What's the exact name of the virus/detection? It should begin with Trojan:Win32 or something.

If you find anything that you for some reason might think is a virus then you should always upload it to this website: https://www.virustotal.com

Originally posted by Melody =^-^=:

What's the exact name of the virus/detection? It should begin with Trojan:Win32 or something.

Im unsure at the moment as i removed the threats, i just know it was under my steam appcache folder.

Likely a false positive.

Typically you can send the files to those who make your AV program and they will analyze it and correct their AV program as needed.

You can also upload the file to https://www.virustotal.com/ and it will run it through many AV programs to check as well.

Originally posted by Spawn of Totoro:

Likely a false positive.

Typically you can send the files to those who make your AV program and they will analyze it and correct their AV program as needed.

You can also upload the file to https://www.virustotal.com/ and it will run it through many AV programs to check as well.

What if some edgy indie devs are trying to perform cryptomining? Let's say you installed an indie game from a pretty unknown developer and the game itself actually downloads and/or creates the executable to mine in background, that would be undetected by Steam systems when the developer published the game in the Store. That's the reason why I've asked for the exact detection name.

Originally posted by Melody =^-^=:

Originally posted by Spawn of Totoro:

Likely a false positive.

Typically you can send the files to those who make your AV program and they will analyze it and correct their AV program as needed.

You can also upload the file to https://www.virustotal.com/ and it will run it through many AV programs to check as well.

What if some edgy indie devs are trying to perform cryptomining? Let's say you installed an indie game from a pretty unknown developer and the game itself actually downloads and/or creates the executable to mine in background, that would be undetected by Steam systems when the developer published the game in the Store. That's the reason why I've asked for the exact detection name.

When it peaks again ill make sure to get you the name! sorry i didnt think this time when removing it.

Originally posted by Melody =^-^=:

What if some edgy indie devs are trying to perform cryptomining? Let's say you installed an indie game from a pretty unknown developer and the game itself actually downloads and/or creates the executable to mine in background, that would be undetected by Steam systems when the developer published the game in the Store. That's the reason why I've asked for the exact detection name.

And where did I say it IS a false positive and to ignore it?

I said it was likely a false positive (as chances of it being an actual virus are slim) and suggested ways to confirm it.

The name won't tell you anything aside from what the AV maker calls such a virus. It will not confirm it as a virus and neither is it proof that it is a virus, just that their algorithm detects something similar to said virus.

Always better to confirm then to make false accusations.

Originally posted by Lord Tywin:

When it peaks again ill make sure to get you the name! sorry i didnt think this time when removing it.

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus

You can check the logs and it will state what was detected at that time.

Also:
https://www.microsoft.com/en-us/wdsi/filesubmission

How to submit a file, so you know in the future.

Originally posted by Spawn of Totoro:

Originally posted by Melody =^-^=:

What if some edgy indie devs are trying to perform cryptomining? Let's say you installed an indie game from a pretty unknown developer and the game itself actually downloads and/or creates the executable to mine in background, that would be undetected by Steam systems when the developer published the game in the Store. That's the reason why I've asked for the exact detection name.

And where did I say it IS a false positive and to ignore it?

I said it was likely a false positive (as chances of it being an actual virus are slim) and suggested ways to confirm it.

The name won't tell you anything aside from what the AV maker calls such a virus. It will not confirm it as a virus and neither is it proof that it is a virus, just that their algorithm detects something similar to said virus.

Always better to confirm then to make false accusations.

Originally posted by Lord Tywin:

When it peaks again ill make sure to get you the name! sorry i didnt think this time when removing it.

https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-antivirus/troubleshoot-windows-defender-antivirus

You can check the logs and it will state what was detected at that time.

Didn't mean to contradict you, just told you my idea.

Name: Trojan:Script/Foretype.A!ml
ID: 2147724345
Severity: Severe
Category: Trojan
Path: file:_E:\Steam\appcache\httpcache\54\545f5b22e8a5a958a71b23f7d0ec9e57e71947d1_da39a3ee5e6b4b0d3255bfef95601890afd80709


Hope this helps! Thank you Totoro for the event viewer path thats how i found this.

Subnautica users have had this in the past...

https://steamcommunity.com/app/264710/discussions/3/3220528325726599090/

https://steamcommunity.com/app/264710/discussions/0/3220528325727694048/

https://twitter.com/codelumpn/status/1045906127743938560?lang=en

Seems like a false positive.

Did you play counter strike 1.6?

Originally posted by Lord Tywin:

Name: Trojan:Script/Foretype.A!ml
ID: 2147724345
Severity: Severe
Category: Trojan
Path: file:_E:\Steam\appcache\httpcache\54\545f5b22e8a5a958a71b23f7d0ec9e57e71947d1_da39a3ee5e6b4b0d3255bfef95601890afd80709


Hope this helps! Thank you Totoro for the event viewer path thats how i found this.

That is the http cache. Do you use Steam to brows the web? If so, I wouldn't suggest it (especially with unknown sites) as it is not a full fledged browser and may lack some of the protection that they have against malware.

Originally posted by Spawn of Totoro:

Originally posted by Lord Tywin:

Name: Trojan:Script/Foretype.A!ml
ID: 2147724345
Severity: Severe
Category: Trojan
Path: file:_E:\Steam\appcache\httpcache\54\545f5b22e8a5a958a71b23f7d0ec9e57e71947d1_da39a3ee5e6b4b0d3255bfef95601890afd80709


Hope this helps! Thank you Totoro for the event viewer path thats how i found this.

That is the http cache. Do you use Steam to brows the web? If so, I wouldn't suggest it (especially with unknown sites) as it is not a full fledged browser and may lack some of the protection that they have against malware.

No, i only really ever use steam browser when looking up guides or something, and thats super rare lol.

Originally posted by Lord Tywin:

Originally posted by Spawn of Totoro:

That is the http cache. Do you use Steam to brows the web? If so, I wouldn't suggest it (especially with unknown sites) as it is not a full fledged browser and may lack some of the protection that they have against malware.

No, i only really ever use steam browser when looking up guides or something, and thats super rare lol.

That really looks like some kind of cache poisoning, just telling my ideas. Being you, I would perform a full scan using your antivirus and check your browsers (Firefox, Chrome, etcetera) for any suspicious extensions/plugins that shouldn't be there.

Originally posted by Melody =^-^=:

Originally posted by Lord Tywin:

No, i only really ever use steam browser when looking up guides or something, and thats super rare lol.

That really looks like some kind of cache poisoning, just telling my ideas. Being you, I would perform a full scan using your antivirus and check your browsers (Firefox, Chrome, etcetera) for any suspicious extensions/plugins that shouldn't be there.

My question to that would be how would it end up infecting my steam folder on a completely seperate hard drive? "not doubting im just curious"