upd.kaspersky.com
0.0.0.0 p05.upd.kaspersky.com
0.0.0.0 p06.upd.kaspersky.com
0.0.0.0 p07.upd.kaspersky.com
0.0.0.0 p08.upd.kaspersky.com
0.0.0.0 p09.upd.kaspersky.com
0.0.0.0 p10.upd.kaspersky.com
0.0.0.0 p11.upd.kaspersky.com
0.0.0.0 p12.upd.kaspersky.com
0.0.0.0 p13.upd.kaspersky.com
0.0.0.0 p14.upd.kaspersky.com
0.0.0.0 p15.upd.kaspersky.com
0.0.0.0 p16.upd.kaspersky.com
0.0.0.0 p17.upd.kaspersky.com
0.0.0.0 p18.upd.kaspersky.com
0.0.0.0 p19.upd.kaspersky.com
0.0.0.0 redirect.kaspersky.com
0.0.0.0 s00.upd.kaspersky.com
0.0.0.0 s01.upd.kaspersky.com
0.0.0.0 s02.upd.kaspersky.com
0.0.0.0 s03.upd.kaspersky.com
0.0.0.0 s04.upd.kaspersky.com
0.0.0.0 s05.upd.kaspersky.com
0.0.0.0 s06.upd.kaspersky.com
0.0.0.0 s07.upd.kaspersky.com
0.0.0.0 s08.upd.kaspersky.com
0.0.0.0 s09.upd.kaspersky.com
0.0.0.0 s10.upd.kaspersky.com
0.0.0.0 s11.upd.kaspersky.com
0.0.0.0 s12.upd.kaspersky.com
0.0.0.0 s13.upd.kaspersky.com
0.0.0.0 s14.upd.kaspersky.com
0.0.0.0 s15.upd.kaspersky.com
0.0.0.0 s16.upd.kaspersky.com
0.0.0.0 s17.upd.kaspersky.com
0.0.0.0 s18.upd.kaspersky.com
0.0.0.0 s19.upd.kaspersky.com
0.0.0.0 touch.kaspersky.com
0.0.0.0 upd.kaspersky.com
#
# ESET
0.0.0.0 cdn1.eset.com
0.0.0.0 cdn2.eset.com
0.0.0.0 eavcdn.eset.com
0.0.0.0 edf.eset.com
0.0.0.0 eset.com
0.0.0.0 eset.systems
0.0.0.0 eupd.eset.com
0.0.0.0 feedback.eset.com
0.0.0.0 help.eset.com
0.0.0.0 hostfiles-cdn.eset.com
0.0.0.0 hostfiles.eset.com
0.0.0.0 license.eset.com
0.0.0.0 oemservice.eset.com
0.0.0.0 update.eset.com
#
# MALWAREBYTES
0.0.0.0 cloud.malwarebytes.com
0.0.0.0 data.service.malwarebytes.com
0.0.0.0 detect-remediate.cloud.malwarebytes.com
0.0.0.0 downloads.malwarebytes.com
0.0.0.0 links.malwarebytes.com
0.0.0.0 malwarebytes.com
0.0.0.0 mbamupdates.com
0.0.0.0 my-device.malwarebytes.com
0.0.0.0 socket.cloud.malwarebytes.com
0.0.0.0 telemetry.malwarebytes.com
0.0.0.0 www.malwarebytes.com
#
# MALWAREBYTES (MWB SYS / COSMOS)
0.0.0.0 ark.mwbsys.com
0.0.0.0 blitz.mb-cosmos.com
0.0.0.0 hubble.mb-cosmos.com
0.0.0.0 iris.mwbsys.com
0.0.0.0 keystone.mwbsys.com
0.0.0.0 mb-cosmos.com
0.0.0.0 mwbsys.com
0.0.0.0 sirius.mwbsys.com
#
# MCAFEE / NAI
0.0.0.0 ai.extension.mcafee.com
0.0.0.0 cdn.mcafee.com
0.0.0.0 cwg-update.mcafee.com
0.0.0.0 download.mcafee.com
0.0.0.0 home.mcafee.com
0.0.0.0 mcafee.com
0.0.0.0 mcafee.marshal.com
0.0.0.0 nai.com
0.0.0.0 update.nai.com
0.0.0.0 www.mcafee.com
#
# TRUSTWAVE / LEVELBLUE
0.0.0.0 levelblue.com
0.0.0.0 trustwave.com
#
# MARSHAL (Legacy)
0.0.0.0 cdn-updates.marshal.com
# END AV-UPDATE-BLOCK-v1

Related posts:

  1. Block Ads in Crackle for Android
  2. Your Uninstaller Pro
  3. Hosts
  4. Unable to Open .SYLK Files
  5. Access localhost:10080 on Microsoft Windows

Stephan Pringle

About The Author: Stephan Pringle is an Information Technology Support Specialist. He covers hardware and software and provides tips for you to troubleshoot and repair issues on your own. In his spare time, he writes articles about the State of New York on his Hackintosh and HackBook and that has helped him to become the top contributor of the New York City section of Yahoo! Answers.

Related Posts