GTDownDE_87.ocx found by Avira

I have Avira Premium and yesterday I had a pop up saying that I had GTDownDE_87.ocx in the Windows 32 folder. Does anyone know what that is?

 

Found an old thread about it. Seems to be real adware.

https://www.wilderssecurity.com/showthread.php?t=133100

 

Thank you Coolio10. I had run a search, but not on that forum. I deleted it but not sure how it got in.

 

Not sure it is............

http://www.malwarebytes.org/forums/index.php?showtopic=8409&hl=

 

I'm not 100% certain, but when I right click on this file in my Windows\System 32 folder, properties show copyright of Gteko, Inc. After quite a bit of researching via Google, I learned that Gteko, Inc. designs support software and is connected to the once pre-installed Dell Support program (you know, the familiar orange/green symbol that is, or used to be if disabled, in your systray). Don't know if Dell still pre-installs this or not. I keep Dell Support disabled at startup as I don't find it very useful. I occasionally invoke it manually to let it run a hardware maintenance check on my system.

Over the past 4 years life of this Dell pc, I have had several AS scanners hit on various Gteko files and declare my pc to be "infected with Adware.GDown" (including said GTDownDE_87.ocx, spotted most recently by MBAM). And who knows Dell has been accused on pre-installing crapware on new pc's haven't they? If some is tracking in nature, like the MyWay they pre-installed at one time, it might explain why AS and AV scanners occasionally hit on Gteko files. There are lots of Gteko Inc files in my Dell Support folder in progam files. Dunno. All I know is is don't have any bizarre pc behavior and believe my pc is "clean as a whistle". I think all the GT* files are Gteko (Dell Support) related and do not intend to purge them from my system until which time I decide to uninstall Dell Support totally via Add/Remove Programs.

There's my 2 cents worth on this file.

EDIT: Oh, I forgot. I also discovered Gteko, Inc. was acquired by Microsoft Corp in 2006.

 

Well, I wanted to post back the results of a little experiment I ran after a reg backup. I uninstalled Dell Support in Safe Mode via Add/Remove (since I never use it). Promptly did a regedit Find on keywords Dell Support and Gteko and no instances were found. Booted back into Normal Mode, checked Program Files and the Dell folder (where Dell Supported lived) is now empty. Said file GTDownDE_87.ocx is also no longer sitting in Windows\System 32 folder. So I think we have the answer to what is GTDownDE_87.ocx. It appears to definitely be a part of Dell Support software module. Now as to whether it is really tracking adware.......Who knows? I'm sure Dell would insist it is not.

 

Hi,

My NOD32 v3 just picked up GTDownDE_87.ocx

Object Name: C:\i386\GTDownDE_87.ocx Reason: Probably a variant of Win32/Adware.Agent application.

I haven't got a virus on this computer in over a year (Dell Dimension 8400, Windows XP SP3 Home Edition 32-bit with Windows Update up-to-date).

Just a few hours before doing the full system scan which detected C:\i386\GTDownDE_87.ocx, I received the Blue Screen of Death during reboot after the installation of Google Earth 5:

0x00000050 (0xBAD0B148, 0x0000000, 0x805BB45E, 0x0000002) PAGE_FAULT_IN_NONPAGED_AREA

There was no record of this as a .dmp file in C:\WINDOWS\MINIDUMP and it wasn't recorded in Event Viewer.

I know this is an old thread now, but, this is one of the few threads about C:\i386\GTDownDE_87.ocx on Wilders.

Do you know what C:\i386\GTDownDE_87.ocx is or how / where I got it? Do you think it might have caused the Blue Screen of Death earlier?

Thanks.

 

FWIW, if you refer back to my last two posts, this GTDownDE_87.ocx file on my system didn't live in C:\i386 folder......only in my Dell Support folder. Also had 3 Dell Support registry area keys MBAM quarantined and I let it delete. Sorry I no longer have those keys. In addition, I never got a BSOD or any malfunctions of any sort. Never have, knock on wood. Hope the experts here can jump in and offer you some help.