Hello there!
This is my first time using the forums as it’s the first time I’ve had a problem with possible malware while using Avast so I apologise if some of this information is insufficient/irrelevant, but after running a full system scan on my Windows 8.1 x64 PC, ‘Segment0.cmf’ in C:\Windows\rescache\rc0001 tested positive for ‘Win32:GameThief-L [Trj]’ and it was moved to the Virus Chest. The file was last modified at 09:38:38 GMT and tested negative for any threats in a prior full system scan that I ran at 09:02:18 GMT. I’ve been running frequent scans over the last few days as Avast tested positive for this same threat in the same place twice in the same scan just before I nuked my harddrives and started a clean install of Windows 8.1.
I’m not entirely sure what processes I was running at the time of last modification to cause the file modification and a change in threat detection from Avast as I’m not sure what Segment0.cmf’s purpose is, but I was probably logged into the Steam service with Facebook open in the background.
I uploaded the file to VirusTotal and Avast appears to be the only anti-virus that tests positive for infection, also as I haven’t been able to find much information about GameThief-L (at least not in English) I was wondering if someone could help me out in determining whether this is a false positive or not.
Any info/help will be appreciated.
Edit: VT results here: https://www.virustotal.com/en/file/e73b5a06bf9d3ce6a72dcb3db69b14867c0e3d1034140432ea49d01e1cee4ffd/analysis/
