Windows reporting NextDNS 2.0.1 as Trojan:MSL/Masslogger.VN!rfn



I noticed the error after a reboot.  It looks like some files in the Program Files directory were modified today as well.  My version.txt file says I'm on 2.0.1. However, the program is blocked from running on my Windows 10 machine.

Screenshot of my NextDNS directory in the Program Files directory


9replies Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
  • Hi.

    This happened here just now as well. Next DNS was detected as a trojan, and then removed.

    Apparently the trojan has been detected since Nov 15. The version of Next DNS being uninstalled appeared to be from Dec 9, which makes me believe that either
    a. There was a recent infection in this computer, affecting the NextDNS sw.
    b.  There is a problem with NextDNS.
    c. The NextDNS was incorrectly detected due to an error in the definition files.
    The update for MS Defender definitions which apparently triggered the removal of NextDNS, is version 1.329.1466.0.


    My file info is similar to what Mark shares above.

    • Marius B we just pushed a new version of the windows client. We often get false positives, even though our client is signed and does nothing wrong.

      Like 1
      • Marius B
      • Mariusb
      • 9 mths ago
      • Reported - view

      Olivier Poitrey Thanks for the info.

      It appears that later versions of MS Defender definitions doesn't remove NextDNS, when reinstalled. We shall see what happens on subsequent updates to the Next DNS windows client.

  • I downloaded the latest binary from the site, it is still being detected by BitDefender



    McAfee will not allow 2.01 to be installed.  1.0.12 sill works.

  • The CLI alternative for Windows cmd on the recomanded Wiki page is also detected as Trojan. Which makes me wonder if the program for Linux also has a Trojan.

Like1 Follow
  • 4 mths agoLast active
  • 9Replies
  • 640Views
  • 9 Following