Hi
Windows defender reported an alleged malware problem with SettingsModifier.Win32
Category:
Settings Modifier
Description:
This program has potentially unwanted behavior.
Advice:
Review the alert details to see why the software was detected. If you do not like how the software operates or if you do not recognize and trust the publisher, consider blocking or removing the software.
Resources:
file:
C:\WINDOWS\system32\drivers\etc\hosts
Looking for more info leads to
http://www.microsoft.com/secur...ossibleHostsFileHijack
Which states
On March 9, 2009 a signature for SettingsModifier:Win32/PossibleHostsFileHijack started detecting certain modified HOSTS files in some environments. On March 9, 2009 Microsoft released a new signature that addresses the issue. Signature versions 1.53.283.0 and higher include this fix.
This seems to imply, in a rather oblique way while not explicitly admitting it, that WD is finding false positives.
What's baffling is it says the above sig file includes the fix, but the very same page says the latest sig file is only 1.53.271.0 - so the 'fixed' version isn't in fact available, despite the reference to MS having 'released' it yesterday. If they 'released' it, why isn't it there?
Windows defender reported an alleged malware problem with SettingsModifier.Win32
Category:
Settings Modifier
Description:
This program has potentially unwanted behavior.
Advice:
Review the alert details to see why the software was detected. If you do not like how the software operates or if you do not recognize and trust the publisher, consider blocking or removing the software.
Resources:
file:
C:\WINDOWS\system32\drivers\etc\hosts
Looking for more info leads to
http://www.microsoft.com/secur...ossibleHostsFileHijack
Which states
On March 9, 2009 a signature for SettingsModifier:Win32/PossibleHostsFileHijack started detecting certain modified HOSTS files in some environments. On March 9, 2009 Microsoft released a new signature that addresses the issue. Signature versions 1.53.283.0 and higher include this fix.
This seems to imply, in a rather oblique way while not explicitly admitting it, that WD is finding false positives.
What's baffling is it says the above sig file includes the fix, but the very same page says the latest sig file is only 1.53.271.0 - so the 'fixed' version isn't in fact available, despite the reference to MS having 'released' it yesterday. If they 'released' it, why isn't it there?
