procgdow32.exe? "JimL" <inkleput[ at ]isp.com> 11/6/2008 5:47:28 PM Google finds nothing on the file procgdow32.exe. Anybody know what it is? It may be a malware of some kind. JimL

Re: procgdow32.exe? "John John (MVP)" <audetweld[ at ]nbnet.nb.ca> 11/6/2008 6:00:35 PM Right click on the file and then click on "Properties" and see what other information you can get on the file. John JimL wrote: [Quoted Text] > Google finds nothing on the file procgdow32.exe. Anybody know what it is? > > It may be a malware of some kind. > > JimL > >

procgdow32.exe "JimL" <inkleput[ at ]isp.com> 11/6/2008 7:06:35 PM The only info there is an apparent creation date of 10/31/2008. Spyware Detector tagged an INI file in the same folder as a trojan (don't remember the details). The INI was a text file which pointed to procgdow32.exe. The files are/were in [system partition]>documents and settings>[user name]>local settings>application data>microsoft>windows. I'm wondering if the folder is even legitimate. "John John (MVP)" <audetweld[ at ]nbnet.nb.ca> wrote in message news:uzzo4lDQJHA.3876[ at ]TK2MSFTNGP04.phx.gbl... [Quoted Text] > Right click on the file and then click on "Properties" and see what other > information you can get on the file. > > John > > JimL wrote: > >> Google finds nothing on the file procgdow32.exe. Anybody know what it >> is? >> >> It may be a malware of some kind. >> >> JimL >

Re: procgdow32.exe Malke <malke[ at ]invalid.invalid> 11/6/2008 8:31:25 PM JimL wrote: [Quoted Text] > The only info there is an apparent creation date of 10/31/2008. > > Spyware Detector tagged an INI file in the same folder as a trojan (don't > remember the details). The INI was a text file which pointed to > procgdow32.exe. > > The files are/were in [system partition]>documents and settings>[user > name]>local settings>application data>microsoft>windows. I'm wondering if > the folder is even legitimate. > > > "John John (MVP)" <audetweld[ at ]nbnet.nb.ca> wrote in message > news:uzzo4lDQJHA.3876[ at ]TK2MSFTNGP04.phx.gbl... >> Right click on the file and then click on "Properties" and see what other >> information you can get on the file. >> >> John >> >> JimL wrote: >> >>> Google finds nothing on the file procgdow32.exe. Anybody know what it >>> is? >>> >>> It may be a malware of some kind. When you get no hits for a file name on Google, the possibility that it is malware is high. Do the normal scanning for malware: http://www.elephantboycomputers.com/page2.html#Removing_Malware I'd start with MalwareBytes' Antimalware (MBAM). You can also send the file to Virus Total for identification. They will submit it to various antivirus companies and send you a report. http://www.virustotal.com/ Malke -- MS-MVP Elephant Boy Computers - Don't Panic! FAQ - http://www.elephantboycomputers.com/#FAQ

Re: procgdow32.exe "Twayne" <nobody[ at ]devnull.spamcop.net> 11/7/2008 5:14:26 PM [Quoted Text] > The only info there is an apparent creation date of 10/31/2008. > > Spyware Detector tagged an INI file in the same folder as a trojan > (don't remember the details). The INI was a text file which pointed > to procgdow32.exe. > > The files are/were in [system partition]>documents and settings>[user > name]>local settings>application data>microsoft>windows. I'm > wondering if the folder is even legitimate. > > > "John John (MVP)" <audetweld[ at ]nbnet.nb.ca> wrote in message > news:uzzo4lDQJHA.3876[ at ]TK2MSFTNGP04.phx.gbl... >> Right click on the file and then click on "Properties" and see what >> other information you can get on the file. >> >> John >> >> JimL wrote: >> >>> Google finds nothing on the file procgdow32.exe. Anybody know what >>> it is? >>> >>> It may be a malware of some kind. >>> >>> JimL You seem to be saying you found a viral ini pointing to it, which would indicate malware. Rename it and see if everything keeps working. That's the same as deleting it to a program that tries to use it. I usually rename things like: filename.exe becomes filenameOLD.exe. Then if it turns out it's needed, it's easy to relocate and put back. If nothing goes wrong after a week or so, then delete it. Or is you're still not sure, move it off to a CD or seomthing for strage and delete it from your machine. Twayne