Author Topic: igfxdiag coming up as Win32:Malware-gen (Read 9388 times)

DavidR · « **Reply #15 on:** December 07, 2009, 03:57:33 AM »

Well I don't use Spyware Doctor (SD), so I don't know what the purpose of that Temp folder is within the avdb folder. I can't even find any useful information on the .vbt file type to be of any help

It may be that for scans it unpacks it database to try and speed scans, or possibly like avast it uses the _avast4_ to unpack archives so their contents can be scanned. So it could be possible that something that SD opens to be scanned is first hooked by avast and scanned. After running an SD scan is that temp folder emptied of .vbt files (like avast empties the _avast4_ folder after a scan) ?

So there is more to this than first meets the eye and you need to seek confirmation from the SD support forum as to what this temp folder and the .vbt files are/do.

So contrary to my advice on the exclusion of the *.vbt until we know what the purpose of these files are it could be leaving a hole in security. Whilst it would be possible for a virus to get in there it would also have to have a .vbt file extension/type to also be excluded, so it is a risk but not I would say a high risk.

Avastiest · « **Reply #16 on:** December 07, 2009, 09:05:50 PM »

I just scanned the file in the Virus Chest an it says not infected, it must of been fixed with the last update. I restored it an scanned it again an Avast finds nothing wrong with it, thanks a bunch guys.

DavidR · « **Reply #17 on:** December 07, 2009, 10:01:03 PM »

You're welcome, thanks for the feedback.

cromag · « **Reply #18 on:** December 07, 2009, 10:12:31 PM »

Yep. Beat me to it, Avastiest .

Jack 1000 · « **Reply #19 on:** December 07, 2009, 10:48:27 PM »

Quote from: cromag on December 06, 2009, 11:25:18 PM

Hi, I'd like some guidance.

While running a MBAM scan Avast! popped up to warn me about

Code: [Select]
C:\WINDOWS\system32\igfxdiag.exe
Specifically, that there was a sign of Win32:Malware-gen, I believe.

I put it in the chest, but would like to verify it. The file has a "last changed" date of 7/1/2004, although I suppose that could be faked. Rescanning in the chest still shows it as a virus, FileID:145.

How do I go about having this verified?

I hope I'm not being too dense, but I just want to make sure I know what I have. I've been pretty careful out there, but stuff can still happen.

Thanks.

What exactly is this false postiive? I had it in my start up services, but so far at least nothing has popped up from Avast? I did an MSConfig to uncheck it.

Jack

DavidR · « **Reply #20 on:** December 07, 2009, 11:38:26 PM »

Not sure what it is that you are asking, if this particular FP or FPs in general.

If just false positives, it is an incorrect detection on a good file.

Much like a pregnancy test, your pregnant, oops, no your not

Author Topic: igfxdiag coming up as Win32:Malware-gen (Read 9388 times)

DavidR

Re: igfxdiag coming up as Win32:Malware-gen

Avastiest

Re: igfxdiag coming up as Win32:Malware-gen

DavidR

Re: igfxdiag coming up as Win32:Malware-gen

cromag

Re: igfxdiag coming up as Win32:Malware-gen

Jack 1000

Re: igfxdiag coming up as Win32:Malware-gen

DavidR

Re: igfxdiag coming up as Win32:Malware-gen