GTDownDE_87.ocx found by Avira

Discussion in 'other anti-virus software' started by WilliamP, Jan 29, 2009.

Thread Status:
Not open for further replies.
  1. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    I have Avira Premium and yesterday I had a pop up saying that I had GTDownDE_87.ocx in the Windows 32 folder. Does anyone know what that is?
     
  2. Coolio10

    Coolio10 Registered Member

    Joined:
    Sep 1, 2006
    Posts:
    1,124
    Found an old thread about it. Seems to be real adware.

    https://www.wilderssecurity.com/showthread.php?t=133100
     
  3. WilliamP

    WilliamP Registered Member

    Joined:
    Jun 1, 2003
    Posts:
    2,201
    Location:
    Fayetteville, Ga
    Thank you Coolio10. I had run a search, but not on that forum. I deleted it but not sure how it got in.
     
  4. LoneWolf

    LoneWolf Registered Member

    Joined:
    Jan 2, 2006
    Posts:
    3,408
  5. buttoni

    buttoni Registered Member

    Joined:
    Jul 8, 2005
    Posts:
    44
    Location:
    Central Texas
    I'm not 100% certain, but when I right click on this file in my Windows\System 32 folder, properties show copyright of Gteko, Inc. After quite a bit of researching via Google, I learned that Gteko, Inc. designs support software and is connected to the once pre-installed Dell Support program (you know, the familiar orange/green symbol that is, or used to be if disabled, in your systray). Don't know if Dell still pre-installs this or not. I keep Dell Support disabled at startup as I don't find it very useful. I occasionally invoke it manually to let it run a hardware maintenance check on my system.

    Over the past 4 years life of this Dell pc, I have had several AS scanners hit on various Gteko files and declare my pc to be "infected with Adware.GDown" (including said GTDownDE_87.ocx, spotted most recently by MBAM). And who knowso_O Dell has been accused on pre-installing crapware on new pc's haven't they? ;) If some is tracking in nature, like the MyWay they pre-installed at one time, it might explain why AS and AV scanners occasionally hit on Gteko files. There are lots of Gteko Inc files in my Dell Support folder in progam files. Dunno. All I know is is don't have any bizarre pc behavior and believe my pc is "clean as a whistle". I think all the GT* files are Gteko (Dell Support) related and do not intend to purge them from my system until which time I decide to uninstall Dell Support totally via Add/Remove Programs.

    There's my 2 cents worth on this file.

    EDIT: Oh, I forgot. I also discovered Gteko, Inc. was acquired by Microsoft Corp in 2006.
     
    Last edited: Feb 4, 2009
  6. buttoni

    buttoni Registered Member

    Joined:
    Jul 8, 2005
    Posts:
    44
    Location:
    Central Texas
    Well, I wanted to post back the results of a little experiment I ran after a reg backup. I uninstalled Dell Support in Safe Mode via Add/Remove (since I never use it). Promptly did a regedit Find on keywords Dell Support and Gteko and no instances were found. Booted back into Normal Mode, checked Program Files and the Dell folder (where Dell Supported lived) is now empty. Said file GTDownDE_87.ocx is also no longer sitting in Windows\System 32 folder. So I think we have the answer to what is GTDownDE_87.ocx. It appears to definitely be a part of Dell Support software module. Now as to whether it is really tracking adware.......Who knows? I'm sure Dell would insist it is not. ;)
     
    Last edited: Feb 5, 2009
  7. xMarkx

    xMarkx Registered Member

    Joined:
    Dec 1, 2008
    Posts:
    447
    Hi,

    My NOD32 v3 just picked up GTDownDE_87.ocx

    Object Name: C:\i386\GTDownDE_87.ocx Reason: Probably a variant of Win32/Adware.Agent application.

    I haven't got a virus on this computer in over a year (Dell Dimension 8400, Windows XP SP3 Home Edition 32-bit with Windows Update up-to-date).

    Just a few hours before doing the full system scan which detected C:\i386\GTDownDE_87.ocx, I received the Blue Screen of Death during reboot after the installation of Google Earth 5:

    0x00000050 (0xBAD0B148, 0x0000000, 0x805BB45E, 0x0000002) PAGE_FAULT_IN_NONPAGED_AREA

    There was no record of this as a .dmp file in C:\WINDOWS\MINIDUMP and it wasn't recorded in Event Viewer.

    I know this is an old thread now, but, this is one of the few threads about C:\i386\GTDownDE_87.ocx on Wilders.

    Do you know what C:\i386\GTDownDE_87.ocx is or how / where I got it? Do you think it might have caused the Blue Screen of Death earlier?

    Thanks.
     
  8. buttoni

    buttoni Registered Member

    Joined:
    Jul 8, 2005
    Posts:
    44
    Location:
    Central Texas
    FWIW, if you refer back to my last two posts, this GTDownDE_87.ocx file on my system didn't live in C:\i386 folder......only in my Dell Support folder. Also had 3 Dell Support registry area keys MBAM quarantined and I let it delete. Sorry I no longer have those keys. In addition, I never got a BSOD or any malfunctions of any sort. Never have, knock on wood. Hope the experts here can jump in and offer you some help.
     
    Last edited: Feb 8, 2009
Loading...
Thread Status:
Not open for further replies.