Nomen Posted March 29, 2021 Share Posted March 29, 2021 I've installed a "take ownership" reg key and have modified the hosts file but something (I think it's Defender) keeps messing with it. They say that you can tell Defender to not mess with chosen files / folders. But I can't find any settings for "Defender". I can only find settings for "Windows Defender Firewall". So what's the deal here? Is there a "Windows Defender" on a win-10 system, and is it separate from the firewall? In any case, how do I disable these security scans for selected files/folders? Link to comment Share on other sites More sharing options...
Sergiaws Posted March 29, 2021 Share Posted March 29, 2021 As far as I know, you can add exceptions to Windows Deffender, you just need to search it in the new configuration pannel. I can't exactly tell how to do it, because I'm not a Win10 user any more, but that's what I remember. Link to comment Share on other sites More sharing options...
Nomen Posted March 29, 2021 Author Share Posted March 29, 2021 Man, what a battle it was to remove the system's ability to mess with my version of the hosts file. Disabling inheritance and taking ownership of the /etc folder was I think the primary thing that had to be done, and first removing everything from being able to access it (and the hosts file) except me and then adding in SYSTEM and ALL APPLICATION PACKAGES with read-only access. Before that I downloaded something called "configuredefender.exe" and thought I applied a restriction on the /etc folder but this didn't seem to work. I don't think there is anything like a config interface in control panel for Defender in Win-10 like there is for other windoze versions. And again, I don't know technically if this is "Windows Defender" or "Microsoft Defender" we're talking about here. Link to comment Share on other sites More sharing options...
Tripredacus Posted March 29, 2021 Share Posted March 29, 2021 I think it is just naming. Defender is just MSSE and the the Defender Firewall is just the Firewall with Advanced Security. If it were me, I would change the ACLs on HOSTS to deny write permissions to the Trusted Installer security context and then look in Event Viewer for errors. I did a quick look at my "Windows Security" app (apparently not called Defender anymore ) and I didn't really see anything besides "allowed threats" option. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now