Windows 10 Defender Removes events.data.microsoft.com From Hosts File

[taufikp]

Hi,

Not really an issue but just to let you know that Microsoft Windows Defender managed to remove events.data.microsoft.com from hosts file and tagged it as this virus: SettingsModifier:Win32/PossibleHostsFileHijack, few days after I put the anti tracker list in hosts file.

Thank you

[hagezi]

@taufikp

This is a general host file protection, see:

https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=SettingsModifier%3AWin32%2FPossibleHostsFileHijack&threatid=14994

"If you have changed the Hosts file yourself, you need to exclude it from detection by your antivirus software."

https://support.microsoft.com/en-us/windows/add-an-exclusion-to-windows-security-811816c0-4dfd-af4a-47e4-c301afe13b26

Go to Start > Settings > Update & Security > Windows Security > Virus & threat protection. Under Virus & threat protection settings, select Manage settings, and then under Exclusions, select Add or remove exclusions. Select Add an exclusion, and then select from files, folders, file types, or process.

[taufikp]

Thank you, good to know we can exclude hosts file from AV. And when I compared the tampered hosts file with your list here, only events.data.microsoft.com removed by Windows Defender. Interesting.