Hey all, not sure if this is the right place but I figure someone here will be able to help.

Windows Defender found something called “Trojan:Win32/Ashify.J!frn” and failed to quarantine it apparently. This was earlier today that it was detected and it affected a strange file under AppData/Roaming/T2GP Launcher/Steam/Cache/Prod/GpuCache to a text file called “index” with some weird changelogs for a gameboy advance emulator.

No google results pointed to anything meaningful. Only a few posts suggesting the games launcher may have prompted a false positive, an old post about password protected files from 2022, and a malwarebytes warning from 2kgames spreading Red Line malware from 2022 as well.

Just checking to see if anyone knows anything or has experienced something similar before!

  • shameless
    link
    fedilink
    53 months ago

    This will almost certainly be a false positive, its a heuristics(I think that’s the correct term) based detection, basically just matches certain characteristics of files that have been related to that trojan.

    These days Defender has exceptional real time malware scanning capabilities, it often picks up stuff as you download it or even as it executes. If this was a detection of an existing file, its very likely a false positive.

  • @linearchaos@lemmy.world
    link
    fedilink
    English
    4
    edit-2
    3 months ago

    The definitions picked up as a different name from everything almost everybody just refers to it is a generic Trojan.

    It could very well just be a false positive but I wouldnt leave it at that.

    An offline windows defender scan would be a good idea.

    You can always switch over to bitdefender there’s a free version of you search hard enough. Don’t run Windows defender and bit defender at the same time long term but it’s not a bad way to get a second opinion.

  • @some_guy
    link
    23 months ago

    I’d be happy to check its contents on MacOS or Linux. But I also agree with the virustotal recommendation.