What is phqghumea.exe?

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by hiyooo, Nov 1, 2004.

  1. hiyooo

    hiyooo Private E-2

    I am not sure what it is, but I think it is a virus or trojan.

    It is in the Windows Task Manager..... I tried scanning with Ad-ware, Spybot, Norton Anti-virus, and my windows update is up to date.

    And 1 more question... I was offline, not even connected to the Internet.. I got a W32.Spybot.worm out of nowhere, then Norton took care of it. How did I get that? Could it be linked to phqghumea.exe?
     
    hiyooo, Nov 1, 2004
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Please follow all the steps in this Sticky thread < READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal >

    If you already have any of the programs linked in the tutorial please double check your version to make sure you have the latest one and that you have any/all updates for the programs.

    NOTE: In order to resolve the issues you are having it is very important that you at least try to perform all the steps as outlined. If you have any difficulty please post back letting us know what steps you have completed, what you found while doing the scans if anything and details about any problems you have encountered in completing the steps. The more details you can provide the better.

    A Spybot.worm is normally associated with one of these two files:
    wuamgrd.exe or bling.exe
     
    chaslang, Nov 1, 2004
    #2
  3. baumer

    baumer Private E-2

    i did everything on that site and i still had phqghumea.exe running

    but i did find a way past it, i think i havent seen it in the last hour

    goto the windows\prefetch directory and delete phqghumea.exe-prefetch,
    then use the task manager (Ctrl-Alt-Del) to end the phqghumea.exe program


    that should do it, make sure you empty the recycle bin
    , then restart and you should be good to go!
     
    baumer, Nov 8, 2004
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That will not fix it. It loads from a couple of registry entries and the actual file is typically in C:\WINDOWS\System32\phqghumea.exe

    So to fix it you must kill the process, delete the registry entries, reboot in safe mode and delete the executable file.

    Now empty Prefetch and Recycle.
     
    chaslang, Nov 9, 2004
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds