home

igfxhost.exe

 

The executable igfxhost.exe has been detected as malware by 5 anti-virus scanners. It is set to automatically start when a user logs into Windows via the current user run registry key under the display name ‘igfxhost’.
Publisher:
 

Product:
 

Version:
1.00

MD5:
5bead7cdad50e55e0c8739cd6e41b505

SHA-1:
3c90c594eb4f64b48bb27356a16a2f1aee34e059

SHA-256:
6d035bc452f523edf20477a7b2c6e561d116e9adc54b62431d85b1ad359b8641

Scanner detections:
5 / 68

Status:
Malware

Analysis date:
5/4/2024 4:59:22 AM UTC  (today)

Scan engine
Detection
Engine version

avast!
Win32:Polipos
160917-0

Clam AntiVirus
Win.Trojan.Agent-1261140
0.98/23207

Dr.Web
Trojan.MulDrop3.51046
9.0.1.05190

ESET NOD32
Win32/Filecoder.A worm
6.3.12010.0

F-Secure
Variant.Strictor.1732
5.16.24

File size:
204 KB (208,896 bytes)

Product version:
1.00

Original file name:
intralog.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\my pc\igfxhost.exe

File PE Metadata
Compilation timestamp:
2/17/2012 2:58:38 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

Entry address:
0x1F44

Entry point:
68, BC, 8A, 40, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 6C, 60, A5, D9, 5F, EF, B2, 46, 94, 0F, AF, 14, 8D, 35, 2C, 80, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 23, 23, 23, 23, 23, 23, 76, 62, 34, 70, 72, 6F, 6A, 65, 63, 74, 56, 62, 00, 20, 20, 73, 00, 00, 00, 00, FF, CC, 31, 00, 1E, 87, C1, 73, 12, F9, 4B, AF, 41, AF, 22, 35, 19, DA, 0C, 8B, D3, CE, B4, 92, AA, 07, C7, 54, 42, AF, B0, 15, 3D, 19, 29, 7D, 21, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
4.2185

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
168 KB (172,032 bytes)

Startup File (User Run)
Registry location:
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Name:
igfxhost

Command:
C:\users\my pc\igfxhost.exe


Remove igfxhost.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.