fufuchao 0 Posted September 22, 2021 Share Posted September 22, 2021 Please forgive me for using translation software. Whenever I modify the hosts file using any software, including Notepad, it will be isolated. The hosts file is very important to me. log: 2021/9/21 22:21:14; Real-time file system protection; File; C:\windows\system32\drivers\etc\hosts; Win32/Qhost Trojan; Cleared by deletion; PC\pc; An event occurred on a file modified by the application: C:\Windows\System32\notepad.exe Link to comment Share on other sites More sharing options...
Administrators Marcos 4,720 Posted September 22, 2021 Administrators Share Posted September 22, 2021 Please provide logs collected with ESET Log Collector so that I can check your exclusions. Link to comment Share on other sites More sharing options...
itman 1,543 Posted September 22, 2021 Share Posted September 22, 2021 (edited) I just manually added two entries to my Win 10 hosts file using notepad. See below screen shot. I received no alerts from Eset real-time protection. So something else is going on in regards to your EIS installation. Edited September 22, 2021 by itman Link to comment Share on other sites More sharing options...
Administrators Marcos 4,720 Posted September 22, 2021 Administrators Share Posted September 22, 2021 What records are you trying to add to the hosts file? Link to comment Share on other sites More sharing options...
itman 1,543 Posted September 22, 2021 Share Posted September 22, 2021 2 minutes ago, Marcos said: What records are you trying to add to the hosts file? Interesting. Does Eset check IP address/domain name added for malicious status? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,720 Posted September 22, 2021 Administrators Share Posted September 22, 2021 33 minutes ago, itman said: Interesting. Does Eset check IP address/domain name added for malicious status? Not necessarily malicious but yes, the IP addresses/domains are checked. Link to comment Share on other sites More sharing options...
Most Valued Members peteyt 364 Posted September 22, 2021 Most Valued Members Share Posted September 22, 2021 3 hours ago, itman said: Interesting. Does Eset check IP address/domain name added for malicious status? I do know a lot of cracks for programs will change host files, to try and block specific things from connecting, probably to prevent the program realising it is cracked or something similar. Not claiming that the OP is using cracked software. Link to comment Share on other sites More sharing options...
Recommended Posts