Author Topic: igfxdiag coming up as Win32:Malware-gen  (Read 7513 times)

0 Members and 1 Guest are viewing this topic.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 82189
  • No support PMs thanks
Re: igfxdiag coming up as Win32:Malware-gen
« Reply #15 on: December 07, 2009, 03:57:33 AM »
Well I don't use Spyware Doctor (SD), so I don't know what the purpose of that Temp folder is within the avdb folder. I can't even find any useful information on the .vbt file type to be of any help

It may be that for scans it unpacks it database to try and speed scans, or possibly like avast it uses the _avast4_ to unpack archives so their contents can be scanned. So it could be possible that something that SD opens to be scanned is first hooked by avast and scanned. After running an SD scan is that temp folder emptied of .vbt files (like avast empties the _avast4_ folder after a scan) ?

So there is more to this than first meets the eye and you need to seek confirmation from the SD support forum as to what this temp folder and the .vbt files are/do.

So contrary to my advice on the exclusion of the *.vbt until we know what the purpose of these files are it could be leaving a hole in security. Whilst it would be possible for a virus to get in there it would also have to have a .vbt file extension/type to also be excluded, so it is a risk but not I would say a high risk.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.541) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline Avastiest

  • Newbie
  • *
  • Posts: 12
Re: igfxdiag coming up as Win32:Malware-gen
« Reply #16 on: December 07, 2009, 09:05:50 PM »
I just scanned the file in the Virus Chest an it says not infected, it must of been fixed with the last update. I restored it an scanned it again an Avast finds nothing wrong with it, thanks a bunch guys.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 82189
  • No support PMs thanks
Re: igfxdiag coming up as Win32:Malware-gen
« Reply #17 on: December 07, 2009, 10:01:03 PM »
You're welcome, thanks for the feedback.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.541) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline cromag

  • Jr. Member
  • **
  • Posts: 52
Re: igfxdiag coming up as Win32:Malware-gen
« Reply #18 on: December 07, 2009, 10:12:31 PM »
Yep.  Beat me to it, Avastiest .

Offline Jack 1000

  • Poster
  • *
  • Posts: 619
Re: igfxdiag coming up as Win32:Malware-gen
« Reply #19 on: December 07, 2009, 10:48:27 PM »
Hi, I'd like some guidance.

While running a MBAM scan Avast! popped up to warn me about

Code: [Select]
C:\WINDOWS\system32\igfxdiag.exe

Specifically, that there was a sign of Win32:Malware-gen, I believe.

I put it in the chest, but would like to verify it.  The file has a "last changed" date of 7/1/2004, although I suppose that could be faked.  Rescanning in the chest still shows it as a virus, FileID:145.

How do I go about having this verified?

I hope I'm not being too dense, but I just want to make sure I know what I have.  I've been pretty careful out there, but stuff can still happen.

Thanks.

What exactly is this false postiive?  I had it in my start up services, but so far at least nothing has popped up from Avast? I did an MSConfig to uncheck it.

Jack
« Last Edit: December 07, 2009, 10:56:59 PM by Jack 1000 »
Avast 2014 -Windows XP (SP-3) and Malware Bytes Anti-Malware (Free Version)
1GB RAM

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 82189
  • No support PMs thanks
Re: igfxdiag coming up as Win32:Malware-gen
« Reply #20 on: December 07, 2009, 11:38:26 PM »
Not sure what it is that you are asking, if this particular FP or FPs in general.

If just false positives, it is an incorrect detection on a good file.

Much like a pregnancy test, your pregnant, oops, no your not ;D
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.8.2393 (build 19.8.4793.541) UI-1.0.415/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/