SettingsModifier:Win32/HostsFileHijack, W Defender

Suddenly Defender finds my hosts file 'severely' dangerous. A quick google search, seems many have experienced this lately. 99.99% sure its false pos from latest definitions, triggered by many entries (lots of MS related domains... :O) Anyone else here ?

Anyway, tested a hosts copy, very ok, see attachment.

 

That's interesting. I will have to re-enable Defender and see if it flags mine as "dangerous" since I have many things (including Micro$lop domains) blocked. It doesn't surprise me though. They have a self-entitlement mindset and are very presumptuous about many things. It is none of their business what I have in my hosts file.

 

Just login into MS defender security intelligence platform and upload your file and await for results. https://www.microsoft.com/en-us/wdsi/filesubmission
Within 4-8hrs you will get a reply and they'll ask you to update definitions.

 

Needs ms account, for sure ain't got that malware :O)
It's ok in 15 scanners (see attach in 1st post) + malwarebytes, proof enough.

Am guessing latest defender simply spots lots of entries (5.2k) vs stock hosts (0.8k) and flags it, assuming no pc owner would ever do such a thing (probably true for 99.7644% of users :O)

 

:O) This must be it:
"This is just typical Microsoft garbage - "Win32/HostsFileHijack" means Windows Defender detected some entries in your hosts file. You did that intentionally. But Microsoft is calling it a "threat" because they don't want you blocking their telemetry."

https://www.reddit.com/r/techsupport/comments/hvxu40/windows_defender_and/

 

Consumers that take control of the property they own are always a threat to the people that want to control and exploit them. Using Defender to scare them is just one of the scams in their deceitful bag of dirty tricks. They pull the same kind of dishonorable shenanigans with other files that are an impediment to their acts of fraud, deceit and theft. They want everyone to be deaf mute muppets, and the majority probably already are. The rest of us that are not compliant become the enemy. We are a threat because we are a defiant lot that refuse to drink their poisoned Kool-Aid.

 

Just a note, out of nowhere, great white father in redmond re-wiped hosts, even after it was set as allowed item (not modified since previous wipe).
Maybe excluded files is worthy of some respect (see attach.)

 

A little bit more of this discussion is found here - http://forum.notebookreview.com/thr...nd-announcements.826887/page-64#post-11038340