Windows Defender found Trojan Win32/Bluteal.B!rfn

Jun 1, 2018
2
0
10
Hi,

So yesterday Windows Defender notified me saying it found Bluteal.B!rfn trojan which I got it to quarantine and then remove. I couldn't find a lot of info after googling the trojan so decided to hopefully get some advice here.

I received the notification about the trojan when I was loading up Unity and Visual Studio, it said that the affected file was:

C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Vde5ed89a#\457b4a4c20bed2246e03f1f9e5eaa1a5\Microsoft.VisualStudio.Utilities.Internal.ni.dll

Could Windows Defender be getting confused and it's just a false positive? I thought I had read somewhere that Windows Defender is okay for protection these days but maybe I should go back to Avast or Avira?

I've run a scan with Malware Bytes and a standard scan with Windows Defender but should I use something else to do a deeper scan if this was in fact a legit trojan? I've since made sure to update Windows 10 in case that has any part of this.

I would really appreciate any advice and help with this. Thank you.


 
Solution
Hello There. I have encountered a fishy activity the same day as well. After I browsed one of those anime websites to watch a subtitled episodes I started getting this check-it-out-now.online pop ups. So, I checked the files that I downloaded on the 1 st of June and all what I found is Apple updates and Microsoft OneDrive.

Doseq

Estimable
Oct 25, 2014
35
0
4,610
https://social.msdn.microsoft.com/Forums/en-US/31b287ec-24c7-46f5-93e5-65bf8a2f7e93/windows-defender-detecting-visual-studio-dll-file-as-trojanwin32blutealbrfn?forum=msbuild
Pretty fresh topic from microsoft forums.
As far as i can see people already tried to scan the "infected" file with virustotal and its clear. That means that Windows Defender makes a problem here and you cant do anything else beside waiting for proper fix/update from microsoft on it >D
Yes, Windows Defender is okay for typical user. If you want to go with any antivirus instead of defender i highly suggest Bitdefender (most awarded antivirus recently)
 
Jun 1, 2018
2
0
10



Thanks Doseq. I'll have to keep my eye out for an update or fix then. I haven't had any warnings since then and I've been using Visual Studio for a few hours now. I appreciate the helpful response :)
 

Steady Grounds

Estimable
Jun 24, 2014
1
0
4,520
Hello There. I have encountered a fishy activity the same day as well. After I browsed one of those anime websites to watch a subtitled episodes I started getting this check-it-out-now.online pop ups. So, I checked the files that I downloaded on the 1 st of June and all what I found is Apple updates and Microsoft OneDrive.
 
Solution