Jump to content

win64/microstar

Karlend
 Share

Recommended Posts

Karlend

Karlend 0

Posted
Posted

Hello everyone.
This night i've got an detection in my afterburner folder. Virus called like a "win64/microstar.j", it's marked as potential dangerous. I can't find any info about it on virusradar.
After deleting it my afterburner showed an empty screen of program: no temp, fan speed, clock speed and etc. So here no ways to control my GPU. I tried to reinstall the program from officail site, but ESET it keeps detecting this microstar again.
What it could be, and how to fix it?
Thanks for any help.

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 4,839

Posted
  • Administrators
Posted

It's a detection of a vulnerable driver. If you have the latest driver installed and it's still detected and vulnerable, create a detection exclusion with the path to the file that you want to exclude so that the driver in different locations would still be detected.

Link to comment
Share on other sites
itman

itman 1,594

Posted
Posted (edited)

The MSI Afterburner drivers issue dates to 2019 and is a serious one. You can read about it here: https://cve.report/qid/377637 . Additionally, these vulnerable drivers have also been used in ransomware attacks: https://www.scmagazine.com/brief/vulnerability-management/msi-driver-vulnerability-leveraged-in-new-blackbyte-attacks .

MSI issued an update to Afterburner earlier this year: https://www.msi.com/news/detail/MSI-Releases-Updated-Version-4-6-5-of-Afterburner-141807. I would think they would have issued new drivers to correct this vulnerability. You stated that you did recently update Afterburner to this latest version. I would contact MSI and verify the drivers in the latest version of Afterburner have corrected the vulnerability. If this is confirmed by MSI, it then would be safe to created an Eset detection exclusion for these latest drivers.

Edited by itman
Link to comment
Share on other sites
  • Most Valued Members
Nightowl

Nightowl 197

Posted
  • Most Valued Members
Posted

And if you don't look to overclock and play with the GPU , uninstall Afterburner because it's useless.

Link to comment
Share on other sites
  • 2 weeks later...
Karlend

Karlend 0

Posted
  • Author
Posted
On 7/8/2023 at 3:50 PM, Marcos said:

It's a detection of a vulnerable driver. If you have the latest driver installed and it's still detected and vulnerable, create a detection exclusion with the path to the file that you want to exclude so that the driver in different locations would still be detected.

But is it safe? I mean are you sure that isn't a virus or malware at all, and i can safely exclude it, so nothing will be broken in my PC and here is no ways to other viruses to mess with my system trough this thing?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...