Jump to content

Recommended Posts

Hello, today I did a full scan with windows defender and found something that doesn't look good. When I used Malwarebytes normal scan and when i scanned the folder windows defender said the malware was in (I wasn't sure if it was scanning more than just my C drive, windows defender said it was on another drive) with malwarebytes it came up with nothing. Windows defender said it failed to remove it and gave me the following info. 

Threat detected: Trojan:Win32/CryptInject.YP!MTB

file: X:\WindowsApps\Microsoft.MSPhoenix_101.101.39515.0_x64__8wekyb3d8bbwe\Game\wwise\fr\928876185.wem

It appears to to be in the folder some of my xbox game pass games are in but the folder will not allow me to access it at all. I'm worried and not sure what to do next. I included the requested Addition.txt, FRST.txt and theat scan log from malwarebytes. I uploaded the one from scanning just the folder in question and also the general scan one.  Thanks in advance for your time.

 

-Defmeq

 

Addition.txt FRST.txt threat scan log folder.txt threat scan report.txt

Link to post
Share on other sites

Hi,  
My name is Maurice. I will be helping and guiding you, going forward on this case.
Let me know what first name you prefer to go by.

 

What type of devices is the X drive ?

Windows Defender has tried to remove the .wem file but kept running into access denied.

Have you done one Windows Restart today?   if not then do so now.

Keep in mind that MS Windows Defender antivirus has its own unique set of detection rules.   Different from those of Malwarebytes.

 

Can you please go to Virustotal website  ( which is a site that many security companies use to upload and check files for potential malware.  The site uses multiple search engines from several companies).
Go to the link https://www.virustotal.com/gui/home/upload


You will see Choose file button.   Click that as a first step.   You will then see a dialog grid from Windows.
On the white "File name" box  copy and paste in

X:\WindowsApps\Microsoft.MSPhoenix_101.101.39515.0_x64__8wekyb3d8bbwe\Game\wwise\fr\928876185.wem

then click Open button.  It should then Upload a copy of that file.  That file will be analyzed.
Watch the progress.  It should take a short while.
After it has all completed, it will show a completed results page.
Please provide the link address to that results page on your next reply.

 

 

Link to post
Share on other sites

Due to the lack of feedback, this topic is closed to prevent others from posting here.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this topic. Other members who need assistance please start your own topic in a new thread.

Tips to help protect from infection

Thanks

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.