Starting at the end of July, Microsoft has begun detecting HOSTS files that block Windows 10 telemetry servers as a 'Severe' security risk.
The HOSTS file is a text file located at C:\Windows\system32\driver\etc\HOSTS and can only be edited by a program with Administrator privileges.
This file is used to resolve hostnames to IP addresses without using the Domain Name System (DNS).
This file is commonly used to block a computer from accessing a remote site by assigning host to the 127.0.0.1 or 0.0.0.0 IP address.
For example, if you add the following line to the Windows HOSTS file, it will block users from accessing www.google.com as your browsers will think you are trying to connect to 127.0.0.1, which is the local computer.
127.0.0.1 www.google.com
Microsoft now detects HOSTS files that block Windows telemetry
Since the end of July, Windows 10 users began reporting that Windows Defender had started detecting modified HOSTS files as a 'SettingsModifier:Win32/HostsFileHijack' threat.
When detected, if a user clicks on the 'See details' option, they will simply be shown that they are affected by a 'Settings Modifier' threat and has 'potentially unwanted behavior,' as shown below.
BleepingComputer first learned about this issue from BornCity, and while Microsoft Defender detecting HOSTS hijacks is not new, it was strange to see so many people suddenly reporting the detection [1, 2, 3, 4, 5].
While a widespread infection hitting many consumers simultaneously in the past is not unheard of, it is quite unusual with the security built into Windows 10 today.
This led me to believe it was a false positive or some other non-malicious issue.
After playing with generic HOSTS file modifications such as blocking BleepingComputer and other sites, I tried adding a blocklist for Microsoft's telemetry to my HOSTS file.
This list adds many Microsoft servers used by the Windows operating system and Microsoft software to send telemetry and user data back to Microsoft.
As soon as I saved the HOSTS file, I received the following alert stating that I could not save the file as it "contains a virus or potentially unwanted software." I also received alerts that my computer was infected with 'SettingsModifier:Win32/HostsFileHijack.''
So it seems that Microsoft had recently updated their Microsoft Defender definitions to detect when their servers were added to the HOSTS file.
Users who utilize HOSTS files to block Windows 10 telemetry suddenly caused them to see the HOSTS file hijack detection.
In our tests, some of the Microsoft hosts detected in the Windows 10 HOSTS file include the following:
www.microsoft.com
microsoft.com
telemetry.microsoft.com
wns.notify.windows.com.akadns.net
v10-win.vortex.data.microsoft.com.akadns.net
us.vortex-win.data.microsoft.com
us-v10.events.data.microsoft.com
urs.microsoft.com.nsatc.net
watson.telemetry.microsoft.com
watson.ppe.telemetry.microsoft.com
vsgallery.com
watson.live.com
watson.microsoft.com
telemetry.remoteapp.windowsazure.com
telemetry.urs.microsoft.com
If you decide to clean this threat, Microsoft will restore the HOSTS file back to its default contents.
Users who intentionally modify their HOSTS file can allow this 'threat,' but it may enable all HOSTS modifications, even malicious ones, going forward.
So only allow the threat if you 100% understand the risks involved in doing so.
BleepingComputer has reached out to Microsoft with questions regarding this new detection.
Comments
doncoyote - 3 years ago
O&O ShutUp10 FTW.
JohnC_21 - 3 years ago
"O&O ShutUp10 FTW."
This is what I use. Welcome to Windows as a service.
KimBaker - 3 years ago
Welcome to possible Windows 10 breakage.
JohnC_21 - 3 years ago
I've used Shut Up for months without an issue. If there is breakage, I've got a disk image backup. :-)
d-reaper - 3 years ago
Doing all that stuff just doesn't seem worth it to make 10 work the way I want it to. This is why I went to Linux.
nintendo1889 - 4 months ago
@dreaper "Doing all that stuff just doesn't seem worth it to make 10 work the way I want it to. This is why I went to Linux."
I love linux and unix in general. And with Wayland getting better all the time, the Linux GUI is getting very responsive and in many ways is better than the bloatware and spyware known as Windows 10.
What you have said about windows updates is very true. Microsoft's shoddy updates keep me in business. I've been repairing computers for years, and on my own personal machines, I install all updates, then I shut all updates off.
I am probably biased because I am a computer expert, but I have very few issues. The only issues I really ever have are related to "this application requires at least xx build of windows or newer", at which point I no longer use that application.
nintendo1889 - 4 months ago
"@dreaper "Doing all that stuff just doesn't seem worth it to make 10 work the way I want it to. This is why I went to Linux."
I love linux and unix in general. And with Wayland getting better all the time, the Linux GUI is getting very responsive and in many ways is better than the bloatware and spyware known as Windows 10.
What you have said about windows updates is very true. Microsoft's shoddy updates keep me in business. I've been repairing computers for years, and on my own personal machines, I install all updates, then I shut all updates off.
I am probably biased because I am a computer expert, but I have very few issues. The only issues I really ever have are related to "this application requires at least xx build of windows or newer", at which point I no longer use that application."
Here is a rather complete list:
https://pastebin.com/LG0R7hda
nintendo1889 - 4 months ago
""@dreaper "Doing all that stuff just doesn't seem worth it to make 10 work the way I want it to. This is why I went to Linux."
I love linux and unix in general. And with Wayland getting better all the time, the Linux GUI is getting very responsive and in many ways is better than the bloatware and spyware known as Windows 10.
What you have said about windows updates is very true. Microsoft's shoddy updates keep me in business. I've been repairing computers for years, and on my own personal machines, I install all updates, then I shut all updates off.
I am probably biased because I am a computer expert, but I have very few issues. The only issues I really ever have are related to "this application requires at least xx build of windows or newer", at which point I no longer use that application."
Here is a rather complete list:https://pastebin.com/LG0R7hda"
Windows hosts file to block updates
f# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
########################
# Block windows update
########################
# allowed sites :
#0.0.0.0 www.microsoft.com
#0.0.0.0 microsoft.com
0.0.0.0 *.microsoft.com
0.0.0.0 *.download.windowsupdate.com
0.0.0.0 *.update.microsoft.com
0.0.0.0 *.windowsupdate.com
0.0.0.0 *.windowsupdate.microsoft.com
0.0.0.0 download.microsoft.com
0.0.0.0 download.windowsupdate.com
0.0.0.0 ntservicepack.microsoft.com
0.0.0.0 test.stats.update.microsoft.com
0.0.0.0 windowsupdate.microsoft.com
0.0.0.0 wustat.windows.com
0.0.0.0 telemetry.microsoft.com
0.0.0.0 wns.notify.windows.com.akadns.net
0.0.0.0 v10-win.vortex.data.microsoft.com.akadns.net
0.0.0.0 us.vortex-win.data.microsoft.com
0.0.0.0 us-v10.events.data.microsoft.com
0.0.0.0 urs.microsoft.com.nsatc.net
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 vsgallery.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 telemetry.remoteapp.windowsazure.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 windowsupdate.microsoft.com
0.0.0.0 *.windowsupdate.microsoft.com
0.0.0.0 *.windowsupdate.microsoft.com
0.0.0.0 *.update.microsoft.com
0.0.0.0 *.windowsupdate.com
0.0.0.0 download.windowsupdate.com
0.0.0.0 download.microsoft.com
0.0.0.0 *.download.windowsupdate.com
0.0.0.0 wustat.windows.com
0.0.0.0 ntservicepack.microsoft.com
0.0.0.0 stats.microsoft.com
###########################################################
# https://www.encrypt-the-planet.com/downloads/hosts
###########################################################
####################################################################################################
# WINDOWS 10 SPYBLOCK HOSTS FILE + NVIDIA TELEMETRY #
# https://encrypt-the-planet.com/windows-10-anti-spy-host-file/ #
# Last Updated 06/SEPT/2020 #
# NEW: ALLOWING SKYPE. IF YOU WANT TO BLOCK SKYPE YOU MUST MANUALLY REMOVE THE COMMENT "#" #
# NEW: "WILDCARDS ARE NOT SUPPORTED IN HOSTS FILE, NEED TO BE BLOCKED BY FIREWALL RULE", SEE NOTE #
# NEW: Added more MS Hosts, defined specific services. #
# #
# WARNING: WILL BREAK CERTAIN WINDOWS SERVICES - Report problems in website comment section: #
# COMMENTS: https://encrypt-the-planet.com/windows-10-anti-spy-host-file/ #
# #
# Hosts file location: C:\Windows\System32\Drivers\etc #
# #
# Windows Anti Spy Hosts by www.encrypt-the-planet.com is licensed under a Creative Commons #
# Attribution - Share Alike 4.0 International License. #
# #
# Remove Telemetry on your PC: #
# https://encrypt-the-planet.com/completely-disable-windows-10-telemetry/ #
# #
# Info on what some of these hosts do: #
# https://docs.microsoft.com/en-us/windows/privacy/windows-endpoints-1803-non-enterprise-editions #
# #
# REPORT PROBLEMS OR CHANGES NEEDED - THANKS! https://encrypt-the-planet.com/contact-us/ #
# #
# DONATE BTC HERE: 1MRmrMX2t9eWVm8TzWpEP9cpwLYzgHvwrh #
####################################################################################################
#
###############################################################
# DEFINES YOUR LOCAL HOST ENVIRONMENT, HELPS ASSURE NO ESCAPE #
###############################################################
127.0.0.1 localhost
127.0.0.1 localhost.localdomain
127.0.0.1 local
255.255.255.255 broadcasthost
::1 localhost
::1 ip6-localhost
::1 ip6-loopback
fe80::1%lo0 localhost
ff00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
0.0.0.0 0.0.0.0
#
########################
# START ALLOWING HOSTS #
########################
#
# START - ALLOWING WINDOWS UPDATES
#0.0.0.0 fe3.delivery.mp.microsoft.com
#0.0.0.0 fe3.delivery.dsp.mp.microsoft.com.nsatc.net
#0.0.0.0 sls.update.microsoft.com
#0.0.0.0 sls.update.microsoft.com.nsatc.net
#0.0.0.0 sls.update.microsoft.com.akadns.net
#0.0.0.0 fe2.update.microsoft.com.nsatc.net
#0.0.0.0 fe2.update.microsoft.com
#0.0.0.0 static.78-46-223-24.clients.your-server.de
#0.0.0.0 fg.download.windowsupdate.com.c.footprint.net
#0.0.0.0 emdl.ws.microsoft.com ### Also used to update store apps.
#0.0.0.0 cds.d2s7q6s2.hwcdn.net ### Verizon Content Delivery Network uses these to perform Windows updates.###
#0.0.0.0 *wac.phicdn.net ### Verizon Content Delivery Network uses these to perform Windows updates.###
#0.0.0.0 *wac.edgecastcdn.net ### Verizon Content Delivery Network uses these to perform Windows updates.###
#0.0.0.0 *.windowsupdate.com ### *.WILDCARDS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
#0.0.0.0 *.prod.do.dsp.mp.microsoft.com ### *.WILDCARDS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
#0.0.0.0 *.dl.delivery.mp.microsoft.com ### *.WILDCARDS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
#0.0.0.0 www.bing.com/threshold/xls.aspx ### Root Certificates Update to check the list of trusted authorities on Windows Update to see if an update is available. ###
# END - ALLOWING WINDOWS UPDATES
#
# START - ALLOWING MICROSOFT MALWARE PROTECTION
#0.0.0.0 e13678.dspb.akamaiedge.net
#0.0.0.0 e3673.g.akamaiedge.net
#0.0.0.0 e1863.dspb.akamaiedge.net
#0.0.0.0 a23-203-177-241.deploy.static.akamaitechnologies.com
#0.0.0.0 e11290.dspg.akamaiedge.net
#0.0.0.0 wdcp.microsoft.com
#0.0.0.0 definitionupdates.microsoft.com
# END - ALLOWING MICROSOFT MALWARE PROTOECTION
#
# START - Windows uses this website to download certificates that are publicly known to be fraudulent.
#0.0.0.0 ctldl.windowsupdate.com
# END - Windows uses this website to download certificates that are publicly known to be fraudulent.
#
# START - ALLOWING SKYPE
#0.0.0.0 cs10.wpc.v0cdn.net
#0.0.0.0 nus1-authgw.cloudapp.net
#0.0.0.0 eus1-authgw.cloudapp.net
#0.0.0.0 wus-wsapi.cloudapp.net
#0.0.0.0 c-aps-usea2-01-skype.cloudapp.net
#0.0.0.0 optionsservice-prod-southeastasia-a.cloudapp.net
#0.0.0.0 ip.wusmw1-client-s.msnmessenger.msn.com.akadns.net
#0.0.0.0 root.skype-edf.akadns.net
#0.0.0.0 sconsentit903.cloudapp.net
#0.0.0.0 people-prod-b-usce.cloudapp.net
#0.0.0.0 cus-prod-msgsearch.cloudapp.net
#0.0.0.0 vs.login.msa.akadns6.net
#0.0.0.0 nus1-api-skype.cloudapp.net
#0.0.0.0 avatar-service-prod-b-eus2.cloudapp.net
#0.0.0.0 production.skype-registar.akadns.net
#0.0.0.0 skype-calling-missedcallsregistrar-prod-we.cloudapp.net
#0.0.0.0 c-cc-usea2-01-skype.cloudapp.net
#0.0.0.0 4-c-0003.c-msedge.net
#0.0.0.0 root.skype.edf.akadns.net
#0.0.0.0 etag-production-roundrobin.skype-registar.akadns.net
#0.0.0.0 bn2.skype.msnmessenger.msn.com.akadns.net
#0.0.0.0 apps.skype.com
#0.0.0.0 pricelist.skype.com
#0.0.0.0 ui.skype.com
#0.0.0.0 dns6.skype-dns.akadns.net
#0.0.0.0 s-0001.s-msedge.net# ALSO USED IN MS OFFICE
#0.0.0.0 177-185-42-72.gci.net
#0.0.0.0 pipe.cloudapp.aria.akadns.net
#0.0.0.0 p1415007-ipngn15001marunouchi.tokyo.ocn.ne.jp
#0.0.0.0 c220-239-44-24.eburwd6.vic.optusnet.com.au
#0.0.0.0 e1855.b.akamaiedge.net
#0.0.0.0 p9693bcaa.fkoknt01.ap.so-net.ne.jp
#0.0.0.0 softbank126066067187.bbtec.net
#0.0.0.0 ipv4.login.msa.akadns6.net
#0.0.0.0 cpe-76-85-171-249.neb.res.rr.com
#0.0.0.0 e13551.dscg.akamaiedge.net
#0.0.0.0 ocsp.globalsign.cloud
#0.0.0.0 livegeteastus.cloudapp.net
#0.0.0.0 p3b923892.tokynt01.ap.so-net.ne.jp
#0.0.0.0 5-105-110-26.mytrinity.com.ua
#0.0.0.0 128-70-85-141.broadband.corbina.ru
#0.0.0.0 gprs-clients-85.26.155.145.misp.ru
#0.0.0.0 b-internet.176.49.84.166.nsk.rt.ru
#0.0.0.0 dsn10.skype-dsn.akadns.net
#0.0.0.0 81.198.16.62.customer.cdi.no
#0.0.0.0 ui.skype.akadns.net
#0.0.0.0 n175-36-11-221.mrk2.qld.optusnet.com.au
#0.0.0.0 microsoft.windowscommunicationsapps.exe
# END - ALLOWING SKYPE
#
########################
# START BLCOKING HOSTS #
########################
#
# START - Blocking Microsoft forward redirection service uses website to redirect permanent web links to the actual, sometimes transitory, URL. Could be used to redirect telemetry ###
0.0.0.0 go.microsoft.com
# END - Blocking Microsoft forward redirection service uses website to redirect permanent web links to the actual, sometimes transitory, URL. Could be used to redirect telemetry ###
#
# START - BLOCKING NVIDIA TELEMETRY
0.0.0.0 gfswl.geforce.com
0.0.0.0 telemetry.nvidia.com
0.0.0.0 ssl.google-analytics.com
0.0.0.0 gfe.nvidia.com
0.0.0.0 telemetry-dce.gfe.nvidia.com
0.0.0.0 events-dc1.gfe.nvidia.com
# END - BLOCKING NVIDIA TELEMETRY
#
# START - BLOCKING MALWAREBYTES TELEMETRY
0.0.0.0 elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
0.0.0.0 telemetry.malwarebytes.com
# END - BLOCKING MALWAREBYTES TELEMETRY
#
# START - BLOCKING MICROSOFT OFFICE
0.0.0.0 e584.g.akamaiedge.net
0.0.0.0 e9398.g.akamaiedge.net
0.0.0.0 us.configsvc1.live.com.akadns.net
0.0.0.0 e1723.g.akamaiedge.net
0.0.0.0 e-0009.e-msedge.net ### ALSO USED IN MS LIST
0.0.0.0 s-0001.s-msedge.net ### ALSO USED IN SKYPE
0.0.0.0 prod-w.nexus.live.com.akadns.net
0.0.0.0 vip5.afdorigin-prod-sg02.afdogw.com
0.0.0.0 vip5.afdorigin-prod-ln02.afdogw.com
0.0.0.0 vip5.afdorigin-prod-am02.afdogw.com
0.0.0.0 vip5.afdorogin-prod-hk02.afdogw.com
0.0.0.0 vip5.afdorigin-prod-ch02.afdogw.com
0.0.0.0 prod.nexusrules.live.com.akadns.net
# Need to block IP by firewall:52.109.12.20
# END - BLOCKING MICROSOFT OFFICE
#
# START - Connect to the Office 365 portal’s shared infrastructure, including Office Online.
0.0.0.0 ocos-office365-s2s.msedge.net
0.0.0.0 *.c-msedge.net ### WILDCARD DOES NOT WORK IN HOSTS FILE, USE FIREWALL ####
0.0.0.0 c-0001.c-msedge.net
0.0.0.0 *.e-msedge.net ### *.WILDCARS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
0.0.0.0 *.s-msedge.net ### *.WILDCARS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
0.0.0.0 *.a-msedge.net ### *.WILDCARS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
# END - Connect to the Office 365 portal’s shared infrastructure, including Office Online.
#
# START - Endpoint is OfficeHub traffic used to get the metadata of Office apps.
0.0.0.0 outlook.office365.com
# END - Endpoint is OfficeHub traffic used to get the metadata of Office apps.
#
# START - BLOCKING MS PHOTO GALLERY
0.0.0.0 gateway.skyprod.akadns.net
# END - BLOCKING MS PHOTO GALLERY
#
# START - Weather App Live Tile
0.0.0.0 tile-service.weather.microsoft.com
0.0.0.0 blob.weather.microsoft.com
# END - Weather App Live Tile
#
# START - One Note Live Tile
0.0.0.0 cdn.onenote.net/livetile/?Language=en-US
# END - One Note Live Tile
#
# START - Facebook
star-mini.c10r.facebook.com
# END - Facebook
#
# START - Twitter
0.0.0.0 star-mini.c10r.facebook.com
0.0.0.0 oem.twimg.com/windows/tile.xml
# END - Twitter
#
# START - Windows Apps Photos
0.0.0.0 evoke-windowsservices-tas.msedge.net
# END - Windows Apps Photos
#
# START - Candy Crush Game
0.0.0.0 candycrushsoda.king.com
# END - Candy Crush Game
#
# START - AppHostRegistrationVerifier.exe & Groove Music
0.0.0.0 wallet.microsoft.com
# END - AppHostRegistrationVerifier.exe & Groove Music
#
# START - AppHostRegistrationVerifier.exe
0.0.0.0 mediaredirect.microsoft.com
# END - AppHostRegistrationVerifier.exe
#
# START - Store Images - Endpoint is used to get images that are used for Microsoft Store suggestions - update Cortana greetings, tips, and Live Tiles
0.0.0.0 store-images.s-microsoft.com
# END - Store Images - Endpoint is used to get images that are used for Microsoft Store suggestions - update Cortana greetings, tips, and Live Tiles
#
# START - Configure parameters, such as how often the Live Tile is updated, and for enabling experimental features.
0.0.0.0 www.bing.com/client
# END - Configure parameters, such as how often the Live Tile is updated, and for enabling experimental features.
#
# START - Cortana uses this website to report diagnostic data information
0.0.0.0 www.bing.com/proactive
# END - Cortana uses this website to report diagnostic data information
#
# START - Endpoint used to authenticate a device.
0.0.0.0 login.live.com/ppsecure
# END - Endpoint used to authenticate a device.
#
#START - Windows Error Reporting.
0.0.0.0 win.data.microsoft.com/collect/v1
# END - Windows Error Reporting.
#
# START - Download fonts on demand
0.0.0.0 fs.microsoft.com
0.0.0.0 fs.microsoft.com/fs/windows/config.json
# END - Download fonts on demand
#
# START - Online activation and some app licensing
0.0.0.0 licensing.mp.microsoft.com/v7.0/licenses/content
# END - Online activation and some app licensing
#
# START - Location Data
0.0.0.0 location-inference-westus.cloudapp.net
# END - Location Data
#
# START - Microsoft accounts sign-in
0.0.0.0 login.msa.akadns6.net
0.0.0.0 ipv4.login.msa.akadns6.net
0.0.0.0 auth.gfx.ms
# END - Microsoft accounts sign-in
#
# START - Download image files that are called when applications run (Microsoft Store or Inbox MSN Apps) & Store.
0.0.0.0 storecatalogrevocation.storequality.microsoft.com
0.0.0.0 store-images.microsoft.com
0.0.0.0 storeedgefd.dsx.mp.microsoft.com
0.0.0.0 pti.store.microsoft.com
0.0.0.0 displaycatalog.mp.microsoft.com
0.0.0.0 cy2.*.md.mp.microsoft.com.*. ### *.WILDCARS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
0.0.0.0 *.tlu.dl.delivery.mp.microsoft.com.c.footprint.net ### *.WILDCARS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
# END - Download image files that are called when applications run (Microsoft Store or Inbox MSN Apps) & Store.
#
# START - Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status.
0.0.0.0 www.msftconnecttest.com/connecttest.txt
# END - Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status.
#
# START - OneDrive for Business to download and verify app updates.
0.0.0.0 oneclient.sfx.ms
# END - OneDrive for Business to download and verify app updates.
#
# START - Endpoint is used as a way for apps to dynamically update their configuration.
0.0.0.0 cy2.settings.data.microsoft.com.akadns.net
# END - Endpoint is used as a way for apps to dynamically update their configuration.
#
# START - Endpoints make it possible for Windows Spotlight metadata for image locations, suggested apps, Microsoft account notifications, and Windows tips.
0.0.0.0 arc.msn.com
0.0.0.0 arc.msn.com-nsatc.net
0.0.0.0 g.msn.com.nsatc.net
0.0.0.0 ris.api.iris.microsoft.com
0.0.0.0 ris.api.iris.microsoft.com.akadns.net
0.0.0.0 query.prod.cms.rt.microsoft.com
0.0.0.0 *.search.msn.com ### WILDCARD DOES NOT WORK IN HOSTS FILE, USE FIREWALL ####
# END - Endpoints make it possible for Windows Spotlight metadata for image locations, suggested apps, Microsoft account notifications, and Windows tips.
#
# START - Used to download content
0.0.0.0 a122.dscd.akamai.net
0.0.0.0 a1621.g.akamai.net
# END - Used to download content
#
# START - BLOCKING MICROSOFT(MS)
0.0.0.0 standard.t-0001.t-msedge.net:443 ### Used by: apphostregistrationverifier.exe ###
0.0.0.0 118-163-160-187-HINET-IP.hinet.net
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 a-msedge.net
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 ads.avocet.io
0.0.0.0 ads.mopub.com
0.0.0.0 ads.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 api.mixpanel.com
0.0.0.0 api.redshell.io
0.0.0.0 app.adjust.com
0.0.0.0 app.adjust.io
0.0.0.0 apps.skype.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com
0.0.0.0 c.msn.com
0.0.0.0 ca.telemetry.microsoft.com
0.0.0.0 cache.datamart.windows.com
0.0.0.0 cdn.atdmt.com
0.0.0.0 cds26.ams9.msecn.net
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nstac.net
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 db3aqu.atdmt.com
0.0.0.0 decide.mixpanel.com
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 e.crashlytics.com
0.0.0.0 ec.atdmt.com
0.0.0.0 fe2.update.microsoft.com.akadns.net
0.0.0.0 feedback.microsoft-hohm.com
0.0.0.0 feedback.search.microsoft.com
0.0.0.0 feedback.windows.com
0.0.0.0 flex.msn.com
0.0.0.0 g.msn.com
0.0.0.0 gate.hockeyapp.net
0.0.0.0 h1.msn.com
0.0.0.0 i1.services.social.microsoft.com
0.0.0.0 i1.services.social.microsoft.com.nsatc.net
0.0.0.0 in.treasuredata.com
0.0.0.0 lb1.www.ms.akadns.net
0.0.0.0 live.rads.msn.com
0.0.0.0 m.adnxs.com
0.0.0.0 m.hotmail.com
0.0.0.0 msedge.net
0.0.0.0 msftncsi.com
0.0.0.0 msnbot-65-55-108-23.search.msn.com
0.0.0.0 msntest.serving-sys.com
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 pre.footprintpredict.com
0.0.0.0 preview.msn.com
0.0.0.0 pricelist.skype.com
0.0.0.0 rad.live.com
0.0.0.0 rad.msn.com
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 redshell.io
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 s0.2mdn.net
0.0.0.0 s.gateway.messenger.live.com
0.0.0.0 schemas.microsoft.akadns.net
0.0.0.0 secure.adnxs.com
0.0.0.0 secure.flashtalking.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 settings.crashlytics.com
0.0.0.0 spynet2.microsoft.com
0.0.0.0 spynetalt.microsoft.com
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 ssl.google-analytics.com
0.0.0.0 static.2mdn.net
0.0.0.0 statsfe1.ws.microsoft.com
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 statsfe2.ws.microsoft.com
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 t.appsflyer.com
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 treasuredata.com
0.0.0.0 view.atdmt.com
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 www.msftncsi.com
0.0.0.0 a0001.a-msedge.net
0.0.0.0 a23-43-234-79.deploy.static.akamaitechnologies.com
0.0.0.0 a458.g.akamai.net
0.0.0.0 a767.dscd.akamai.net
0.0.0.0 a767.dspw65.akamai.net
0.0.0.0 a978.i6g1.akamai.net
0.0.0.0 a1051.d.akamai.net
0.0.0.0 a1213.g.akamai.net
0.0.0.0 a1639.g1.akamai.net
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 a-0010.a-msedge.net
0.0.0.0 a-0011.a-msedge.net
0.0.0.0 a-0012.a-msedge.net
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 ac3.msn.com
0.0.0.0 activity.windows.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 ads.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 aka.ms
0.0.0.0 alpha.telemetry.microsoft.com
0.0.0.0 americas1.notify.windows.com.akadns.net
0.0.0.0 americas2.notify.windows.com.akadns.net
0.0.0.0 amp-reddit-com.cdn.ampproject.org
0.0.0.0 any.edge.bing.com
0.0.0.0 apac1.notify.windows.com.akadns.net
0.0.0.0 api.cortana.ai
0.0.0.0 api.redshell.io
0.0.0.0 array615-prod-do.dsp.mp.microsoft.com
0.0.0.0 asimov-win.settings.data.microsoft.com.akadns.net
0.0.0.0 asimov.settings.data.microsoft.com.akadns.net
0.0.0.0 atlas.c10r.facebook.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bing.com
0.0.0.0 bingads.microsoft.com
0.0.0.0 bl3301-a.1drv.com
0.0.0.0 bl3301-c.1drv.com
0.0.0.0 bl3301-g.1drv.com
0.0.0.0 bl3302.storage.live.com
0.0.0.0 bl3302geo.storage.dkyprod.akadns.net
0.0.0.0 blob.bl2prdstr03a.store.core.windows.net
0.0.0.0 bn1wns2011508.wns.windows.com
0.0.0.0 bn2.displaycatalog.md.mp.microsoft.com.akadns.net
0.0.0.0 bn2b-cor001.api.p001.1drv.com
0.0.0.0 bn2b-cor002.api.p001.1drv.com
0.0.0.0 bn2b-cor003.api.p001.1drv.com
0.0.0.0 bn2b-cor004.api.p001.1drv.com
0.0.0.0 bn2licensing.md.mp.microsoft.com.akadns.net
0.0.0.0 bn2wns1.wns.windows.com
0.0.0.0 bn2wns1b.wns.windows.com
0.0.0.0 bn3p-cor001.api.p001.1drv.com
0.0.0.0 bn3sch020010536.wns.windows.com
0.0.0.0 bn3sch020010558.wns.windows.com
0.0.0.0 bn3sch020010560.wns.windows.com
0.0.0.0 bn3sch020010618.wns.windows.com
0.0.0.0 bn3sch020010626.wns.windows.com
0.0.0.0 bn3sch020010629.wns.windows.com
0.0.0.0 bn3sch020010631.wns.windows.com
0.0.0.0 bn3sch020010635.wns.windows.com
0.0.0.0 bn3sch020010636.wns.windows.com
0.0.0.0 bn3sch020010650.wns.windows.com
0.0.0.0 bn3sch020011727.wns.windows.com
0.0.0.0 BN3SCH020011855.wns.windows.com
0.0.0.0 bn3sch020012850.wns.windows.com
0.0.0.0 bn3sch020020322.wns.windows.com
0.0.0.0 bn3sch020020749.wns.windows.com
0.0.0.0 bn3sch020022328.wns.windows.com
0.0.0.0 BN3SCH020022331.wns.windows.com
0.0.0.0 bn3sch020022335.wns.windows.com
0.0.0.0 bn3sch020022361.wns.windows.com
0.0.0.0 bn4sch101120814.wns.windows.com
0.0.0.0 bn4sch101120818.wns.windows.com
0.0.0.0 bn4sch101120911.wns.windows.com
0.0.0.0 bn4sch101120913.wns.windows.com
0.0.0.0 BN4SCH101121017.wns.windows.com
0.0.0.0 bn4sch101121019.wns.windows.com
0.0.0.0 BN4SCH101121022.wns.windows.com
0.0.0.0 bn4sch101121109.wns.windows.com
0.0.0.0 bn4sch101121118.wns.windows.com
0.0.0.0 bn4sch101121223.wns.windows.com
0.0.0.0 BN4SCH101121318.wns.windows.com
0.0.0.0 bn4sch101121407.wns.windows.com
0.0.0.0 bn4sch101121618.wns.windows.com
0.0.0.0 bn4sch101121704.wns.windows.com
0.0.0.0 bn4sch101121709.wns.windows.com
0.0.0.0 bn4sch101121714.wns.windows.com
0.0.0.0 bn4sch101121908.wns.windows.com
0.0.0.0 bn4sch101122117.wns.windows.com
0.0.0.0 bn4sch101122310.wns.windows.com
0.0.0.0 bn4sch101122312.wns.windows.com
0.0.0.0 bn4sch101122421.wns.windows.com
0.0.0.0 BN4SCH101123006.wns.windows.com
0.0.0.0 bn4sch101123108.wns.windows.com
0.0.0.0 bn4sch101123110.wns.windows.com
0.0.0.0 bn4sch101123202.wns.windows.com
0.0.0.0 bn4sch102110124.wns.windows.com
0.0.0.0 bn1304-e.1drv.com
0.0.0.0 bn1306-a.1drv.com
0.0.0.0 bn1306-e.1drv.com
0.0.0.0 bn1306-g.1drv.com
0.0.0.0 bnsch020022361.wns.windows.com
0.0.0.0 browser.events.data.microsoft.com
0.0.0.0 browser.pipe.aria.microsoft.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 by3301-a.1drv.com
0.0.0.0 by3301-c.1drv.com
0.0.0.0 by3301-e.1drv.com
0.0.0.0 c-0001.dc-msedge.net
0.0.0.0 c.atdmt.com
0.0.0.0 c.go.mpulse.net.cdn.cloudflare.net
0.0.0.0 c.msn.com
0.0.0.0 c.msn.com.nsatc.net
0.0.0.0 ca.telemetry.microsoft.com
0.0.0.0 cache.datamart.windows.com
0.0.0.0 cdn.atdmt.com
0.0.0.0 cdn.globalsign.com
0.0.0.0 cds10.stn.llnw.net
0.0.0.0 cds26.ams9.msecn.net
0.0.0.0 cds38.ory.llnw.net
0.0.0.0 cds54.ory.llnw.net
0.0.0.0 cds177.dus.llnw.net
0.0.0.0 cds299.lcy.llnw.net
0.0.0.0 cds308.lcy.llnw.net
0.0.0.0 cds310.lcy.llnw.net
0.0.0.0 cds405.lcy.llnw.net
0.0.0.0 cds406.lcy.llnw.net
0.0.0.0 cds407.fra.llnw.net
0.0.0.0 cds416.lcy.llnw.net
0.0.0.0 cds421.lcy.llnw.net
0.0.0.0 cds422.lcy.llnw.net
0.0.0.0 cds425.lcy.llnw.net
0.0.0.0 cds426.lcy.llnw.net
0.0.0.0 cds447.lcy.llnw.net
0.0.0.0 cds458.lcy.llnw.net
0.0.0.0 cds459.lcy.llnw.net
0.0.0.0 cds461.lcy.llnw.net
0.0.0.0 cds468.lcy.llnw.net
0.0.0.0 cds469.lcy.llnw.net
0.0.0.0 cds471.lcy.llnw.net
0.0.0.0 cds483.lcy.llnw.net
0.0.0.0 cds484.lcy.llnw.net
0.0.0.0 cds489.lcy.llnw.net
0.0.0.0 cds493.lcy.llnw.net
0.0.0.0 cds494.lcy.llnw.net
0.0.0.0 cds812.lon.llnw.net
0.0.0.0 cds815.lon.llnw.net
0.0.0.0 cds818.lon.llnw.net
0.0.0.0 cds832.lon.llnw.net
0.0.0.0 cds836.lon.llnw.net
0.0.0.0 cds840.lon.llnw.net
0.0.0.0 cds843.lon.llnw.net
0.0.0.0 cds857.lon.llnw.net
0.0.0.0 cds868.lon.llnw.net
0.0.0.0 cds869.lon.llnw.net
0.0.0.0 cds1203.lon.llnw.net
0.0.0.0 cds1204.lon.llnw.net
0.0.0.0 cds1209.lon.llnw.net
0.0.0.0 cds1219.lon.llnw.net
0.0.0.0 cds1228.lon.llnw.net
0.0.0.0 cds1244.lon.llnw.net
0.0.0.0 cds1257.lon.llnw.net
0.0.0.0 cds1265.lon.llnw.net
0.0.0.0 cds1269.lon.llnw.net
0.0.0.0 cds1273.lon.llnw.net
0.0.0.0 cds1285.lon.llnw.net
0.0.0.0 cds1287.lon.llnw.net
0.0.0.0 cds1289.lon.llnw.net
0.0.0.0 cds1293.lon.llnw.net
0.0.0.0 cds1307.lon.llnw.net
0.0.0.0 cds1310.lon.llnw.net
0.0.0.0 cds1325.lon.llnw.net
0.0.0.0 cds1327.lon.llnw.net
0.0.0.0 cds20005.stn.llnw.net
0.0.0.0 cds20404.lcy.llnw.net
0.0.0.0 cds20411.lcy.llnw.net
0.0.0.0 cds20415.lcy.llnw.net
0.0.0.0 cds20416.lcy.llnw.net
0.0.0.0 cds20417.lcy.llnw.net
0.0.0.0 cds20424.lcy.llnw.net
0.0.0.0 cds20425.lcy.llnw.net
0.0.0.0 cds20431.lcy.llnw.net
0.0.0.0 cds20435.lcy.llnw.net
0.0.0.0 cds20440.lcy.llnw.net
0.0.0.0 cds20443.lcy.llnw.net
0.0.0.0 cds20445.lcy.llnw.net
0.0.0.0 cds20450.lcy.llnw.net
0.0.0.0 cds20452.lcy.llnw.net
0.0.0.0 cds20457.lcy.llnw.net
0.0.0.0 cds20461.lcy.llnw.net
0.0.0.0 cds20469.lcy.llnw.net
0.0.0.0 cds20475.lcy.llnw.net
0.0.0.0 cds20482.lcy.llnw.net
0.0.0.0 cds20485.lcy.llnw.net
0.0.0.0 cds20495.lcy.llnw.net
0.0.0.0 cds21205.lon.llnw.net
0.0.0.0 cds21207.lon.llnw.net
0.0.0.0 cds21225.lon.llnw.net
0.0.0.0 cds21229.lon.llnw.net
0.0.0.0 cds21233.lon.llnw.net
0.0.0.0 cds21238.lon.llnw.net
0.0.0.0 cds21244.lon.llnw.net
0.0.0.0 cds21249.lon.llnw.net
0.0.0.0 cds21256.lon.llnw.net
0.0.0.0 cds21257.lon.llnw.net
0.0.0.0 cds21258.lon.llnw.net
0.0.0.0 cds21261.lon.llnw.net
0.0.0.0 cds21267.lon.llnw.net
0.0.0.0 cds21278.lon.llnw.net
0.0.0.0 cds21281.lon.llnw.net
0.0.0.0 cds21293.lon.llnw.net
0.0.0.0 cds21309.lon.llnw.net
0.0.0.0 cds21313.lon.llnw.net
0.0.0.0 cds21321.lon.llnw.net
0.0.0.0 cds30027.stn.llnw.net
0.0.0.0 ch1-cor001.api.p001.1drv.com
0.0.0.0 ch1-cor002.api.p001.1drv.com
0.0.0.0 ch3301-c.1drv.com
0.0.0.0 ch3301-e.1drv.com
0.0.0.0 ch3301-g.1drv.com
0.0.0.0 ch3302-c.1drv.com
0.0.0.0 ch3302-e.1drv.com
0.0.0.0 choice.live.com
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 choice.microsoft.com.nstac.net
0.0.0.0 client.wns.windows.com
0.0.0.0 compatexchange1.trafficmanager.net
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 continuum.dds.microsoft.com
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 crl.globalsign.net
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 cy2.displaycatalog.md.mp.microsoft.com.akadns.net
0.0.0.0 cy2.licensing.md.mp.microsoft.com.akadns.net
0.0.0.0 cy2.settings.data.microsoft.com.akadns.net
0.0.0.0 db3aqu.atdmt.com
0.0.0.0 db3wns2011111.wns.windows.com
0.0.0.0 db5-eap.settings-win.data.microsoft.com.akadns.net
0.0.0.0 db5.displaycatalog.md.mp.microsoft.com.akadns.net
0.0.0.0 db5.md.mp.microsoft.com.akadns.net
0.0.0.0 db5.settings-win.data.microsoft.com.akadns.net
0.0.0.0 db5.settings.data.microsoft.com.akadns.net
0.0.0.0 db5.vortex.data.microsoft.com.akadns.net
0.0.0.0 db5.wns.windows.com
0.0.0.0 db5sch101100917.wns.windows.com
0.0.0.0 db5sch101101511.wns.windows.com
0.0.0.0 db5sch101101813.wns.windows.com
0.0.0.0 db5sch101101914.wns.windows.com
0.0.0.0 db5sch101101939.wns.windows.com
0.0.0.0 db5sch101110626.wns.windows.com
0.0.0.0 db5sch101110634.wns.windows.com
0.0.0.0 db5sch101110821.wns.windows.com
0.0.0.0 db5sch101110822.wns.windows.com
0.0.0.0 db5sch103082111.wns.windows.com
0.0.0.0 db5sch103082406.wns.windows.com
0.0.0.0 db5sch103092209.wns.windows.com
0.0.0.0 db5wns1d.wns.windows.com
0.0.0.0 db6sch102091105.wns.windows.com
0.0.0.0 db6sch102091412.wns.windows.com
0.0.0.0 dc.services.visualstudio.com
0.0.0.0 dev.virtualearth.net
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 directory.services.live.com
0.0.0.0 directory.services.live.com.akadns.net
0.0.0.0 dm3p.wns.notify.windows.com.akadns.net
0.0.0.0 dmd.metaservices.microsoft.com.akadns.net
0.0.0.0 dmd.metaservices.microsoft.com
0.0.0.0 dns.msftncsi.com
0.0.0.0 download-ssl.msgamestudios.com
0.0.0.0 dt.adsafeprotected.com
0.0.0.0 e87.dspb.akamaiedge.net
0.0.0.0 e1706.g.akamaiedge.net
0.0.0.0 e4578.b.akamaiedge.net
0.0.0.0 e8218.dscb1.akamaiedge.net
0.0.0.0 e9946.g.akamaiedge.net
0.0.0.0 e12358.g.akamaiedge.net
0.0.0.0 e-0009.e-msedge.net#ALSO USED IN MSOFFICE
0.0.0.0 ec.atdmt.com
0.0.0.0 ecn.dev.virtualearth.net
0.0.0.0 en-us.appex-rf.msn.com
0.0.0.0 eu-v10.events.data.microsoft.com
0.0.0.0 eu-v20.events.data.microsoft.com
0.0.0.0 eu.vortex-win.data.microsoft.com
0.0.0.0 eu.vortex.data.microsoft.com
0.0.0.0 events.data.microsoft.com
0.0.0.0 fe2.update.microsoft.com.akadns.net
0.0.0.0 feedback.microsoft-hohm.com
0.0.0.0 feedback.search.microsoft.com
0.0.0.0 feedback.windows.com
0.0.0.0 fg.download.windowsupdate.com.c.footprint.net
0.0.0.0 flex.msn.com
0.0.0.0 fw.adsafeprotected.com
0.0.0.0 g.msn.com
0.0.0.0 geo.prod.dodsp.mp.microsoft.com.nsatc.net
0.0.0.0 geo.settings-win.data.microsoft.com.akadns.net
0.0.0.0 geo.settings.data.microsoft.com.akadns.net
0.0.0.0 geo.vortex.data.microsoft.com.akadns.net
0.0.0.0 geoprod.dodsp.mp.microsoft.com.nsatc.net
0.0.0.0 googleads4.g.doubleclick.net
0.0.0.0 gpla1.wac.v2cdn.net
0.0.0.0 h1.msn.com
0.0.0.0 h2.msn.com
0.0.0.0 hk2.settings.data.microsoft.com.akadns.net
0.0.0.0 hk2.wns.windows.com
0.0.0.0 hk2sch130020721.wns.windows.com
0.0.0.0 hk2sch130020723.wns.windows.com
0.0.0.0 hk2sch130020726.wns.windows.com
0.0.0.0 hk2sch130020729.wns.windows.com
0.0.0.0 hk2sch130020732.wns.windows.com
0.0.0.0 hk2sch130020824.wns.windows.com
0.0.0.0 hk2sch130020843.wns.windows.com
0.0.0.0 hk2sch130020851.wns.windows.com
0.0.0.0 hk2sch130020854.wns.windows.com
0.0.0.0 hk2sch130020855.wns.windows.com
0.0.0.0 hk2sch130020924.wns.windows.com
0.0.0.0 hk2sch130020936.wns.windows.com
0.0.0.0 hk2sch130020940.wns.windows.com
0.0.0.0 hk2sch130020956.wns.windows.com
0.0.0.0 hk2sch130020958.wns.windows.com
0.0.0.0 hk2sch130020961.wns.windows.com
0.0.0.0 hk2sch130021017.wns.windows.com
0.0.0.0 hk2sch130021029.wns.windows.com
0.0.0.0 hk2sch130021035.wns.windows.com
0.0.0.0 hk2sch130021137.wns.windows.com
0.0.0.0 hk2sch130021142.wns.windows.com
0.0.0.0 hk2sch130021153.wns.windows.com
0.0.0.0 hk2sch130021217.wns.windows.com
0.0.0.0 hk2sch130021246.wns.windows.com
0.0.0.0 hk2sch130021249.wns.windows.com
0.0.0.0 hk2sch130021260.wns.windows.com
0.0.0.0 hk2sch130021264.wns.windows.com
0.0.0.0 hk2sch130021322.wns.windows.com
0.0.0.0 hk2sch130021323.wns.windows.com
0.0.0.0 hk2sch130021329.wns.windows.com
0.0.0.0 hk2sch130021334.wns.windows.com
0.0.0.0 hk2sch130021360.wns.windows.com
0.0.0.0 hk2sch130021432.wns.windows.com
0.0.0.0 hk2sch130021433.wns.windows.com
0.0.0.0 hk2sch130021435.wns.windows.com
0.0.0.0 hk2sch130021437.wns.windows.com
0.0.0.0 hk2sch130021440.wns.windows.com
0.0.0.0 hk2sch130021450.wns.windows.com
0.0.0.0 hk2sch130021518.wns.windows.com
0.0.0.0 hk2sch130021523.wns.windows.com
0.0.0.0 hk2sch130021526.wns.windows.com
0.0.0.0 hk2sch130021527.wns.windows.com
0.0.0.0 hk2sch130021544.wns.windows.com
0.0.0.0 hk2sch130021554.wns.windows.com
0.0.0.0 hk2sch130021618.wns.windows.com
0.0.0.0 hk2sch130021634.wns.windows.com
0.0.0.0 hk2sch130021638.wns.windows.com
0.0.0.0 hk2sch130021646.wns.windows.com
0.0.0.0 hk2sch130021652.wns.windows.com
0.0.0.0 hk2sch130021654.wns.windows.com
0.0.0.0 hk2sch130021657.wns.windows.com
0.0.0.0 hk2sch130021723.wns.windows.com
0.0.0.0 hk2sch130021726.wns.windows.com
0.0.0.0 hk2sch130021727.wns.windows.com
0.0.0.0 hk2sch130021730.wns.windows.com
0.0.0.0 hk2sch130021731.wns.windows.com
0.0.0.0 hk2sch130021754.wns.windows.com
0.0.0.0 hk2sch130021829.wns.windows.com
0.0.0.0 hk2sch130021830.wns.windows.com
0.0.0.0 hk2sch130021833.wns.windows.com
0.0.0.0 hk2sch130021840.wns.windows.com
0.0.0.0 hk2sch130021842.wns.windows.com
0.0.0.0 hk2sch130021851.wns.windows.com
0.0.0.0 hk2sch130021852.wns.windows.com
0.0.0.0 hk2sch130021927.wns.windows.com
0.0.0.0 hk2sch130021928.wns.windows.com
0.0.0.0 hk2sch130021929.wns.windows.com
0.0.0.0 hk2sch130021958.wns.windows.com
0.0.0.0 hk2sch130022035.wns.windows.com
0.0.0.0 hk2sch130022041.wns.windows.com
0.0.0.0 hk2sch130022049.wns.windows.com
0.0.0.0 hk2sch130022135.wns.windows.com
0.0.0.0 hk2wns1.wns.windows.com
0.0.0.0 hk2wns1b.wns.windows.com
0.0.0.0 hostedocsp.globalsign.com
0.0.0.0 i1.services.social.microsoft.com
0.0.0.0 i1.services.social.microsoft.com.nsatc.net
0.0.0.0 i-bl6p-cor001.api.p001.1drv.com
0.0.0.0 i-bl6p-cor002.api.p001.1drv.com
0.0.0.0 i-bn3p-cor001.api.p001.1drv.com
0.0.0.0 i-by3p-cor001.api.p001.1drv.com
0.0.0.0 i-by3p-cor002.api.p001.1drv.com
0.0.0.0 i-ch1-cor001.api.p001.1drv.com
0.0.0.0 i-ch1-cor002.api.p001.1drv.com
0.0.0.0 i-sn2-cor001.api.p001.1drv.com
0.0.0.0 i-sn2-cor002.api.p001.1drv.com
0.0.0.0 i-sn3p-cor001.api.p001.1drv.com
0.0.0.0 i-sn3p-cor002.api.p001.1drv.com
0.0.0.0 i.s1.social.ms.akadns.net
0.0.0.0 ieonlinews.microsoft.com
0.0.0.0 ieonlinews.trafficmanager.net
0.0.0.0 in.treasuredata.com
0.0.0.0 incoming.telemetry.mozilla.org
0.0.0.0 inference.location.live.net
0.0.0.0 inference.location.livenet.akadns.net
0.0.0.0 ipv6.msftncsi.com
0.0.0.0 ipv6.msftncsi.com.edgesuite.net
0.0.0.0 lb1.www.ms.akadns.net
0.0.0.0 legacy-redirection-neurope-prod-hp.cloudapp.net
0.0.0.0 licensing.md.mp.microsoft.com
0.0.0.0 live.rads.msn.com
0.0.0.0 login.live.com
0.0.0.0 login.live.com.nsatc.net
0.0.0.0 ls2web.redmond.corp.microsoft.com
0.0.0.0 m221.absolute.com
0.0.0.0 m.adnxs.com
0.0.0.0 m.hotmail.com
0.0.0.0 mobile.events.data.microsoft.com
0.0.0.0 mobile.pipe.aria.microsoft.com
0.0.0.0 mobileads.msn.com
0.0.0.0 modern.watson.data.microsoft.com.akadns.net
0.0.0.0 mpd.mxptint.net
0.0.0.0 mscrl.microsoft.com
0.0.0.0 msedge.net
0.0.0.0 msftncsi.com
0.0.0.0 msnbot-65-52-108-234.search.msn.com
0.0.0.0 msnbot-65-55-108-23.search.msn.com
0.0.0.0 msnbot-191-232-139-155.search.msn.com
0.0.0.0 msnbot-207-46-194-25.search.msn.com
0.0.0.0 msnbot-207-46-194-33.search.msn.com
0.0.0.0 msntest.serving-sys.com
0.0.0.0 nexus.officeapps.live.com
0.0.0.0 nexusrules.officeapps.live.com
0.0.0.0 ns1.msft.net
0.0.0.0 ns2.msft.net
0.0.0.0 ns3.msft.net
0.0.0.0 ns4.msft.net
0.0.0.0 ns5.msft.net
0.0.0.0 ns6.msft.net
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 ocsp.usertrust.com
0.0.0.0 onecollector.cloudapp.aria.akadns.net
0.0.0.0 onesettings-bn2.metron.live.com.nsatc.net
0.0.0.0 onesettings-cy2.metron.live.com.nsatc.net
0.0.0.0 onesettings-db5.metron.live.com.nsatc.net
0.0.0.0 onesettings-hk2.metron.live.com.nsatc.net
0.0.0.0 origin.windows.microsoft.com.akadns.net
0.0.0.0 osiprod-scus-snow-000.cloudapp.net
0.0.0.0 osiprod-weu-snow-000.cloudapp.net
0.0.0.0 platform.maps.glbdns2.microsoft.com
0.0.0.0 pre.footprintpredict.com
0.0.0.0 preview.msn.com
0.0.0.0 prod.configsvc1.live.com.akadns.net
0.0.0.0 prod.configsvc.live.com.akadns.net
0.0.0.0 rad.live.com
0.0.0.0 rad.msn.com
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 redir.metaservices.microsoft.com.akadns.net
0.0.0.0 redir.metaservices.microsoft.com.edgesuite.net
0.0.0.0 redirection.prod.cms.msn.com
0.0.0.0 redirection.prod.cms.msn.com.akadns.net
0.0.0.0 redshell.io
0.0.0.0 register.mesh.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 s0.2mdn.net
0.0.0.0 s.gateway.messenger.live.com
0.0.0.0 sc.iasds01.com
0.0.0.0 schemas.microsoft.akadns.net
0.0.0.0 secure.adnxs.com
0.0.0.0 secure.flashtalking.com
0.0.0.0 self.events.data.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win-ppe.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 settings.data.glbdns2.microsoft.com
0.0.0.0 settings.data.microsoft.com
0.0.0.0 sg2p.wns.windows.com
0.0.0.0 siweb.microsoft.akadns.net
0.0.0.0 skyapi.live.net
0.0.0.0 skyapi.skyprod.akadns.net
0.0.0.0 skydrive.wns.windows.com
0.0.0.0 sm.mcafee.com
0.0.0.0 sn3301-c.1drv.com
0.0.0.0 sn3301-e.1drv.com
0.0.0.0 sn3301-g.1drv.com
0.0.0.0 so.2mdn.net
0.0.0.0 solitaireprod.maelstrom.xboxlive.com
0.0.0.0 spynet2.microsoft.akadns.net
0.0.0.0 spynet2.microsoft.com
0.0.0.0 spynetalt.microsoft.akadns.net
0.0.0.0 spynetalt.microsoft.com
0.0.0.0 spyneteurope.microsoft.akadns.net
0.0.0.0 spynetus.microsoft.akadns.net
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 sqmfe.glbdns2.microsoft.com
0.0.0.0 ssw.live.com
0.0.0.0 ssw.live.com.nsatc.net
0.0.0.0 static.2mdn.net
0.0.0.0 statsfe1.ws.microsoft.com
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 statsfe2.ws.microsoft.com
0.0.0.0 su3.mcafee.com
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 sway-cdn.com
0.0.0.0 t0.ssl.ak.dynamic.tiles.virtualearth.net
0.0.0.0 t0.ssl.ak.tiles.virtualearth.net
0.0.0.0 t.urs.microsoft.com.nsatc.net
0.0.0.0 tele.trafficmanager.net
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.appex.bing.net:443
0.0.0.0 telemetry.appex.search.prod.ms.akadns.net
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.remoteapp.windowsazure.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 teredo.ipv6.microsoft.com
0.0.0.0 test.activity.windows.com
0.0.0.0 travel.tile.appex.bing.com
0.0.0.0 treasuredata.com
0.0.0.0 tsfe.trafficshaping.dsp.mp.microsoft.com
0.0.0.0 tsfe.tsws.mp.microsoft.com.nsatc.net
0.0.0.0 tunnel.cfw.trustedsource.org
0.0.0.0 umwatsonc.events.data.microsoft.com
0.0.0.0 updatekeepalive.mcafee.com
0.0.0.0 urs.microsoft.com.nsatc.net
0.0.0.0 us-v10.events.data.microsoft.com
0.0.0.0 us-v20.events.data.microsoft.com
0.0.0.0 us.vortex-win.data.microsoft.com
0.0.0.0 v10-win.vortex.data.microsoft.com.akadns.net
0.0.0.0 v10.events.data.microsoft.com
0.0.0.0 v10.vortex-win.data.metron.life.com.nsatc.net
0.0.0.0 v10.vortex-win.data.metron.live.com.nsatc.net
0.0.0.0 v10.vortex-win.data.microsoft.com
0.0.0.0 v10c.events.data.microsoft.com
0.0.0.0 v20.events.data.microsoft.com
0.0.0.0 v20.vortex-win.data.microsoft.com
0.0.0.0 version.hybrid.api.here.com
0.0.0.0 version.prd.us-east-1.ds.data.here.com
0.0.0.0 view.atdmt.com
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 vortex-db5.metron.live.com.nsatc.net
0.0.0.0 vortex-hk2.metron.live.com.nsatc.net
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.metron.live.com.nsatc.net
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 vortex.data.glbdns2.microsoft.com
0.0.0.0 vortex.data.metron.live.com.nsatc.net
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 vsgallery.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 watson.telemetry.microsoft.com/Telemetry.Request
0.0.0.0 wdcpus.microsoft.akadns.net
0.0.0.0 web.vortex.data.microsoft.com
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 wildcard.appex-rf.msn.com.edgesuite.net
0.0.0.0 wildcard.twimg.com
0.0.0.0 win8.ipv6.microsoft.com
0.0.0.0 win10.ipv6.microsoft.com
0.0.0.0 win10.ipv6.microsoft.com.nsatc.net
0.0.0.0 win1710.ipv6.microsoft.com
0.0.0.0 wns.notify.windows.com.akadns.net
0.0.0.0 www.msedge.net
0.0.0.0 www.msftncsi.com
0.0.0.0 v7event.stats.avcdn.net
0.0.0.0 v7.stats.avcdn.net
0.0.0.0 flow.lavasoft.com
0.0.0.0 ws.mcafee.com
0.0.0.0 analytics.ccs.mcafee.com
0.0.0.0 analyticsdcs.ccs.mcafee.com
0.0.0.0 carcharodon.trendmicro.com
0.0.0.0 cy2.vortex.data.microsoft.com.akadns.net
# END - BLOCKING MICROSOFT(MS)
#
################################################
# ADDED ALL HOSTS EXACTLY IN IPV6 FORMAT BELOW #
################################################
#
# START - ALLOWING WINDOWS UPDATES
0.0.0.0 fe3.delivery.mp.microsoft.com
0.0.0.0 fe3.delivery.dsp.mp.microsoft.com.nsatc.net
0.0.0.0 sls.update.microsoft.com
0.0.0.0 sls.update.microsoft.com.nsatc.net
0.0.0.0 sls.update.microsoft.com.akadns.net
0.0.0.0 fe2.update.microsoft.com.nsatc.net
0.0.0.0 fe2.update.microsoft.com
0.0.0.0 static.78-46-223-24.clients.your-server.de
0.0.0.0 fg.download.windowsupdate.com.c.footprint.net
0.0.0.0 emdl.ws.microsoft.com ### Also used to update store apps.
0.0.0.0 cds.d2s7q6s2.hwcdn.net ### Verizon Content Delivery Network uses these to perform Windows updates.###
0.0.0.0 *wac.phicdn.net ### Verizon Content Delivery Network uses these to perform Windows updates.###
0.0.0.0 *wac.edgecastcdn.net ### Verizon Content Delivery Network uses these to perform Windows updates.###
0.0.0.0 *.windowsupdate.com ### *.WILDCARDS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
0.0.0.0 *.prod.do.dsp.mp.microsoft.com ### *.WILDCARDS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
0.0.0.0 *.dl.delivery.mp.microsoft.com ### *.WILDCARDS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
0.0.0.0 www.bing.com/threshold/xls.aspx ### Root Certificates Update to check the list of trusted authorities on Windows Update to see if an update is available. ###
# END - ALLOWING WINDOWS UPDATES
#
# START - ALLOWING MICROSOFT MALWARE PROTECTION
0.0.0.0 e13678.dspb.akamaiedge.net
0.0.0.0 e3673.g.akamaiedge.net
0.0.0.0 e1863.dspb.akamaiedge.net
0.0.0.0 a23-203-177-241.deploy.static.akamaitechnologies.com
0.0.0.0 e11290.dspg.akamaiedge.net
0.0.0.0 wdcp.microsoft.com
0.0.0.0 definitionupdates.microsoft.com
# END - ALLOWING MICROSOFT MALWARE PROTOECTION
#
# START - Windows uses this website to download certificates that are publicly known to be fraudulent.
#0.0.0.0 ctldl.windowsupdate.com
# END - Windows uses this website to download certificates that are publicly known to be fraudulent.
#
# START - ALLOWING SKYPE
0.0.0.0 cs10.wpc.v0cdn.net
0.0.0.0 nus1-authgw.cloudapp.net
0.0.0.0 eus1-authgw.cloudapp.net
0.0.0.0 wus-wsapi.cloudapp.net
0.0.0.0 c-aps-usea2-01-skype.cloudapp.net
0.0.0.0 optionsservice-prod-southeastasia-a.cloudapp.net
0.0.0.0 ip.wusmw1-client-s.msnmessenger.msn.com.akadns.net
0.0.0.0 root.skype-edf.akadns.net
0.0.0.0 sconsentit903.cloudapp.net
0.0.0.0 people-prod-b-usce.cloudapp.net
0.0.0.0 cus-prod-msgsearch.cloudapp.net
0.0.0.0 vs.login.msa.akadns6.net
0.0.0.0 nus1-api-skype.cloudapp.net
0.0.0.0 avatar-service-prod-b-eus2.cloudapp.net
0.0.0.0 production.skype-registar.akadns.net
0.0.0.0 skype-calling-missedcallsregistrar-prod-we.cloudapp.net
0.0.0.0 c-cc-usea2-01-skype.cloudapp.net
0.0.0.0 4-c-0003.c-msedge.net
0.0.0.0 root.skype.edf.akadns.net
0.0.0.0 etag-production-roundrobin.skype-registar.akadns.net
0.0.0.0 bn2.skype.msnmessenger.msn.com.akadns.net
0.0.0.0 apps.skype.com
0.0.0.0 pricelist.skype.com
0.0.0.0 ui.skype.com
0.0.0.0 dns6.skype-dns.akadns.net
0.0.0.0 s-0001.s-msedge.net# ALSO USED IN MS OFFICE
0.0.0.0 177-185-42-72.gci.net
0.0.0.0 pipe.cloudapp.aria.akadns.net
0.0.0.0 p1415007-ipngn15001marunouchi.tokyo.ocn.ne.jp
0.0.0.0 c220-239-44-24.eburwd6.vic.optusnet.com.au
0.0.0.0 e1855.b.akamaiedge.net
0.0.0.0 p9693bcaa.fkoknt01.ap.so-net.ne.jp
0.0.0.0 softbank126066067187.bbtec.net
0.0.0.0 ipv4.login.msa.akadns6.net
0.0.0.0 cpe-76-85-171-249.neb.res.rr.com
0.0.0.0 e13551.dscg.akamaiedge.net
0.0.0.0 ocsp.globalsign.cloud
0.0.0.0 livegeteastus.cloudapp.net
0.0.0.0 p3b923892.tokynt01.ap.so-net.ne.jp
0.0.0.0 5-105-110-26.mytrinity.com.ua
0.0.0.0 128-70-85-141.broadband.corbina.ru
0.0.0.0 gprs-clients-85.26.155.145.misp.ru
0.0.0.0 b-internet.176.49.84.166.nsk.rt.ru
0.0.0.0 dsn10.skype-dsn.akadns.net
0.0.0.0 81.198.16.62.customer.cdi.no
0.0.0.0 ui.skype.akadns.net
0.0.0.0 n175-36-11-221.mrk2.qld.optusnet.com.au
0.0.0.0 microsoft.windowscommunicationsapps.exe
# END - ALLOWING SKYPE
#
########################
# START BLCOKING HOSTS #
########################
#
# START - Blocking Microsoft forward redirection service uses website to redirect permanent web links to the actual, sometimes transitory, URL. Could be used to redirect telemetry ###
0.0.0.0 go.microsoft.com
# END - Blocking Microsoft forward redirection service uses website to redirect permanent web links to the actual, sometimes transitory, URL. Could be used to redirect telemetry ###
#
# START - BLOCKING NVIDIA TELEMETRY
0.0.0.0 gfswl.geforce.com
0.0.0.0 telemetry.nvidia.com
0.0.0.0 ssl.google-analytics.com
0.0.0.0 gfe.nvidia.com
0.0.0.0 telemetry-dce.gfe.nvidia.com
0.0.0.0 events-dc1.gfe.nvidia.com
# END - BLOCKING NVIDIA TELEMETRY
#
# START - BLOCKING MALWAREBYTES TELEMETRY
0.0.0.0 elb-telemetry-prod-external-1332413525.us-west-2.elb.amazonaws.com
0.0.0.0 telemetry.malwarebytes.com
# END - BLOCKING MALWAREBYTES TELEMETRY
#
# START - BLOCKING MICROSOFT OFFICE
0.0.0.0 e584.g.akamaiedge.net
0.0.0.0 e9398.g.akamaiedge.net
0.0.0.0 us.configsvc1.live.com.akadns.net
0.0.0.0 e1723.g.akamaiedge.net
0.0.0.0 e-0009.e-msedge.net ### ALSO USED IN MS LIST
0.0.0.0 s-0001.s-msedge.net ### ALSO USED IN SKYPE
0.0.0.0 prod-w.nexus.live.com.akadns.net
0.0.0.0 vip5.afdorigin-prod-sg02.afdogw.com
0.0.0.0 vip5.afdorigin-prod-ln02.afdogw.com
0.0.0.0 vip5.afdorigin-prod-am02.afdogw.com
0.0.0.0 vip5.afdorogin-prod-hk02.afdogw.com
0.0.0.0 vip5.afdorigin-prod-ch02.afdogw.com
0.0.0.0 prod.nexusrules.live.com.akadns.net
# Need to block IP by firewall:52.109.12.20
# END - BLOCKING MICROSOFT OFFICE
#
# START - Connect to the Office 365 portal’s shared infrastructure, including Office Online.
0.0.0.0 ocos-office365-s2s.msedge.net
0.0.0.0 *.c-msedge.net ### WILDCARD DOES NOT WORK IN HOSTS FILE, USE FIREWALL ####
0.0.0.0 c-0001.c-msedge.net
0.0.0.0 *.e-msedge.net ### *.WILDCARS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
0.0.0.0 *.s-msedge.net ### *.WILDCARS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
0.0.0.0 *.a-msedge.net ### *.WILDCARS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
# END - Connect to the Office 365 portal’s shared infrastructure, including Office Online.
#
# START - Endpoint is OfficeHub traffic used to get the metadata of Office apps.
0.0.0.0 outlook.office365.com
# END - Endpoint is OfficeHub traffic used to get the metadata of Office apps.
#
# START - BLOCKING MS PHOTO GALLERY
0.0.0.0 gateway.skyprod.akadns.net
# END - BLOCKING MS PHOTO GALLERY
#
# START - Weather App Live Tile
0.0.0.0 tile-service.weather.microsoft.com
0.0.0.0 blob.weather.microsoft.com
# END - Weather App Live Tile
#
# START - One Note Live Tile
0.0.0.0 cdn.onenote.net/livetile/?Language=en-US
# END - One Note Live Tile
#
# START - Facebook
star-mini.c10r.facebook.com
# END - Facebook
#
# START - Twitter
0.0.0.0 star-mini.c10r.facebook.com
0.0.0.0 oem.twimg.com/windows/tile.xml
# END - Twitter
#
# START - Windows Apps Photos
0.0.0.0 evoke-windowsservices-tas.msedge.net
# END - Windows Apps Photos
#
# START - Candy Crush Game
0.0.0.0 candycrushsoda.king.com
# END - Candy Crush Game
#
# START - AppHostRegistrationVerifier.exe & Groove Music
0.0.0.0 wallet.microsoft.com
# END - AppHostRegistrationVerifier.exe & Groove Music
#
# START - AppHostRegistrationVerifier.exe
0.0.0.0 mediaredirect.microsoft.com
# END - AppHostRegistrationVerifier.exe
#
# START - Store Images - Endpoint is used to get images that are used for Microsoft Store suggestions - update Cortana greetings, tips, and Live Tiles
0.0.0.0 store-images.s-microsoft.com
# END - Store Images - Endpoint is used to get images that are used for Microsoft Store suggestions - update Cortana greetings, tips, and Live Tiles
#
# START - Configure parameters, such as how often the Live Tile is updated, and for enabling experimental features.
0.0.0.0 www.bing.com/client
# END - Configure parameters, such as how often the Live Tile is updated, and for enabling experimental features.
#
# START - Cortana uses this website to report diagnostic data information
0.0.0.0 www.bing.com/proactive
# END - Cortana uses this website to report diagnostic data information
#
# START - Endpoint used to authenticate a device.
0.0.0.0 login.live.com/ppsecure
# END - Endpoint used to authenticate a device.
#
#START - Windows Error Reporting.
0.0.0.0 win.data.microsoft.com/collect/v1
# END - Windows Error Reporting.
#
# START - Download fonts on demand
0.0.0.0 fs.microsoft.com
0.0.0.0 fs.microsoft.com/fs/windows/config.json
# END - Download fonts on demand
#
# START - Online activation and some app licensing
0.0.0.0 licensing.mp.microsoft.com/v7.0/licenses/content
# END - Online activation and some app licensing
#
# START - Location Data
0.0.0.0 location-inference-westus.cloudapp.net
# END - Location Data
#
# START - Microsoft accounts sign-in
0.0.0.0 login.msa.akadns6.net
0.0.0.0 ipv4.login.msa.akadns6.net
0.0.0.0 auth.gfx.ms
# END - Microsoft accounts sign-in
#
# START - Download image files that are called when applications run (Microsoft Store or Inbox MSN Apps) & Store.
0.0.0.0 storecatalogrevocation.storequality.microsoft.com
0.0.0.0 store-images.microsoft.com
0.0.0.0 storeedgefd.dsx.mp.microsoft.com
0.0.0.0 pti.store.microsoft.com
0.0.0.0 displaycatalog.mp.microsoft.com
0.0.0.0 cy2.*.md.mp.microsoft.com.*. ### *.WILDCARS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
0.0.0.0 *.tlu.dl.delivery.mp.microsoft.com.c.footprint.net ### *.WILDCARS DO NOT WORK IN HOSTS FILE, USE FIREWALL TO BLOCK ####
# END - Download image files that are called when applications run (Microsoft Store or Inbox MSN Apps) & Store.
#
# START - Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status.
0.0.0.0 www.msftconnecttest.com/connecttest.txt
# END - Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status.
#
# START - OneDrive for Business to download and verify app updates.
0.0.0.0 oneclient.sfx.ms
# END - OneDrive for Business to download and verify app updates.
#
# START - Endpoint is used as a way for apps to dynamically update their configuration.
0.0.0.0 cy2.settings.data.microsoft.com.akadns.net
# END - Endpoint is used as a way for apps to dynamically update their configuration.
#
# START - Endpoints make it possible for Windows Spotlight metadata for image locations, suggested apps, Microsoft account notifications, and Windows tips.
0.0.0.0 arc.msn.com
0.0.0.0 arc.msn.com-nsatc.net
0.0.0.0 g.msn.com.nsatc.net
0.0.0.0 ris.api.iris.microsoft.com
0.0.0.0 ris.api.iris.microsoft.com.akadns.net
0.0.0.0 query.prod.cms.rt.microsoft.com
0.0.0.0 *.search.msn.com ### WILDCARD DOES NOT WORK IN HOSTS FILE, USE FIREWALL ####
# END - Endpoints make it possible for Windows Spotlight metadata for image locations, suggested apps, Microsoft account notifications, and Windows tips.
#
# START - Used to download content
0.0.0.0 a122.dscd.akamai.net
0.0.0.0 a1621.g.akamai.net
# END - Used to download content
#
# START - BLOCKING MICROSOFT(MS)
0.0.0.0 standard.t-0001.t-msedge.net:443 ### Used by: apphostregistrationverifier.exe ###
0.0.0.0 118-163-160-187-HINET-IP.hinet.net
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 a-msedge.net
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 ac3.msn.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 ads.avocet.io
0.0.0.0 ads.mopub.com
0.0.0.0 ads.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 api.mixpanel.com
0.0.0.0 api.redshell.io
0.0.0.0 app.adjust.com
0.0.0.0 app.adjust.io
0.0.0.0 apps.skype.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 c.atdmt.com
0.0.0.0 c.msn.com
0.0.0.0 ca.telemetry.microsoft.com
0.0.0.0 cache.datamart.windows.com
0.0.0.0 cdn.atdmt.com
0.0.0.0 cds26.ams9.msecn.net
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nstac.net
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 db3aqu.atdmt.com
0.0.0.0 decide.mixpanel.com
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 e.crashlytics.com
0.0.0.0 ec.atdmt.com
0.0.0.0 fe2.update.microsoft.com.akadns.net
0.0.0.0 feedback.microsoft-hohm.com
0.0.0.0 feedback.search.microsoft.com
0.0.0.0 feedback.windows.com
0.0.0.0 flex.msn.com
0.0.0.0 g.msn.com
0.0.0.0 gate.hockeyapp.net
0.0.0.0 h1.msn.com
0.0.0.0 i1.services.social.microsoft.com
0.0.0.0 i1.services.social.microsoft.com.nsatc.net
0.0.0.0 in.treasuredata.com
0.0.0.0 lb1.www.ms.akadns.net
0.0.0.0 live.rads.msn.com
0.0.0.0 m.adnxs.com
0.0.0.0 m.hotmail.com
0.0.0.0 msedge.net
0.0.0.0 msftncsi.com
0.0.0.0 msnbot-65-55-108-23.search.msn.com
0.0.0.0 msntest.serving-sys.com
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 pre.footprintpredict.com
0.0.0.0 preview.msn.com
0.0.0.0 pricelist.skype.com
0.0.0.0 rad.live.com
0.0.0.0 rad.msn.com
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 redshell.io
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 s0.2mdn.net
0.0.0.0 s.gateway.messenger.live.com
0.0.0.0 schemas.microsoft.akadns.net
0.0.0.0 secure.adnxs.com
0.0.0.0 secure.flashtalking.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 settings.crashlytics.com
0.0.0.0 spynet2.microsoft.com
0.0.0.0 spynetalt.microsoft.com
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 ssl.google-analytics.com
0.0.0.0 static.2mdn.net
0.0.0.0 statsfe1.ws.microsoft.com
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 statsfe2.ws.microsoft.com
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 t.appsflyer.com
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 treasuredata.com
0.0.0.0 view.atdmt.com
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 ortex-win.data.microsoft.com
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 www.msftncsi.com
0.0.0.0 a0001.a-msedge.net
0.0.0.0 a23-43-234-79.deploy.static.akamaitechnologies.com
0.0.0.0 a458.g.akamai.net
0.0.0.0 a767.dscd.akamai.net
0.0.0.0 a767.dspw65.akamai.net
0.0.0.0 a978.i6g1.akamai.net
0.0.0.0 a1051.d.akamai.net
0.0.0.0 a1213.g.akamai.net
0.0.0.0 a1639.g1.akamai.net
0.0.0.0 a-0001.a-msedge.net
0.0.0.0 a-0002.a-msedge.net
0.0.0.0 a-0003.a-msedge.net
0.0.0.0 a-0004.a-msedge.net
0.0.0.0 a-0005.a-msedge.net
0.0.0.0 a-0006.a-msedge.net
0.0.0.0 a-0007.a-msedge.net
0.0.0.0 a-0008.a-msedge.net
0.0.0.0 a-0009.a-msedge.net
0.0.0.0 a-0010.a-msedge.net
0.0.0.0 a-0011.a-msedge.net
0.0.0.0 a-0012.a-msedge.net
0.0.0.0 a.ads1.msn.com
0.0.0.0 a.ads2.msads.net
0.0.0.0 a.ads2.msn.com
0.0.0.0 a.rad.msn.com
0.0.0.0 ac3.msn.com
0.0.0.0 activity.windows.com
0.0.0.0 ad.doubleclick.net
0.0.0.0 adnexus.net
0.0.0.0 adnxs.com
0.0.0.0 ads1.msads.net
0.0.0.0 ads1.msn.com
0.0.0.0 ads.msn.com
0.0.0.0 aidps.atdmt.com
0.0.0.0 aka-cdn-ns.adtech.de
0.0.0.0 aka.ms
0.0.0.0 alpha.telemetry.microsoft.com
0.0.0.0 americas1.notify.windows.com.akadns.net
0.0.0.0 americas2.notify.windows.com.akadns.net
0.0.0.0 amp-reddit-com.cdn.ampproject.org
0.0.0.0 any.edge.bing.com
0.0.0.0 apac1.notify.windows.com.akadns.net
0.0.0.0 api.cortana.ai
0.0.0.0 api.redshell.io
0.0.0.0 array615-prod-do.dsp.mp.microsoft.com
0.0.0.0 asimov-win.settings.data.microsoft.com.akadns.net
0.0.0.0 asimov.settings.data.microsoft.com.akadns.net
0.0.0.0 atlas.c10r.facebook.com
0.0.0.0 az361816.vo.msecnd.net
0.0.0.0 az512334.vo.msecnd.net
0.0.0.0 b.ads1.msn.com
0.0.0.0 b.ads2.msads.net
0.0.0.0 b.rad.msn.com
0.0.0.0 bing.com
0.0.0.0 bingads.microsoft.com
0.0.0.0 bl3301-a.1drv.com
0.0.0.0 bl3301-c.1drv.com
0.0.0.0 bl3301-g.1drv.com
0.0.0.0 bl3302.storage.live.com
0.0.0.0 bl3302geo.storage.dkyprod.akadns.net
0.0.0.0 blob.bl2prdstr03a.store.core.windows.net
0.0.0.0 bn1wns2011508.wns.windows.com
0.0.0.0 bn2.displaycatalog.md.mp.microsoft.com.akadns.net
0.0.0.0 bn2b-cor001.api.p001.1drv.com
0.0.0.0 bn2b-cor002.api.p001.1drv.com
0.0.0.0 bn2b-cor003.api.p001.1drv.com
0.0.0.0 bn2b-cor004.api.p001.1drv.com
0.0.0.0 bn2licensing.md.mp.microsoft.com.akadns.net
0.0.0.0 bn2wns1.wns.windows.com
0.0.0.0 bn2wns1b.wns.windows.com
0.0.0.0 bn3p-cor001.api.p001.1drv.com
0.0.0.0 bn3sch020010536.wns.windows.com
0.0.0.0 bn3sch020010558.wns.windows.com
0.0.0.0 bn3sch020010560.wns.windows.com
0.0.0.0 bn3sch020010618.wns.windows.com
0.0.0.0 bn3sch020010626.wns.windows.com
0.0.0.0 bn3sch020010629.wns.windows.com
0.0.0.0 bn3sch020010631.wns.windows.com
0.0.0.0 bn3sch020010635.wns.windows.com
0.0.0.0 bn3sch020010636.wns.windows.com
0.0.0.0 bn3sch020010650.wns.windows.com
0.0.0.0 bn3sch020011727.wns.windows.com
0.0.0.0 BN3SCH020011855.wns.windows.com
0.0.0.0 bn3sch020012850.wns.windows.com
0.0.0.0 bn3sch020020322.wns.windows.com
0.0.0.0 bn3sch020020749.wns.windows.com
0.0.0.0 bn3sch020022328.wns.windows.com
0.0.0.0 BN3SCH020022331.wns.windows.com
0.0.0.0 bn3sch020022335.wns.windows.com
0.0.0.0 bn3sch020022361.wns.windows.com
0.0.0.0 bn4sch101120814.wns.windows.com
0.0.0.0 bn4sch101120818.wns.windows.com
0.0.0.0 bn4sch101120911.wns.windows.com
0.0.0.0 bn4sch101120913.wns.windows.com
0.0.0.0 BN4SCH101121017.wns.windows.com
0.0.0.0 bn4sch101121019.wns.windows.com
0.0.0.0 BN4SCH101121022.wns.windows.com
0.0.0.0 bn4sch101121109.wns.windows.com
0.0.0.0 bn4sch101121118.wns.windows.com
0.0.0.0 bn4sch101121223.wns.windows.com
0.0.0.0 BN4SCH101121318.wns.windows.com
0.0.0.0 bn4sch101121407.wns.windows.com
0.0.0.0 bn4sch101121618.wns.windows.com
0.0.0.0 bn4sch101121704.wns.windows.com
0.0.0.0 bn4sch101121709.wns.windows.com
0.0.0.0 bn4sch101121714.wns.windows.com
0.0.0.0 bn4sch101121908.wns.windows.com
0.0.0.0 bn4sch101122117.wns.windows.com
0.0.0.0 bn4sch101122310.wns.windows.com
0.0.0.0 bn4sch101122312.wns.windows.com
0.0.0.0 bn4sch101122421.wns.windows.com
0.0.0.0 BN4SCH101123006.wns.windows.com
0.0.0.0 bn4sch101123108.wns.windows.com
0.0.0.0 bn4sch101123110.wns.windows.com
0.0.0.0 bn4sch101123202.wns.windows.com
0.0.0.0 bn4sch102110124.wns.windows.com
0.0.0.0 bn1304-e.1drv.com
0.0.0.0 bn1306-a.1drv.com
0.0.0.0 bn1306-e.1drv.com
0.0.0.0 bn1306-g.1drv.com
0.0.0.0 bnsch020022361.wns.windows.com
0.0.0.0 browser.events.data.microsoft.com
0.0.0.0 browser.pipe.aria.microsoft.com
0.0.0.0 bs.serving-sys.com
0.0.0.0 by3301-a.1drv.com
0.0.0.0 by3301-c.1drv.com
0.0.0.0 by3301-e.1drv.com
0.0.0.0 c-0001.dc-msedge.net
0.0.0.0 c.atdmt.com
0.0.0.0 c.go.mpulse.net.cdn.cloudflare.net
0.0.0.0 c.msn.com
0.0.0.0 c.msn.com.nsatc.net
0.0.0.0 ca.telemetry.microsoft.com
0.0.0.0 cache.datamart.windows.com
0.0.0.0 cdn.atdmt.com
0.0.0.0 cdn.globalsign.com
0.0.0.0 cds10.stn.llnw.net
0.0.0.0 cds26.ams9.msecn.net
0.0.0.0 cds38.ory.llnw.net
0.0.0.0 cds54.ory.llnw.net
0.0.0.0 cds177.dus.llnw.net
0.0.0.0 cds299.lcy.llnw.net
0.0.0.0 cds308.lcy.llnw.net
0.0.0.0 cds310.lcy.llnw.net
0.0.0.0 cds405.lcy.llnw.net
0.0.0.0 cds406.lcy.llnw.net
0.0.0.0 cds407.fra.llnw.net
0.0.0.0 cds416.lcy.llnw.net
0.0.0.0 cds421.lcy.llnw.net
0.0.0.0 cds422.lcy.llnw.net
0.0.0.0 cds425.lcy.llnw.net
0.0.0.0 cds426.lcy.llnw.net
0.0.0.0 cds447.lcy.llnw.net
0.0.0.0 cds458.lcy.llnw.net
0.0.0.0 cds459.lcy.llnw.net
0.0.0.0 cds461.lcy.llnw.net
0.0.0.0 cds468.lcy.llnw.net
0.0.0.0 cds469.lcy.llnw.net
0.0.0.0 cds471.lcy.llnw.net
0.0.0.0 cds483.lcy.llnw.net
0.0.0.0 cds484.lcy.llnw.net
0.0.0.0 cds489.lcy.llnw.net
0.0.0.0 cds493.lcy.llnw.net
0.0.0.0 cds494.lcy.llnw.net
0.0.0.0 cds812.lon.llnw.net
0.0.0.0 cds815.lon.llnw.net
0.0.0.0 cds818.lon.llnw.net
0.0.0.0 cds832.lon.llnw.net
0.0.0.0 cds836.lon.llnw.net
0.0.0.0 cds840.lon.llnw.net
0.0.0.0 cds843.lon.llnw.net
0.0.0.0 cds857.lon.llnw.net
0.0.0.0 cds868.lon.llnw.net
0.0.0.0 cds869.lon.llnw.net
0.0.0.0 cds1203.lon.llnw.net
0.0.0.0 cds1204.lon.llnw.net
0.0.0.0 cds1209.lon.llnw.net
0.0.0.0 cds1219.lon.llnw.net
0.0.0.0 cds1228.lon.llnw.net
0.0.0.0 cds1244.lon.llnw.net
0.0.0.0 cds1257.lon.llnw.net
0.0.0.0 cds1265.lon.llnw.net
0.0.0.0 cds1269.lon.llnw.net
0.0.0.0 cds1273.lon.llnw.net
0.0.0.0 cds1285.lon.llnw.net
0.0.0.0 cds1287.lon.llnw.net
0.0.0.0 cds1289.lon.llnw.net
0.0.0.0 cds1293.lon.llnw.net
0.0.0.0 cds1307.lon.llnw.net
0.0.0.0 cds1310.lon.llnw.net
0.0.0.0 cds1325.lon.llnw.net
0.0.0.0 cds1327.lon.llnw.net
0.0.0.0 cds20005.stn.llnw.net
0.0.0.0 cds20404.lcy.llnw.net
0.0.0.0 cds20411.lcy.llnw.net
0.0.0.0 cds20415.lcy.llnw.net
0.0.0.0 cds20416.lcy.llnw.net
0.0.0.0 cds20417.lcy.llnw.net
0.0.0.0 cds20424.lcy.llnw.net
0.0.0.0 cds20425.lcy.llnw.net
0.0.0.0 cds20431.lcy.llnw.net
0.0.0.0 cds20435.lcy.llnw.net
0.0.0.0 cds20440.lcy.llnw.net
0.0.0.0 cds20443.lcy.llnw.net
0.0.0.0 cds20445.lcy.llnw.net
0.0.0.0 cds20450.lcy.llnw.net
0.0.0.0 cds20452.lcy.llnw.net
0.0.0.0 cds20457.lcy.llnw.net
0.0.0.0 cds20461.lcy.llnw.net
0.0.0.0 cds20469.lcy.llnw.net
0.0.0.0 cds20475.lcy.llnw.net
0.0.0.0 cds20482.lcy.llnw.net
0.0.0.0 cds20485.lcy.llnw.net
0.0.0.0 cds20495.lcy.llnw.net
0.0.0.0 cds21205.lon.llnw.net
0.0.0.0 cds21207.lon.llnw.net
0.0.0.0 cds21225.lon.llnw.net
0.0.0.0 cds21229.lon.llnw.net
0.0.0.0 cds21233.lon.llnw.net
0.0.0.0 cds21238.lon.llnw.net
0.0.0.0 cds21244.lon.llnw.net
0.0.0.0 cds21249.lon.llnw.net
0.0.0.0 cds21256.lon.llnw.net
0.0.0.0 cds21257.lon.llnw.net
0.0.0.0 cds21258.lon.llnw.net
0.0.0.0 cds21261.lon.llnw.net
0.0.0.0 cds21267.lon.llnw.net
0.0.0.0 cds21278.lon.llnw.net
0.0.0.0 cds21281.lon.llnw.net
0.0.0.0 cds21293.lon.llnw.net
0.0.0.0 cds21309.lon.llnw.net
0.0.0.0 cds21313.lon.llnw.net
0.0.0.0 cds21321.lon.llnw.net
0.0.0.0 cds30027.stn.llnw.net
0.0.0.0 ch1-cor001.api.p001.1drv.com
0.0.0.0 ch1-cor002.api.p001.1drv.com
0.0.0.0 ch3301-c.1drv.com
0.0.0.0 ch3301-e.1drv.com
0.0.0.0 ch3301-g.1drv.com
0.0.0.0 ch3302-c.1drv.com
0.0.0.0 ch3302-e.1drv.com
0.0.0.0 choice.live.com
0.0.0.0 choice.microsoft.com
0.0.0.0 choice.microsoft.com.nsatc.net
0.0.0.0 choice.microsoft.com.nstac.net
0.0.0.0 client.wns.windows.com
0.0.0.0 compatexchange1.trafficmanager.net
0.0.0.0 compatexchange.cloudapp.net
0.0.0.0 continuum.dds.microsoft.com
0.0.0.0 corp.sts.microsoft.com
0.0.0.0 corpext.msitadfs.glbdns2.microsoft.com
0.0.0.0 crl.globalsign.net
0.0.0.0 cs1.wpc.v0cdn.net
0.0.0.0 cy2.displaycatalog.md.mp.microsoft.com.akadns.net
0.0.0.0 cy2.licensing.md.mp.microsoft.com.akadns.net
0.0.0.0 cy2.settings.data.microsoft.com.akadns.net
0.0.0.0 db3aqu.atdmt.com
0.0.0.0 db3wns2011111.wns.windows.com
0.0.0.0 db5-eap.settings-win.data.microsoft.com.akadns.net
0.0.0.0 db5.displaycatalog.md.mp.microsoft.com.akadns.net
0.0.0.0 db5.md.mp.microsoft.com.akadns.net
0.0.0.0 db5.settings-win.data.microsoft.com.akadns.net
0.0.0.0 db5.settings.data.microsoft.com.akadns.net
0.0.0.0 db5.vortex.data.microsoft.com.akadns.net
0.0.0.0 db5.wns.windows.com
0.0.0.0 db5sch101100917.wns.windows.com
0.0.0.0 db5sch101101511.wns.windows.com
0.0.0.0 db5sch101101813.wns.windows.com
0.0.0.0 db5sch101101914.wns.windows.com
0.0.0.0 db5sch101101939.wns.windows.com
0.0.0.0 db5sch101110626.wns.windows.com
0.0.0.0 db5sch101110634.wns.windows.com
0.0.0.0 db5sch101110821.wns.windows.com
0.0.0.0 db5sch101110822.wns.windows.com
0.0.0.0 db5sch103082111.wns.windows.com
0.0.0.0 db5sch103082406.wns.windows.com
0.0.0.0 db5sch103092209.wns.windows.com
0.0.0.0 db5wns1d.wns.windows.com
0.0.0.0 db6sch102091105.wns.windows.com
0.0.0.0 db6sch102091412.wns.windows.com
0.0.0.0 dc.services.visualstudio.com
0.0.0.0 dev.virtualearth.net
0.0.0.0 df.telemetry.microsoft.com
0.0.0.0 diagnostics.support.microsoft.com
0.0.0.0 directory.services.live.com
0.0.0.0 directory.services.live.com.akadns.net
0.0.0.0 dm3p.wns.notify.windows.com.akadns.net
0.0.0.0 dmd.metaservices.microsoft.com.akadns.net
0.0.0.0 dmd.metaservices.microsoft.com
0.0.0.0 dns.msftncsi.com
0.0.0.0 download-ssl.msgamestudios.com
0.0.0.0 dt.adsafeprotected.com
0.0.0.0 e87.dspb.akamaiedge.net
0.0.0.0 e1706.g.akamaiedge.net
0.0.0.0 e4578.b.akamaiedge.net
0.0.0.0 e8218.dscb1.akamaiedge.net
0.0.0.0 e9946.g.akamaiedge.net
0.0.0.0 e12358.g.akamaiedge.net
0.0.0.0 e-0009.e-msedge.net#ALSO USED IN MSOFFICE
0.0.0.0 ec.atdmt.com
0.0.0.0 ecn.dev.virtualearth.net
0.0.0.0 en-us.appex-rf.msn.com
0.0.0.0 eu-v10.events.data.microsoft.com
0.0.0.0 eu-v20.events.data.microsoft.com
0.0.0.0 eu.vortex-win.data.microsoft.com
0.0.0.0 eu.vortex.data.microsoft.com
0.0.0.0 events.data.microsoft.com
0.0.0.0 fe2.update.microsoft.com.akadns.net
0.0.0.0 feedback.microsoft-hohm.com
0.0.0.0 feedback.search.microsoft.com
0.0.0.0 feedback.windows.com
0.0.0.0 fg.download.windowsupdate.com.c.footprint.net
0.0.0.0 flex.msn.com
0.0.0.0 fw.adsafeprotected.com
0.0.0.0 g.msn.com
0.0.0.0 geo.prod.dodsp.mp.microsoft.com.nsatc.net
0.0.0.0 geo.settings-win.data.microsoft.com.akadns.net
0.0.0.0 geo.settings.data.microsoft.com.akadns.net
0.0.0.0 geo.vortex.data.microsoft.com.akadns.net
0.0.0.0 geoprod.dodsp.mp.microsoft.com.nsatc.net
0.0.0.0 googleads4.g.doubleclick.net
0.0.0.0 gpla1.wac.v2cdn.net
0.0.0.0 h1.msn.com
0.0.0.0 h2.msn.com
0.0.0.0 hk2.settings.data.microsoft.com.akadns.net
0.0.0.0 hk2.wns.windows.com
0.0.0.0 hk2sch130020721.wns.windows.com
0.0.0.0 hk2sch130020723.wns.windows.com
0.0.0.0 hk2sch130020726.wns.windows.com
0.0.0.0 hk2sch130020729.wns.windows.com
0.0.0.0 hk2sch130020732.wns.windows.com
0.0.0.0 hk2sch130020824.wns.windows.com
0.0.0.0 hk2sch130020843.wns.windows.com
0.0.0.0 hk2sch130020851.wns.windows.com
0.0.0.0 hk2sch130020854.wns.windows.com
0.0.0.0 hk2sch130020855.wns.windows.com
0.0.0.0 hk2sch130020924.wns.windows.com
0.0.0.0 hk2sch130020936.wns.windows.com
0.0.0.0 hk2sch130020940.wns.windows.com
0.0.0.0 hk2sch130020956.wns.windows.com
0.0.0.0 hk2sch130020958.wns.windows.com
0.0.0.0 hk2sch130020961.wns.windows.com
0.0.0.0 hk2sch130021017.wns.windows.com
0.0.0.0 hk2sch130021029.wns.windows.com
0.0.0.0 hk2sch130021035.wns.windows.com
0.0.0.0 hk2sch130021137.wns.windows.com
0.0.0.0 hk2sch130021142.wns.windows.com
0.0.0.0 hk2sch130021153.wns.windows.com
0.0.0.0 hk2sch130021217.wns.windows.com
0.0.0.0 hk2sch130021246.wns.windows.com
0.0.0.0 hk2sch130021249.wns.windows.com
0.0.0.0 hk2sch130021260.wns.windows.com
0.0.0.0 hk2sch130021264.wns.windows.com
0.0.0.0 hk2sch130021322.wns.windows.com
0.0.0.0 hk2sch130021323.wns.windows.com
0.0.0.0 hk2sch130021329.wns.windows.com
0.0.0.0 hk2sch130021334.wns.windows.com
0.0.0.0 hk2sch130021360.wns.windows.com
0.0.0.0 hk2sch130021432.wns.windows.com
0.0.0.0 hk2sch130021433.wns.windows.com
0.0.0.0 hk2sch130021435.wns.windows.com
0.0.0.0 hk2sch130021437.wns.windows.com
0.0.0.0 hk2sch130021440.wns.windows.com
0.0.0.0 hk2sch130021450.wns.windows.com
0.0.0.0 hk2sch130021518.wns.windows.com
0.0.0.0 hk2sch130021523.wns.windows.com
0.0.0.0 hk2sch130021526.wns.windows.com
0.0.0.0 hk2sch130021527.wns.windows.com
0.0.0.0 hk2sch130021544.wns.windows.com
0.0.0.0 hk2sch130021554.wns.windows.com
0.0.0.0 hk2sch130021618.wns.windows.com
0.0.0.0 hk2sch130021634.wns.windows.com
0.0.0.0 hk2sch130021638.wns.windows.com
0.0.0.0 hk2sch130021646.wns.windows.com
0.0.0.0 hk2sch130021652.wns.windows.com
0.0.0.0 hk2sch130021654.wns.windows.com
0.0.0.0 hk2sch130021657.wns.windows.com
0.0.0.0 hk2sch130021723.wns.windows.com
0.0.0.0 hk2sch130021726.wns.windows.com
0.0.0.0 hk2sch130021727.wns.windows.com
0.0.0.0 hk2sch130021730.wns.windows.com
0.0.0.0 hk2sch130021731.wns.windows.com
0.0.0.0 hk2sch130021754.wns.windows.com
0.0.0.0 hk2sch130021829.wns.windows.com
0.0.0.0 hk2sch130021830.wns.windows.com
0.0.0.0 hk2sch130021833.wns.windows.com
0.0.0.0 hk2sch130021840.wns.windows.com
0.0.0.0 hk2sch130021842.wns.windows.com
0.0.0.0 hk2sch130021851.wns.windows.com
0.0.0.0 hk2sch130021852.wns.windows.com
0.0.0.0 hk2sch130021927.wns.windows.com
0.0.0.0 hk2sch130021928.wns.windows.com
0.0.0.0 hk2sch130021929.wns.windows.com
0.0.0.0 hk2sch130021958.wns.windows.com
0.0.0.0 hk2sch130022035.wns.windows.com
0.0.0.0 hk2sch130022041.wns.windows.com
0.0.0.0 hk2sch130022049.wns.windows.com
0.0.0.0 hk2sch130022135.wns.windows.com
0.0.0.0 hk2wns1.wns.windows.com
0.0.0.0 hk2wns1b.wns.windows.com
0.0.0.0 hostedocsp.globalsign.com
0.0.0.0 i1.services.social.microsoft.com
0.0.0.0 i1.services.social.microsoft.com.nsatc.net
0.0.0.0 i-bl6p-cor001.api.p001.1drv.com
0.0.0.0 i-bl6p-cor002.api.p001.1drv.com
0.0.0.0 i-bn3p-cor001.api.p001.1drv.com
0.0.0.0 i-by3p-cor001.api.p001.1drv.com
0.0.0.0 i-by3p-cor002.api.p001.1drv.com
0.0.0.0 i-ch1-cor001.api.p001.1drv.com
0.0.0.0 i-ch1-cor002.api.p001.1drv.com
0.0.0.0 i-sn2-cor001.api.p001.1drv.com
0.0.0.0 i-sn2-cor002.api.p001.1drv.com
0.0.0.0 i-sn3p-cor001.api.p001.1drv.com
0.0.0.0 i-sn3p-cor002.api.p001.1drv.com
0.0.0.0 i.s1.social.ms.akadns.net
0.0.0.0 ieonlinews.microsoft.com
0.0.0.0 ieonlinews.trafficmanager.net
0.0.0.0 in.treasuredata.com
0.0.0.0 incoming.telemetry.mozilla.org
0.0.0.0 inference.location.live.net
0.0.0.0 inference.location.livenet.akadns.net
0.0.0.0 ipv6.msftncsi.com
0.0.0.0 ipv6.msftncsi.com.edgesuite.net
0.0.0.0 lb1.www.ms.akadns.net
0.0.0.0 legacy-redirection-neurope-prod-hp.cloudapp.net
0.0.0.0 licensing.md.mp.microsoft.com
0.0.0.0 live.rads.msn.com
0.0.0.0 login.live.com
0.0.0.0 login.live.com.nsatc.net
0.0.0.0 ls2web.redmond.corp.microsoft.com
0.0.0.0 m221.absolute.com
0.0.0.0 m.adnxs.com
0.0.0.0 m.hotmail.com
0.0.0.0 mobile.events.data.microsoft.com
0.0.0.0 mobile.pipe.aria.microsoft.com
0.0.0.0 mobileads.msn.com
0.0.0.0 modern.watson.data.microsoft.com.akadns.net
0.0.0.0 mpd.mxptint.net
0.0.0.0 mscrl.microsoft.com
0.0.0.0 msedge.net
0.0.0.0 msftncsi.com
0.0.0.0 msnbot-65-52-108-234.search.msn.com
0.0.0.0 msnbot-65-55-108-23.search.msn.com
0.0.0.0 msnbot-191-232-139-155.search.msn.com
0.0.0.0 msnbot-207-46-194-25.search.msn.com
0.0.0.0 msnbot-207-46-194-33.search.msn.com
0.0.0.0 msntest.serving-sys.com
0.0.0.0 nexus.officeapps.live.com
0.0.0.0 nexusrules.officeapps.live.com
0.0.0.0 ns1.msft.net
0.0.0.0 ns2.msft.net
0.0.0.0 ns3.msft.net
0.0.0.0 ns4.msft.net
0.0.0.0 ns5.msft.net
0.0.0.0 ns6.msft.net
0.0.0.0 oca.telemetry.microsoft.com
0.0.0.0 oca.telemetry.microsoft.com.nsatc.net
0.0.0.0 ocsp.usertrust.com
0.0.0.0 onecollector.cloudapp.aria.akadns.net
0.0.0.0 onesettings-bn2.metron.live.com.nsatc.net
0.0.0.0 onesettings-cy2.metron.live.com.nsatc.net
0.0.0.0 onesettings-db5.metron.live.com.nsatc.net
0.0.0.0 onesettings-hk2.metron.live.com.nsatc.net
0.0.0.0 origin.windows.microsoft.com.akadns.net
0.0.0.0 osiprod-scus-snow-000.cloudapp.net
0.0.0.0 osiprod-weu-snow-000.cloudapp.net
0.0.0.0 platform.maps.glbdns2.microsoft.com
0.0.0.0 pre.footprintpredict.com
0.0.0.0 preview.msn.com
0.0.0.0 prod.configsvc1.live.com.akadns.net
0.0.0.0 prod.configsvc.live.com.akadns.net
0.0.0.0 rad.live.com
0.0.0.0 rad.msn.com
0.0.0.0 redir.metaservices.microsoft.com
0.0.0.0 redir.metaservices.microsoft.com.akadns.net
0.0.0.0 redir.metaservices.microsoft.com.edgesuite.net
0.0.0.0 redirection.prod.cms.msn.com
0.0.0.0 redirection.prod.cms.msn.com.akadns.net
0.0.0.0 redshell.io
0.0.0.0 register.mesh.com
0.0.0.0 reports.wes.df.telemetry.microsoft.com
0.0.0.0 s0.2mdn.net
0.0.0.0 s.gateway.messenger.live.com
0.0.0.0 sc.iasds01.com
0.0.0.0 schemas.microsoft.akadns.net
0.0.0.0 secure.adnxs.com
0.0.0.0 secure.flashtalking.com
0.0.0.0 self.events.data.microsoft.com
0.0.0.0 services.wes.df.telemetry.microsoft.com
0.0.0.0 settings-sandbox.data.microsoft.com
0.0.0.0 settings-win-ppe.data.microsoft.com
0.0.0.0 settings-win.data.microsoft.com
0.0.0.0 settings.data.glbdns2.microsoft.com
0.0.0.0 settings.data.microsoft.com
0.0.0.0 sg2p.wns.windows.com
0.0.0.0 siweb.microsoft.akadns.net
0.0.0.0 skyapi.live.net
0.0.0.0 skyapi.skyprod.akadns.net
0.0.0.0 skydrive.wns.windows.com
0.0.0.0 sm.mcafee.com
0.0.0.0 sn3301-c.1drv.com
0.0.0.0 sn3301-e.1drv.com
0.0.0.0 sn3301-g.1drv.com
0.0.0.0 so.2mdn.net
0.0.0.0 solitaireprod.maelstrom.xboxlive.com
0.0.0.0 spynet2.microsoft.akadns.net
0.0.0.0 spynet2.microsoft.com
0.0.0.0 spynetalt.microsoft.akadns.net
0.0.0.0 spynetalt.microsoft.com
0.0.0.0 spyneteurope.microsoft.akadns.net
0.0.0.0 spynetus.microsoft.akadns.net
0.0.0.0 sqm.df.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com
0.0.0.0 sqm.telemetry.microsoft.com.nsatc.net
0.0.0.0 sqmfe.glbdns2.microsoft.com
0.0.0.0 ssw.live.com
0.0.0.0 ssw.live.com.nsatc.net
0.0.0.0 static.2mdn.net
0.0.0.0 statsfe1.ws.microsoft.com
0.0.0.0 statsfe2.update.microsoft.com.akadns.net
0.0.0.0 statsfe2.ws.microsoft.com
0.0.0.0 su3.mcafee.com
0.0.0.0 survey.watson.microsoft.com
0.0.0.0 sway-cdn.com
0.0.0.0 t0.ssl.ak.dynamic.tiles.virtualearth.net
0.0.0.0 t0.ssl.ak.tiles.virtualearth.net
0.0.0.0 t.urs.microsoft.com.nsatc.net
0.0.0.0 tele.trafficmanager.net
0.0.0.0 telecommand.telemetry.microsoft.com
0.0.0.0 telecommand.telemetry.microsoft.com.nsatc.net
0.0.0.0 telemetry.appex.bing.net
0.0.0.0 telemetry.appex.bing.net:443
0.0.0.0 telemetry.appex.search.prod.ms.akadns.net
0.0.0.0 telemetry.microsoft.com
0.0.0.0 telemetry.remoteapp.windowsazure.com
0.0.0.0 telemetry.urs.microsoft.com
0.0.0.0 teredo.ipv6.microsoft.com
0.0.0.0 test.activity.windows.com
0.0.0.0 travel.tile.appex.bing.com
0.0.0.0 treasuredata.com
0.0.0.0 tsfe.trafficshaping.dsp.mp.microsoft.com
0.0.0.0 tsfe.tsws.mp.microsoft.com.nsatc.net
0.0.0.0 tunnel.cfw.trustedsource.org
0.0.0.0 umwatsonc.events.data.microsoft.com
0.0.0.0 updatekeepalive.mcafee.com
0.0.0.0 urs.microsoft.com.nsatc.net
0.0.0.0 us-v10.events.data.microsoft.com
0.0.0.0 us-v20.events.data.microsoft.com
0.0.0.0 us.vortex-win.data.microsoft.com
0.0.0.0 v10-win.vortex.data.microsoft.com.akadns.net
0.0.0.0 v10.events.data.microsoft.com
0.0.0.0 v10.vortex-win.data.metron.life.com.nsatc.net
0.0.0.0 v10.vortex-win.data.metron.live.com.nsatc.net
0.0.0.0 v10.vortex-win.data.microsoft.com
0.0.0.0 v10c.events.data.microsoft.com
0.0.0.0 v20.events.data.microsoft.com
0.0.0.0 v20.vortex-win.data.microsoft.com
0.0.0.0 version.hybrid.api.here.com
0.0.0.0 version.prd.us-east-1.ds.data.here.com
0.0.0.0 view.atdmt.com
0.0.0.0 vortex-bn2.metron.live.com.nsatc.net
0.0.0.0 vortex-cy2.metron.live.com.nsatc.net
0.0.0.0 vortex-db5.metron.live.com.nsatc.net
0.0.0.0 vortex-hk2.metron.live.com.nsatc.net
0.0.0.0 vortex-sandbox.data.microsoft.com
0.0.0.0 vortex-win-sandbox.data.microsoft.com
0.0.0.0 vortex-win.data.metron.live.com.nsatc.net
0.0.0.0 vortex-win.data.microsoft.com
0.0.0.0 vortex.data.glbdns2.microsoft.com
0.0.0.0 vortex.data.metron.live.com.nsatc.net
0.0.0.0 vortex.data.microsoft.com
0.0.0.0 vsgallery.com
0.0.0.0 watson.live.com
0.0.0.0 watson.microsoft.com
0.0.0.0 watson.ppe.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com
0.0.0.0 watson.telemetry.microsoft.com.nsatc.net
0.0.0.0 watson.telemetry.microsoft.com/Telemetry.Request
0.0.0.0 wdcpus.microsoft.akadns.net
0.0.0.0 web.vortex.data.microsoft.com
0.0.0.0 wes.df.telemetry.microsoft.com
0.0.0.0 wildcard.appex-rf.msn.com.edgesuite.net
0.0.0.0 wildcard.twimg.com
0.0.0.0 win8.ipv6.microsoft.com
0.0.0.0 win10.ipv6.microsoft.com
0.0.0.0 win10.ipv6.microsoft.com.nsatc.net
0.0.0.0 win1710.ipv6.microsoft.com
0.0.0.0 wns.notify.windows.com.akadns.net
0.0.0.0 www.msedge.net
0.0.0.0 www.msftncsi.com
0.0.0.0 v7event.stats.avcdn.net
0.0.0.0 v7.stats.avcdn.net
0.0.0.0 flow.lavasoft.com
0.0.0.0 ws.mcafee.com
0.0.0.0 analytics.ccs.mcafee.com
0.0.0.0 analyticsdcs.ccs.mcafee.com
0.0.0.0 carcharodon.trendmicro.com
0.0.0.0 cy2.vortex.data.microsoft.com.akadns.net
# END - BLOCKING MICROSOFT(MS)
DoNotLeachOffMe - 3 years ago
Thanks for this
I have added most of those links to my Hosts file & using a proper Antivirus.
Lets see what happens.
MolassesMan - 3 years ago
Telemetry cannot be blocked in the host file, you need to just disabled the service or use the firewall. Also, not sure what you mean by "proper" Windows Defender has a higher detection rate than most AV's out there, doesn't consume as many resources and is recommended by all the people on the security forum of this site.
KimBaker - 3 years ago
https://www.zdnet.com/article/when-it-comes-to-windows-10-privacy-dont-trust-amateur-analysts/
I don't think their reason is about telemetry. They can easily bypass hosts for their own addresses.
I think enforcing integrity of hosts file is a legitimate security concern. Malware can insert malicious diversions, imagine most important banking IP addresses getting directed towards phishing addresses because of a compromised hosts file.
Though in fairness, Microsoft could have just ignored 0.0.0.0 and 127.0.0.1 and only blocked outside IP addresses
Lawrence Abrams - 3 years ago
Not sure what the article reference is meant for, but as I stated in the article, HOSTS file modification detection is not new and is an important security feature.
What is new is the detection of their servers.
d-reaper - 3 years ago
That's really something... That they are going to those extremes just to mine for people's data. For me, that would be too much to take if I couldn't mod the hosts file to re-route the requested domains I want to block.
I think I now count my lucky stars that I moved over to Linux (Specifically KDE Neon) back in 2016 when Windows 8 was being pushed onto people. I have no regrets on that decision. If I ever need Windows 7, as I won't use 10 if I don't need to, I'll just run 7 in a VM with PCI passthrough and a second GPU; with a separate virtual network so that the VM can only communicate with my host and have no access to the internet. And that's about it. But I basically never use Windows now.
Microsoft seems to have adopted a Nazi-like behavior with their end users. They've literally locked down everything from re-installing unwanted crapware and changing default applications on people after every update. And people are supposed to work with this? It's like as if Microsoft is in the business of writing malware themselves...
It's just mind boggling to me.
iamdoubz - 3 years ago
I like to use PiHole using this GitHub list: https://github.com/crazy-max/WindowsSpyBlocker/blob/master/data/hosts/spy.txt
d-reaper - 3 years ago
Me too. It works great to filter out all the crap on the internet. I'll add this since my bro uses Win 10.
redwolfe_98 - 3 years ago
i think bleepingcomputer made a mistake in their testing in this case by blocking access to "microsoft.com." it's not surprising that such a HOSTS file would be flagged.
WD does not flag my HOSTS file though it is flagged by kaspersky's and eset's av-programs.
Lawrence Abrams - 3 years ago
Mistake? Was just checking to see what domains were being detected.
d-reaper - 3 years ago
So, Lawrence. Do you think that M$ is in the business of writing malware for their end users? Seeing as they are trying so hard to make sure you don't block their telemetry domains? With what M$ is doing these days, it's almost like a malware approach to me.
Lawrence Abrams - 3 years ago
No, I think there are good reasons for not wanting certain domains to be blocked. Ones that may prevent security updates or are required by the OS to properly work.
The telemetry ones are a bit more gray.
d-reaper - 3 years ago
Hmm... I don't know about that one. That just seems all too convenient for M$ to do more spying if you ask me. Otherwise, people wouldn't take such strides (make scripts, 3rd party applications etc.) to block those domains; along with de-bloating their system of all the crapware M$ pre-installs.
MolassesMan - 3 years ago
Blocking telemetry in the hosts files doesn't do anything. It is ignored. You need to block it using the firewall, ie the actual service itself.
Jeybee - 3 years ago
I always disable Windows defender. I delete the folders. I disable windows security by deleting the registry entries. I disable Windows firewall and base filter engine by deleting the services and disable windows update , windows search and events log by disabling the service in services. Never get a virus and have no other security software installed. Win10 runs much faster, files don't go missing and nothing starts randomly canning my hard drives when I don't want them to. Nothing is broken. I code in visual studio.
gueneal - 3 years ago
This is outrageous. Microsoft should realize that there are better alternatives out there to their OS and the more they pull crap like this the more likely people will switch to those alternatives. I got sick of their crap when they stopped explaining and labeling the updates. Now I run Arch.
d-reaper - 3 years ago
But M$ doesn't care because they are in a bubble. They most likely believe that they only matter as a software company, and that no other software company is relevant or could replace them. So they think people will just put up with it. Boy, I think they are going to fall on their face one of these days.
I started on Linux Mint KDE. But then when that got discontinued, I moved on to KDE Neon. And do I love it! I've used Arch before. The closest I get to using Arch these days is Manjaro just because I prefer not to build my desktop and everything basic from scratch.
JohnC_21 - 3 years ago
So in other words it took Microsoft about 19 years since the intro of XP to determine the HOSTS file was a security concern.
d-reaper - 3 years ago
Isn't that funny? I mean, with Linux, you needed root privileges just to modify the hosts file.
ColinMitchell - 3 years ago
I love Windows and I wish people didnt trash or compromise windows 10 telemetry. The more microsoft collects from bloat-ridden W10 installations the more likely they are to leave Server 2016/19 pristine for people like me to enjoy. With 200 or so more threads (doing f knows what) at any given time compared to WS2016, I sure sympathise with W10 users.
MolassesMan - 3 years ago
The reason for doing this cannot be so that it can still collect telemetry, as telemetry cannot be blocked by editing the host file. Therefore this seems more likely to be a general check to see if malware has changed the host file to block any domains which would be required for MS services.
AdvancedSetup - 3 years ago
Not exactly NEW except that some of those URLs for Windows 10 are probably new and not in the original URL bypasses via DomainLists
Microsoft HOSTS file bypass issue - Apr 15, 2006 12:05 pm PST
https://www.csoonline.com/article/2641599/microsoft-hosts-file-bypass-issue.html
Discussion even goes back to 2006
https://www.securityfocus.com/archive/1/431032/30/0/threaded
hardcoded domains in dnsapi that skips hosts file
https://ywjheart.wordpress.com/2018/04/03/hardcoded-domains-in-dnsapi-that-skips-hosts-file/
Microsoft DNS resolver: deliberately sabotaged hosts-file lookup
https://bugtraq.securityfocus.narkive.com/a2fZWlAb/microsoft-dns-resolver-deliberately-sabotaged-hosts-file-lookup
Detect and block potentially unwanted applications
https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-antivirus/detect-block-potentially-unwanted-apps-microsoft-defender-antivirus
SettingsModifier:Win32/HostsFileHijack (as it relates to Windows Defender detecting and resetting your hosts file)
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?Name=SettingsModifier:Win32/HostsFileHijack&threatId=265754
This detection flags suspicious modifications to the Windows hosts file, specifically entries for certain domains used by the operating system and critical services. Windows uses the hosts files to resolve domains to IP addresses during network communication, so malicious modifications can prevent legitimate network connections, such as updates and certificate checks, or result in insecure and potentially harmful connections.
Hosts file tampering is a common malware or attacker technique used to prevent or redirect network connections. An attacker might modify the file to block legitimate connections or to divert network traffic to a destination controlled by the attacker, resulting in the download of additional malware or other malicious activity.
Manage connections from Windows 10 operating system components to Microsoft services
https://docs.microsoft.com/en-us/windows/privacy/manage-connections-from-windows-operating-system-components-to-microsoft-services
Required diagnostic data for Office
https://docs.microsoft.com/en-us/deployoffice/privacy/required-diagnostic-data