Spyware Warrior Spyware Warrior
Help with Spyware, Hijacking & Other Internet Nuisances
 
FAQ :: Search :: Memberlist :: Usergroups :: Register
Profile :: Log in to check your private messages :: Log in

pgohhgor.exe what is it!?

 
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts
View previous topic :: View next topic  
Author Message
Balo
Newbie


Joined: 19 Mar 2005
Last Visit: 19 Mar 2005
Posts: 2
PostPosted: Sat Mar 19, 2005 2:41 am    Post subject: pgohhgor.exe what is it!? Reply with quote
For over a year I have had this program consistently come back out of no where and automatically start running. It is called pgohhgor.exe and is found in the winnt/system32 directory. NAV fails to detect it as a virus but I suspect it is. Adaware and Spybot fail to get rid of it and to kill it in task manager I have to kill the process tree or it just comes right back. It always shows a date of 5/19/03 and a 3am time stamp. I have removed it from the registry and tried to prevent it from auto loading at boot with a msconfig selective start up but it will continue to come back. I can find no information on this file anywhere. When I zip it and send to our IT people it is blocked by their virus detection as a Delf-27 trojan, if this is true, why won't NAV detect it and remove it and what's scarier is that I've seen it around my system for at least a year! Any ideas???
Back to top
View user's profile Send private message Send e-mail
3162
Honorary Site Admin


Joined: 31 Mar 2004
Last Visit: 04 May 2009
Posts: 4452
PostPosted: Sat Mar 19, 2005 3:31 am    Post subject: Reply with quote
Hard to say precisely what it is, but my guess is a dialler of some sort.
You can zip it up and send it to me if you like. 3162-at-spywarewarrior.com

Then, it will likely be easily removed in safe mode if you log in to an account with Administrator rights, locate and delete the file.
However, if you have one nasty, there's probably more lurking.
_________________
Proud member of the Chest Zipper Club!
Back to top
View user's profile Send private message
ld
Warrior


Joined: 01 Mar 2005
Last Visit: 29 Jul 2010
Posts: 185
PostPosted: Sat Mar 19, 2005 9:17 am    Post subject: Reply with quote
Submit the file to www.virustotal.com This site will scan the file with about 10 different av products and let you know what if anything each detects in the file. If many of the programs here detect a virus and and NAV doesn't then submit a sample to symantec. If the other av's there detect it, they will tell you what name they detect it as.
Back to top
View user's profile Send private message
Balo
Newbie


Joined: 19 Mar 2005
Last Visit: 19 Mar 2005
Posts: 2
PostPosted: Sat Mar 19, 2005 1:28 pm    Post subject: Reply with quote
I may have gotten rid of that pgohhgor program by noticing that there was another program called randreco.exe that was constantly trying to get through my firewall and contact www.abetterinternet.com every so often. I contacted this web site and asked how to remove it and they sent me to a page that had some uninstaller: http://www.mypctuneup.com/evaluate.php , which looks like it also removed that pgohhgor.exe program as well so I guess it was ad/spyware. I'll keep an eye out and see if it ever comes back now. I am not sure what all those things were doing in any case or what any of this stuff was supposed to do to make "a better internet" or "tune up" my pc...
Back to top
View user's profile Send private message Send e-mail
Display posts from previous:   
Post new topic   Reply to topic    Spyware Warrior Forum Index -> Virus, Worm &Trojan Alerts All times are GMT - 8 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



smartBlue Style © 2002 Smartor
Powered by phpBB © 2001, 2002 phpBB Group