Hi.
Today Windows Defender (Windows 10) started complaining about this file (and it's counterpart in my generic Eclipse installation):
C:\dlc\11.6\oeide\eclipse\plugins\org.eclipse.wst.server.ui_1.4.104.v20130830_1134.jar
claiming it be infected: Trojan:Win32/Detplock.
Has anyone else experienced?
Hi Jeff,
Windows 10 (14971)
11.6.2 64-bit
Defender definitions up to date
That file scans clean for me.
file info:
org.eclipse.wst.server.ui_1.4.104.v20130830_1134.jar
MD5 hash: 3fca803a254d8cc3a7f8f79bb04cac39
SHA1 hash: d4cc54178ed717c65c3d9113cb3625c3c64915ad
size: 857,109 bytes
Hope this helps.
I checked another machine with 11.6.3 64-bit. Same file size and hashes. Scans clean with Kaspersky.
File hashes are from Microsoft File Checksum Integrity Verifier.
Download: https://www.microsoft.com/en-us/download/details.aspx?id=11533
Ahh.. just saw this on the MS info page about this threat:
NOTE: On December 6, 2016, an incorrect detection for our cloud-based protection for Trojan:Win32/Detplock was identified and immediately fixed. To ensure that this issue is remediated, you can do a forced daily update to download your Microsoft antimalware and antispyware software. For details, see Updating your Microsoft antimalware and antispyware software.