Super User Asked by Rainer Rillke on December 15, 2020
I’ve installed the MVPS Hosts blacklist to my etchosts file in order not to be tracked. Today, Windows Defender scared me by telling me it detected SettingsModifier:Win32/HostsFileHijack in spite of the file being in place unchanged for over a year.
This is clearly a false alert but what triggered that? An updated version of Defender and a process that attempted to read the file? Or the OS "forgetting" I modified this file?
Microsoft’s description for Defender under Windows 10 is not helpful, while they have a useful page for Windows 8.
The detection occurred after starting Microsoft Teams (which crashed).
Maybe your hosts file also includes entries to block Windows Telemetry? This is a possible reason for your file to be marked as infected:
Microsoft is now using Windows Defender feature to prevent users from blocking telemetry collection by editing their hosts file, which could be due to security or other reasons.
https://www.windowslatest.com/2020/09/07/windows-10-defender-flags-hosts-file-telemetry-blocking/
Answered by DoRe on December 15, 2020
Get help from others!
Recent Answers
Recent Questions
© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP