
Is 232mt8.exe associated with Dr. Web? It keeps popping up in my task manager.

Well if it were associated with DrWeb I would expect it to come up as such in a google search and it doesn’t.

You could also check the offending/suspect file at: VirusTotal - Multi engine on-line virus scanner and report the findings here the URL in the Address bar of the VT results page.

Send a sample to avast if multiple detections at VT.
Send the sample to virus@avast.com zipped and password protected with the password in email body, a reference to this topic (give URL) and undetected malware in the subject.

Or you can also add the file to the User Files (File, Add) section of the avast chest (if it isn’t already there) where it can do no harm and send it from there. A copy of the file/s will remain in the original location, so you will need to take further action and can remove/rename that.

Send it from the User Files section of the chest (select the file, right click, email to Alwil Software). It will be uploaded (not actually emailed) to avast when the next avast auto (or manual) update is done.

If you haven’t already got this software (freeware), download, install, update and run it and report the findings (it should product a log file).

Don’t worry about reported tracking cookies they are a minor issue and not one of security, allow SAS to deal with them though. - See http://en.wikipedia.org/wiki/HTTP_cookie.

It is not a Dr Web file according to their forum.

Hopefully, yawetage will use MBAM and return with a log.

Hi yawetage,

The way the executable is named gives it a suspicious tinge i.m.o., so follow DavidR’s suggestion and upload the file in question to virustotal.com. Curious what it is!


It turns out Cureit has a different letter-number combination name depending on either what day it is downloaded or your location. So for example today when I did a fresh download it was ts827y6.exe and yesterday it was something else. And of course when this pops up in task manager it looks suspicious because I expect to see something like Drweb.exe running.

OK, mystery over, personally I would have uploaded it anyway.

I did upload it to VirusTotal pretty much first thing, but only Esafe and Comodo detected it as “suspicious”.