Hosts Hijack Warning

Page 1 of 4 123 ... LastLast

  1. phrab
    Posts : 946
    windows 10 professional 64-bit, 22H2
       New #1

    Hosts Hijack Warning


    I'm using Windows Defender & the free version of Malwarebytes. Today, the notification area said "Windows Security - Actions needed". So I went to Settings > Update & Security > Windows Security > Virus & threat protection & saw this:
    Hosts Hijack Warning-image.pngClicking on the down arrow, showed this: Hosts Hijack Warning-image.png
    So I opened the hosts file, using BlueLife Hosts Editor. I didn't see anything funny, but I'm not sure how I'd check. I haven't noticed any problems with Windows. Also, my hosts file is "read only".

    Note that the date of these "hijacks" were 4/9 & 4/10, & I didn't receive any notice until today 4/12. Also, I just checked again & now the alert level has been changed to Moderate. It also doesn't list any program that is infected.

    Is there a way to check whether there's a virus or a false positive?

    Thank you in advance.
      My Computers
    Quote Quote

  3. Samuria
    Posts : 8,102
    windows 10
       New #2

    Can you post the host file so we can check it
      My Computer
    Quote Quote

  4. bro67
    Posts : 9,788
    Mac OS Catalina
       New #3

    Possible false positive since you are using a host file editor.
      My Computer
    Quote Quote

  6. phrab
    Posts : 946
    windows 10 professional 64-bit, 22H2
    Thread Starter
       New #4

    Samuria said:
    Can you post the host file so we can check it
    Sure. Thank you for your quick reply. Whoops. I'm having some trouble uploading the file. When I click the attachments icon, put in the filepath & choose upload, it says invalid file. I'm wondering if there's some other way to upload it.
    hosts.txt
    I saved it as a text file...hope it's attached.


    bro67 said:
    Possible false positive since you are using a host file editor.
    Thank you for your quick reply.
      My Computers
    Quote Quote

  7. TairikuOkami
    Posts : 5,452
    Windows 11 Home
       New #5

    phrab said:
    Note that the date of these "hijacks" were 4/9 & 4/10, & I didn't receive any notice until today 4/12.
    Defender noticed, that you have changed HOSTS and probably today something was blocked, that triggered the alert. Like you have blocked fake antispyware, but Defender does not know that, malware tends to block legitimate ones via HOSTS as well.
      My Computer
    Quote Quote

  8. phrab
    Posts : 946
    windows 10 professional 64-bit, 22H2
    Thread Starter
       New #6

    TairikuOkami said:
    Defender noticed, that you have changed HOSTS and probably today something was blocked, that triggered the alert. Like you have blocked fake antispyware, but Defender does not know that, malware tends to block legitimate ones via HOSTS as well.
    Thank you for your reply. I checked & my hosts file hasn't changed.
    Hosts Hijack Warning-image.png
    I have the same one that I had since at least 3/27/21. Do you mean I tried to go to a website today that was blocked by my hosts file? I checked my history & don't see any site that's unusual.
      My Computers
    Quote Quote

  9. Samuria
    Posts : 8,102
    windows 10
       New #7

    A host file that size can slow the network to a crawl and the idea is outdated as ip change all the time by using open dns or cloudfire they block bad sites live and update all the time. Its a more modern solution
      My Computer
    Quote Quote

  10. TairikuOkami
    Posts : 5,452
    Windows 11 Home
       New #8

    phrab said:
    I checked my history & don't see any site that's unusual.
    When you open a website, it also opens dozens of other websites, mostly related to ads/trackers.
    Attached Thumbnails Attached Thumbnails Hosts Hijack Warning-capture_04132021_001854.jpg  
      My Computer
    Quote Quote

  12. phrab
    Posts : 946
    windows 10 professional 64-bit, 22H2
    Thread Starter
       New #9

    Samuria said:
    A host file that size can slow the network to a crawl and the idea is outdated as ip change all the time by using open dns or cloudfire they block bad sites live and update all the time. Its a more modern solution
    Does that mean I should delete (or rename) my hosts file?
    And do you recommend a particular open DNS or Cloudflare (I assume Cloudfire is a typo).

    - - - Updated - - -

    Samuria said:
    A host file that size can slow the network to a crawl and the idea is outdated as ip change all the time by using open dns or cloudfire they block bad sites live and update all the time. Its a more modern solution
    <br>
    Does that mean I should delete (or rename) my hosts file?<br>And do you recommend a particular open DNS or Cloudflare (I assume Cloudfire is a typo).<br>
      My Computers
    Quote Quote

  13. Ghot
    Posts : 23,195
    Win 10 Home ♦♦♦19045.4291 (x64) [22H2]
       New #10

    phrab said:
    Does that mean I should delete (or rename) my hosts file?
    And do you recommend a particular open DNS or Cloudflare (I assume Cloudfire is a typo).

    - - - Updated - - -

    <br>
    Does that mean I should delete (or rename) my hosts file?<br>And do you recommend a particular open DNS or Cloudflare (I assume Cloudfire is a typo).<br>


    What "probably" happened, is that your HOSTS file blocked some ad "for" Microsoft Edge", or some other Microsoft product.

    VirusTotal <---- I scanned your HOSTS file at virustotal for you.


    Also... your HOSTS file is located in the "etc" folder, here... C:\Windows\System32\drivers\etc

    You don't need a tool to deal with the HOSTS file. If you want to use a pre-made HOSTS file, just open the etc folder, rename the current HOSTS file to hosts.old or similar, and just drag and drop the pre-made HOSTS file into the etc folder.
    Make sure to make it "read-only", after you do this.
      My Computer
    Quote Quote

 

  Related Discussions
w 10 notepad hijack
in Software and Apps

Hi All, every time i try to download a pdf or any other info file, it comes out in notepad, which just shows a page of code. its my fault for selecting notepad at some stage, but now i cannot change it back to Adobe or just get my system to...
Vanilla hosts file ( hosts file not working )
in AntiVirus, Firewalls and System Security

Hi I keep getting this symptom from time to time , it fixes with windows updates but then occasionally come back . I have a list of advertising and malware websites that I filter through hosts file that are often used by a chat client as per the...
Got hit with a drive by browser hijack which has set my Edge start page to Yahoo Search - Web Search It also disabled the Home button and changed my default search from Google to Yahoo. I tried the Edge reset powershell script. That failed....
Yet another windows 10 issue ASK Hijack?
in AntiVirus, Firewalls and System Security

Hi, please help me. I have re loaded google to be my home page, and settings state it is. However every time I open a new tab in firefox and try a search it continues to use ask.com, which I really do not like. I don't know why it stopped working....
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 01:23.
Find Us




Windows 10 Forums