pollgs.exe and Hou8RUY5R , what is?

N

Nehmo Sergheyev

Win XP Home SP2, Currently using XP firewall ICF, NAV

I'm not exactly sure how it happened, but I got invaded by a bunch of adware
(much of it ironically advertised security apps) last night. NAV couldn't
delete several items, so I had to manually delete them. Sometimes I had to
stop the running process first, and sometimes I renamed the file, stopped
the process, and then deleted. I also ran Ad-aware SE. Eventually, I got a
clean bill of health from NAV and Ad-Aware SE.

Some of the stuff showed up on the msconfig startup tab. One Item was
pollgs.exe
which I must have already deleted because I can't find it now. This is the
key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

Name: Hou8RUY5R

Data: pollgs.exe

I couldn't find any info on this malware. Does anybody know what it is?

(Today, I did several things to harden the system.)
 
I

Ian Kenefick (Ireland)

Hello,
Does anybody know what it is?
Click to expand...

I don't :(

I couldn't find any info on this malware.

(Today, I did several things to harden the system.)
Click to expand...

You should submit suspicious files to virustotal.com where it is checked
by multiple scanning engines from various vendors.

Don't forget to submit it to your vendor also.

Ian.
 
N

Nehmo Sergheyev

- Nehmo -
- Ian Kenefick (Ireland) -
I don't :(
You should submit suspicious files to virustotal.com where it is checked
by multiple scanning engines from various vendors.
Click to expand...
I didn't know about
http://www.virustotal.com/flash/index_en.html
Thanks for pointing me to it.

And while we're on the subject, I found two other files located in C:\

TVM_B5 Bundle 10.exe 17 KB

Which Kaspersky and Sybari flagged as TrojanDropper.Win32.Small.ht , but was
apparently missed by the other anti-virus apps.

I also found

VVSN_STAT0641Inst.exe 105 KB

I'm almost positive that's something bad. Looking at in Notepad, it has a
suspicious "security warning" message in plain text.

- Ian Kenefick (Ireland) -
Don't forget to submit it to your vendor also.

- Nehmo -
I manually deleted many of the strange files. I don't know everything about
what's supposed to be in certain places, but this is fairly new XP install,
and I could see that some things obviously didn't belong.

Maybe I should switch to, or at least try, Kaspersky or Sybari.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Virus? 1
Wondering what I've got........ 8
Odd virus issue - coming from anit-virus company? 16
NAV2004/Win2k - Norton Antivirus Auto-Protect Driver could not be loaded 5
Regsvr.exe locks me out of task manager and regedit 7
XP more than sluggish 1
Norton AV problems 11
SearchBar 8

Top