Hi all, recently there has been concern regarding SWL being flagged as an Emotet trojan by Windows Defender. We submitted clientpatcher.exe to Microsoft for review and this is their response:
Text version:
clientpatcher.exe
Submission ID: [redacted]
Status: Completed
Submitted by: andyb (it’s my email)
Submitted: Feb 17, 2021 9:47:26 AM
User Opinion: Incorrect detection
Analyst comments:
We have removed the detection. Please follow the steps below to clear cached detection and obtain the latest malware definitions.
- Open command prompt as administrator and change directory to c:\Program Files\Windows Defender
- Run “MpCmdRun.exe -removedefinitions -dynamicsignatures”
- Run “MpCmdRun.exe -SignatureUpdate”
Alternatively, the latest definition is available for download here: https://www.microsoft.com/en-us/wdsi/definitions
When in the command prompt (Start Menu ->search for “Command” → Right click and “Run as Administrator”) type cd “C:\Program Files\Windows Defender”
to be taken to that directory
It looks like we should be in the clear. Please update your WD definitions and let us know if the issue persists. Thanks all, and we apologize for any undue concern or inconvenience.