Goga is a trojan that is executed from a malicious Rich Text Formatted (.rtf) document. Due a security vulnerability, macros are able to execute from a template pointed by a RTF file without notification to the user in Microsoft Word.
Depending on the settings of your F-Secure security product, it will either automatically delete, quarantine or rename the suspect file, or ask you for a desired action.
More scanning & removal options
More information on the scanning and removal options available in your F-Secure product can be found in the Help Center.
You may also refer to the Knowledge Base on the F-Secure Community site for more information.
The macro in the template drops and executes an utility that collects dial-up settings from Windows. This includes the user name and the password. This information is then sent to another web site.
The template is no longer available on the web.
Further information and a fix for the vulnerability is available from Microsoft: https://www.microsoft.com/technet/security/bulletin/MS01-028.asp
F-Secure Anti-Virus detects this trojan with updates published at June 15th, 2001.
Technical Details: Katrin Tocheva, Gergely Erdelyi and Sami Rautiainen, F-Secure; June 2001