Asked by:
Windows Defender detecting Visual Studio .dll file as Trojan:Win32/Bluteal.B!rfn
-
Windows Defender has flagged a .dll file (which seems to be related to Visual Studio) as suspicious.
File Name : C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Vde5ed89a#\457b4a4c20bed2246e03f1f9e5eaa1a5\Microsoft.VisualStudio.Utilities.Internal.ni.dll
Message: Trojan:Win32/Bluteal.B!rfn
Threat definition version : 1.269.412.0
Signature Last Updated : 31-05-2018 20:03:50
Can you please confirm if this is a false positive?
Question
All replies
-
-
-
-
-
-
Started happening in my organization as well recently. One thing to notice is the detected DLL is not signed, which I would expect not to be the case for genuine MS library. This is the SHA-256 of our detection: 9c4d8821d9df35cb735c233a21ca02b0a79cbe8d2f55abad591ac6a7dd7ccfcc
-
-
-
-