Home / malware Adware:Win32/PriceGong
First posted on 24 January 2013.
Source: MicrosoftAliases :
There are no other names known for Adware:Win32/PriceGong.
Explanation :
Adware:Win32/PriceGong may be installed from the program's website:
Installation
When run, the installer for Adware:Win32/PriceGong installs the program into folders named "PriceGong" in %ProgramFiles% and %APPDATA%.
Note: %ProgramFiles% refers to a variable location that is determined by the software by querying the operating system. The default location for the Program Files folder for Windows 2000, XP, 2003, Vista, 7, and 8 is "C:\Program Files".
Note: %APPDATA% refers to a variable location that is determined by the malware by querying the operating system. The default location for the Application Data folder for Windows 2000, XP, and 2003 is "C:\Documents and Settings\<user>\Application Data". For Windows Vista, 7, and 8, the default location is "C:\Users\<user>\AppData\Roaming".
It also creates an entry in the <start menu> called "PriceGong", which contains links to the program's website, help information, and the software's uninstaller, as follows:
Note: <start menu> refers to a variable location that is determined by the software by querying the operating system. The default location for the Start Menu folder for Windows 2000, XP, and 2003 is "C:\Documents and Settings\<user>\Start Menu" or "C:\Users\<user>\Start Menu". For Windows Vista, 7, and 8, the default location is "C:\Users\<user name>\AppData\Roaming\Microsoft\Windows\Start Menu".
Adware:Win32/PriceGong installs itself as a BHO (browser helper object), which can be seen in Internet Explorer's Manage Add-ons window, as in the following screenshot:
Adware:Win32/PriceGong creates an installation entry in the Programs and Features section of the Control Panel, as follows:
Running this uninstaller removes Adware:Win32/PriceGong from your computer.
Execution
Once installed, Adware:Win32/PriceGong displays offers to you as you browse the Internet, as in the following example:
These offers are presented in separate windows that sit outside of your normal web browser window.
Analysis by Michael Johnson
Last update 24 January 2013
