Hello, I’ve been cleaning a friend’s pc lately. I found lots of adware and tried to clean it, i ran about 3-4 deep avast! Free Antivirus scans, and half a boot scan (I stopped it at 45%). In the last deep scan it found only 1 virus and I deleted it.
I’ve just installed a firewall, privatefirewall, and it found System32/dmwu.exe trying to execute. I blocked it since it had no digital signature, but avast! didn’t found any problem when scanning it. Searching over the internet, a lot of sites said this is a malware, and some said not, some say it comes with SweetPacks (which was obviously on this pc before cleaning) so I don’t know whether or not I have to delete it.
Further info: The process isn’t active right now, and I was notified by the firewall when it was trying to execute System32\ARFC\wrtc.exe, associated with incrediMail (which was obviously on this pc before cleaning).
The registry did not have lots of keys containing this… http://postimg.org/image/y0jfm78z1/
not virus but a PUP
PUP = not virus / Possible Unwanted Program … crap programs that comes bundled with other downloads … like unwanted toolbars/search engines/adware