Jump to content
jammer09

Have an GTIDMTJH.EXE quarantined by SuperAntiSpyware, help!

Recommended Posts

Heilsa!

I am working on a friends PC and it was not letting me install Microsoft .NET Framework, AutoCAD or SP3 on said PC. So we started to go through the motions as to find out why. I installed SuperAntiSpyware on it and updated and ran a full scan. It quarantined some adware.tracking cookies of which I got rid of and this "GTIDMTJH.EXE" in "C:\WINDOWS\SYSTEM32\" directory. So it is located in this spot "C:\WINDOWS\SYSTEM32\GTIDMTJH.EXE". SuperAnitSpyware calls it an "Unclassified.Unkown Origin".

I did a little searching and can't find "ANY" info. on this EXE file good or bad. I think that is a bad situation too as there should be some info. as to whether or not it is a legit file or not.

Can anyone help me out in this situation? It is still quarantined in SuperAntiSpyware. How do I find out about it and then remove it safely if it is malicious? Is it something new and needs to be investigated or harmless and suppose to be there or is it something in the wrong spot?

Share this post


Link to post
Share on other sites

jammer09

Did a search myself, couldn't find that file using Google, either. (apart from the one Google entry: this thread.)

Nor is it present in my System32 folder. Nor anywhere on the computer.

So it could be malicious, or it might not be.

Does the Windows (or Microsoft) Update site work on this computer? It may be that it needs the latest Ms installer or validation software to download stuff, if it hasn't been visited in a while.

As for the mystery file, can you examine the file properties in the quarantine? Probably not, and you could try restoring it, locating it in the system32 folder, and right clicking it then select "properties". It may tell you something about itself. While it's there do try uploading it to virustotal for a multi-scan.

If it is malicious (or merely un-needed) it will do no harm in the quarantine. No need to rush to delete it.

Share this post


Link to post
Share on other sites

Heilsa!

Couldn't find the file after it was quarantined so I am going to restore it then upload it to virustotal and see what it says and look at it properties, unless someone else knows of a way to upload it while in quarantined etc... Then run another scan with SuperAntiSpyware and see what all it comes up with this time.

Share this post


Link to post
Share on other sites

Heilsa!

Well, we ran another scan awhile back with updated definitions etc... and it found approximately 900 and something infected files, it had everything on it, same PC. So Super did its thing, removed some and quarantined some so whatever it quarantined I just removed. Thank you for all of your help! I thoroughly love SuperAntispyware! Thank you everyone here for your contributions to our safety online!

Ves Heill! Farr Heill!

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×