Virus Question - fdiskdumpp.exe

[FutileEternity]

While booting my system up today, Avast detected the following:

fdiskdumpp.exe in C:\Program Files

Virus description: Win32:SkiMorph [Cryp]

Does anybody have any idea of what this is?  Also, Is there anything else on my system that I should look for that could be lingering around in relation to this file?

Thanks!

[polonus]

This could well be a False Positive:
 [%PROGRAM_FILES%]\fdiskdumpp.exe        [%PROGRAM_FILES%]\fdiskdumpp.exe     Safe

Upload fdiskdumpp.exe to www.virustotal.com and report the results in an attached txt file,

polonus

[FutileEternity]

I tried uploading it to that site, but every time, I get the following:

0 bytes size received

[DavidR]

Where are you trying to upload it from, the HDD location or the chest, etc. ?

Does the Standard Shield alert when you try to upload it to VT ?

[Lisandro]

FutileEternity, can you copy the file to your desktop area and send it from there? (take care handling the file).

[FutileEternity]

FutileEternity, can you copy the file to your desktop area and send it from there? (take care handling the file).

That's exactly what I did, and I got what I posted previously.  And yes, the standard shield alert goes off when I try to upload it to VT.

[Lisandro]

FutileEternity, can you copy the file to your desktop area and send it from there? (take care handling the file).

That's exactly what I did, and I got what I posted previously.  And yes, the standard shield alert goes off when I try to upload it to VT.

Try changing the file name to fdiskdumpp.exe.txt

[DavidR]

FutileEternity, can you copy the file to your desktop area and send it from there? (take care handling the file).

That's exactly what I did, and I got what I posted previously.  And yes, the standard shield alert goes off when I try to upload it to VT.

That is because avast scans when you try to access the file and even if you choose no action avast won't let you work with an infected file and this includes uploading it. That is why the file size is 0 bytes.

I don't know if changing the file type to .txt a supposedly inert file type would work or if it might also effect the file. You could pause the Standard Shield just to allow it to be uploaded an immediately it is uploaded enable again. However , I not keen on that idea of lowering your protection whilst on-line even for a short time.

Create a folder called Suspect in the C:\ drive, e.g. C:\Suspect. Now exclude that folder in the Standard Shield, Customize, Advanced, Add, type (or copy and paste) C:\Suspect\* That will stop the standard shield scanning any file you put in that folder. You should now be able to export any file in the chest to this folder and upload it to VirusTotal without avast alerting.