Virus when clicking the toast |
Author: |
Message: |
Chancer
Senior Member
Posts: 648 Reputation: 7
35 / /
Joined: May 2005
Status: Away
|
O.P. Virus when clicking the toast
Guys, everytime I click a toast, my antivirus warn me about this file:
code: C:\WINDOWS\Downloaded Program Files\gbieh.dll
is it a Plus! file? may I delete it?
|
|
10-10-2006 03:58 PM |
|
|
Chris4
Elite Member
Posts: 4461 Reputation: 84
33 / /
Joined: Dec 2004
|
RE: Virus when clicking the toast
quote: Description: File gbieh.dll is located in a subfolder of C:\Windows (typically C:\WINDOWS\Downloaded Program Files\). Known file sizes on Windows XP are 134144 bytes (26% of all occurrence), 104448 bytes, 113664 bytes, 122368 bytes, 80384 bytes, 156200 bytes, 79872 bytes, 121344 bytes, 117248 bytes.
This .dll file is a Browser Helper Object (BHO) that runs automatically every time you start your Internet browser. BHOs are not stopped by personal firewalls, because they are identified by the firewall as your browser itself. BHOs are often used by adware and spyware. The unique ID of this BHO is C41A1C0E-EA6C-11D4-B1B8-444553540000. The program is not visible. File gbieh.dll is able to monitor Internet browser. File gbieh.dll is not a Windows system file. gbieh.dll is able to record inputs, manipulate other programs. Therefore the technical security rating is 58% dangerous, however also read the users reviews.
http://www.file.net/process/gbieh.dll.html
http://www.google.co.uk/search?hl=en&q=gbieh.dll&meta=
Yes, delete the file when the popup appears with your anti-virus, then make sure the file has been removed from C:\WINDOWS\Downlaoded Program Files\, then run a complete search with your anti-virus (making sure it's updated before you sure).
This post was edited on 10-10-2006 at 04:14 PM by Chris4.
|
|
10-10-2006 04:10 PM |
|
|
Chancer
Senior Member
Posts: 648 Reputation: 7
35 / /
Joined: May 2005
Status: Away
|
O.P. RE: Virus when clicking the toast
yeah...i fond somethins on the internet.
it's a security file for online banking.
it's a complement for IE (which I dont know why the hell I cant deactivate, grrr)
i'm not able to delete the file...even on safety mode!!
|
|
10-10-2006 04:29 PM |
|
|
Adeptus
Senior Member
Posts: 732 Reputation: 40
Joined: Oct 2005
|
RE: Virus when clicking the toast
You can disable BHOs in IE with Tools -> Manage Add-ons. Once you disable it and restart IE, you should then be able to delete the file.
Of course, if it is malware of some sort, it may have installed something else to prevent such easy removal.
|
|
10-10-2006 04:57 PM |
|
|
Chancer
Senior Member
Posts: 648 Reputation: 7
35 / /
Joined: May 2005
Status: Away
|
O.P. RE: Virus when clicking the toast
Adeptus, i was ttrying to do that, but everytime i restarted ID the add-on was activated again.....
But now it's fine...I have no idea of how, but "it's not a virus anymore"
it seems that the file had been updated...
I just dont know why the hell it happened with msgplus!...
|
|
10-10-2006 07:37 PM |
|
|
Sam Spade
Junior Member
<Insert inspirational comment here>
Posts: 64 Reputation: -9
58 / – / –
Joined: Sep 2004
|
RE: Virus when clicking the toast
quote: Originally posted by Chancer
Adeptus, i was ttrying to do that, but everytime i restarted ID the add-on was activated again.....
But now it's fine...I have no idea of how, but "it's not a virus anymore"
it seems that the file had been updated...
I just dont know why the hell it happened with msgplus!...
That file has been associated with a password stealing trojan. If that is the case, deleting that one file is not sufficient.
Check for the existence of the following CLSID:
C41A1C0E-EA6C-11D4-B1B8-444553540000
http://www.daniweb.com/techtalkforums/thread7655.html
http://www.sophos.com/virusinfo/analyses/trojbamerb.html
|
|
10-11-2006 01:52 PM |
|
|
Menthix
forum admin
Posts: 5537 Reputation: 102
40 / /
Joined: Mar 2002
|
RE: Virus when clicking the toast
quote: Originally posted by Chancer
is it a Plus! file?
Just tested to make sure, it's not a file from Messenger Plus! ot the sponsor.
Did you download any scripts for Messenger Plus and if so, which ones?
|
|
10-11-2006 02:39 PM |
|
|
|