Hey all, not sure if this is the right place but I figure someone here will be able to help.

Windows Defender found something called “Trojan:Win32/Ashify.J!frn” and failed to quarantine it apparently. This was earlier today that it was detected and it affected a strange file under AppData/Roaming/T2GP Launcher/Steam/Cache/Prod/GpuCache to a text file called “index” with some weird changelogs for a gameboy advance emulator.

No google results pointed to anything meaningful. Only a few posts suggesting the games launcher may have prompted a false positive, an old post about password protected files from 2022, and a malwarebytes warning from 2kgames spreading Red Line malware from 2022 as well.

Just checking to see if anyone knows anything or has experienced something similar before!

  • shameless@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    2 months ago

    This will almost certainly be a false positive, its a heuristics(I think that’s the correct term) based detection, basically just matches certain characteristics of files that have been related to that trojan.

    These days Defender has exceptional real time malware scanning capabilities, it often picks up stuff as you download it or even as it executes. If this was a detection of an existing file, its very likely a false positive.