HostsFileHijack : Microsoft Defender falsely reports you are infected if you try and block Microsoft telemetry and ads

[Karlston]

HostsFileHijack : Microsoft Defender falsely reports you are infected if you try and block Microsoft telemetry and ads

Editing your host file is one way to block Microsoft telemetry and Microsoft-delivered ads on Windows, and it turns out Microsoft is not too happy with it.

 

The latest versions of Microsoft Defender for Windows 10 will detect if you are adding entries to your host file which would block Microsoft’s servers and refuse to allow you to save the file, claiming it is a severe security risk.

 

 

In fact Microsoft will claim you are infected with “SettingsModifier:Win32/HostsFileHijack”, which a Google search reveals has caused several users to panic and believe they have a virus.

e.g.:

I do not have Malwarebytes installed, just Windows Security Defender complaining about SettingsModifier:Win32/HostsFileHijack.

 

I also do not know if it’s related or not, but I got the popup right after launching the game SUPERHOT MIND CONTROL DELETE.

 

I actually know what is the HOST file (a bunch of DNS to IP forwarding), so I was curious how the infection was modifying it which could give me information on what is wrong. So I “allowed” the threat via Windows Defender and strangely the file remained the same (with just the default 127.0.0.1 and ::1 to localhost lines). I then asked it to “clean” the threat again, and the HOST file content never changed.

With Microsoft weaving Microsoft Defender ever more deeply into Windows, it does bring to mind the question of who actually controls the PC you are using.

 

via WindowsLatest

 

 

HostsFileHijack : Microsoft Defender falsely reports you are infected if you try and block Microsoft telemetry and ads

 

[straycat19]

And now you know why previous versions of Windows will never die.  People are worried about government takeover, they should be worried about Microsoft takeover, which is far exceeding that which Apple users have been subjected to over the years.

 

[mp68terr]

There are ways to live without m$soft or apple infecting our computers. Too much brain-washing by 'official' institutions so too few try.

[Matrix]

 

Quote

Microsoft makes it difficult to disable Windows Defender on Windows 10

 

Our colleagues over at Deskmodder note that third-party software such as Defender Control should still work. 

 

Defender Control 1.6 working Windows Defender Disabled Win10 2004 build 19041.450 

[Nastrahl]

Like always, I'm pretty sure they don't know what they are speaking about.

 

They flag telemetry, but it's a security feature about HOSTS file modification in GENERAL.

 

Most AVs and security tools will alert for HOSTS file modifications, which is actually legit since it can seriously and stealthy tend you to phishing.

 

If Microsoft wanted you to stop blocking telemetry, they could have easily bypassed HOSTS file blocking method by hardcoding IPs to reach for it.

 

And no, HOSTS file isn't DNS to IP "forwarding" and the screenshot provides no information whatsoever about what actually tried to reach the file since it isn't showed at all !

 

It's an other layer 8 in the OSI model.

[mp68terr]

2 hours ago, Nastrahl said:

If Microsoft wanted you to stop blocking telemetry, they could have easily bypassed HOSTS file blocking method by hardcoding IPs to reach for it.

You likely meant "didn't want you to".

[steven36]

On 9/8/2020 at 3:30 PM, Nastrahl said:

Like always, I'm pretty sure they don't know what they are speaking about.

 

They flag telemetry, but it's a security feature about HOSTS file modification in GENERAL.

 

Most AVs and security tools will alert for HOSTS file modifications, which is actually legit since it can seriously and stealthy tend you to phishing.

 

If Microsoft wanted you to stop blocking telemetry, they could have easily bypassed HOSTS file blocking method by hardcoding IPs to reach for it.

 

And no, HOSTS file isn't DNS to IP "forwarding" and the screenshot provides no information whatsoever about what actually tried to reach the file since it isn't showed at all !

 

It's an other layer 8 in the OSI model.

Ether security  is built in the  OS or it isn't people have been modding there host files for ages  on Windows  , MAC and Linux  if   it was not meant to modify it would not exist   they would of replace it with something more secure . Or at lest  make it tamper resistant were a layman could not modify it. And that part is true  you can Hardcode IPs  to get around host blocks but it never works  with Firewalls like Windows 10 Firewall  Control .   False Positives is the oldest trick in the book to scare users , Malwarebytes  flag the word Keygen so they changed the name of them.   M$  spying crap  is part of the reason ive not used windows 10 in 3 years .  Microsoft also talked down on  Windows 10 Firewall  Control because it blocks telemetry out the box  and can block there forced updates . 

 

The company you talking about don't have a very good track record  , If they did maybe your M$ excuse would hold some merit.  If they didn't care if you block telemetry they would give  home and pro users a opt out like they do enterprise users   then it would be no need for host blocks  or firewall blocks !!!  just like there never been a need for it on Linux unless you want block ads from the web  but with using UBO  i dont need  to use host blocks at all. They the cause of people blocking it to begin with .I never trusted using host blocks because they can get around it i always used   Windows 10 Firewall  Control and really blocked it.

 

That the problem  with Anti-Trust  laws  in the EU they could care less about the consumer  the EU Government  is like M$ only business matters  as long as business  can achieve  privacy  its fine  for  them to use home users as lab rats.

[steven36]

On 9/8/2020 at 4:37 AM, straycat19 said:

And now you know why previous versions of Windows will never die.  People are worried about government takeover, they should be worried about Microsoft takeover, which is far exceeding that which Apple users have been subjected to over the years.

 

If you didn't use windows to begin with you would not have to worry about a Microsoft take over . People use old windows  tell  they no longer  3rd party updates Windows 7 will pretty much  die out as soon as it's no longer maintained by anyone just like what happen to Windows XP .   They is no future in the past   if your going to stay with Microsoft  you may as well install Windows 10 now because in the long term  the only alternatives  is  Mac , Linux  or use a smartphone OS  .