Jump to content

Recommended Posts

Posted

Hello everyone.
This night i've got an detection in my afterburner folder. Virus called like a "win64/microstar.j", it's marked as potential dangerous. I can't find any info about it on virusradar.
After deleting it my afterburner showed an empty screen of program: no temp, fan speed, clock speed and etc. So here no ways to control my GPU. I tried to reinstall the program from officail site, but ESET it keeps detecting this microstar again.
What it could be, and how to fix it?
Thanks for any help.

  • Administrators
Posted

It's a detection of a vulnerable driver. If you have the latest driver installed and it's still detected and vulnerable, create a detection exclusion with the path to the file that you want to exclude so that the driver in different locations would still be detected.

Posted (edited)

The MSI Afterburner drivers issue dates to 2019 and is a serious one. You can read about it here: https://cve.report/qid/377637 . Additionally, these vulnerable drivers have also been used in ransomware attacks: https://www.scmagazine.com/brief/vulnerability-management/msi-driver-vulnerability-leveraged-in-new-blackbyte-attacks .

MSI issued an update to Afterburner earlier this year: https://www.msi.com/news/detail/MSI-Releases-Updated-Version-4-6-5-of-Afterburner-141807. I would think they would have issued new drivers to correct this vulnerability. You stated that you did recently update Afterburner to this latest version. I would contact MSI and verify the drivers in the latest version of Afterburner have corrected the vulnerability. If this is confirmed by MSI, it then would be safe to created an Eset detection exclusion for these latest drivers.

Edited by itman
  • Most Valued Members
Posted

And if you don't look to overclock and play with the GPU , uninstall Afterburner because it's useless.

  • 2 weeks later...
Posted
On 7/8/2023 at 3:50 PM, Marcos said:

It's a detection of a vulnerable driver. If you have the latest driver installed and it's still detected and vulnerable, create a detection exclusion with the path to the file that you want to exclude so that the driver in different locations would still be detected.

But is it safe? I mean are you sure that isn't a virus or malware at all, and i can safely exclude it, so nothing will be broken in my PC and here is no ways to other viruses to mess with my system trough this thing?

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...