Virus when clicking the toast - Printable Version
-Shoutbox (https://shoutbox.menthix.net)
+-- Forum: MsgHelp Archive (/forumdisplay.php?fid=58)
+--- Forum: Messenger Plus! for Live Messenger (/forumdisplay.php?fid=4)
+---- Forum: WLM Plus! Help (/forumdisplay.php?fid=12)
+----- Thread: Virus when clicking the toast (/showthread.php?tid=67175)
Virus when clicking the toast by Chancer on 10-10-2006 at 03:58 PM
Guys, everytime I click a toast, my antivirus warn me about this file:
code:
C:\WINDOWS\Downloaded Program Files\gbieh.dll
is it a Plus! file? may I delete it?
RE: Virus when clicking the toast by Chris4 on 10-10-2006 at 04:10 PM
quote:http://www.file.net/process/gbieh.dll.html
Description: File gbieh.dll is located in a subfolder of C:\Windows (typically C:\WINDOWS\Downloaded Program Files\). Known file sizes on Windows XP are 134144 bytes (26% of all occurrence), 104448 bytes, 113664 bytes, 122368 bytes, 80384 bytes, 156200 bytes, 79872 bytes, 121344 bytes, 117248 bytes.
This .dll file is a Browser Helper Object (BHO) that runs automatically every time you start your Internet browser. BHOs are not stopped by personal firewalls, because they are identified by the firewall as your browser itself. BHOs are often used by adware and spyware. The unique ID of this BHO is C41A1C0E-EA6C-11D4-B1B8-444553540000. The program is not visible. File gbieh.dll is able to monitor Internet browser. File gbieh.dll is not a Windows system file. gbieh.dll is able to record inputs, manipulate other programs. Therefore the technical security rating is 58% dangerous, however also read the users reviews.
http://www.google.co.uk/search?hl=en&q=gbieh.dll&meta=
Yes, delete the file when the popup appears with your anti-virus, then make sure the file has been removed from C:\WINDOWS\Downlaoded Program Files\, then run a complete search with your anti-virus (making sure it's updated before you sure).
RE: Virus when clicking the toast by Chancer on 10-10-2006 at 04:29 PM
yeah...i fond somethins on the internet.
it's a security file for online banking.
it's a complement for IE (which I dont know why the hell I cant deactivate, grrr)
i'm not able to delete the file...even on safety mode!!
RE: Virus when clicking the toast by Adeptus on 10-10-2006 at 04:57 PM
You can disable BHOs in IE with Tools -> Manage Add-ons. Once you disable it and restart IE, you should then be able to delete the file.
Of course, if it is malware of some sort, it may have installed something else to prevent such easy removal.
RE: Virus when clicking the toast by Chancer on 10-10-2006 at 07:37 PM
Adeptus, i was ttrying to do that, but everytime i restarted ID the add-on was activated again.....
But now it's fine...I have no idea of how, but "it's not a virus anymore"
it seems that the file had been updated...
I just dont know why the hell it happened with msgplus!...
RE: Virus when clicking the toast by Sam Spade on 10-11-2006 at 01:52 PM
quote:
Originally posted by Chancer
Adeptus, i was ttrying to do that, but everytime i restarted ID the add-on was activated again.....
But now it's fine...I have no idea of how, but "it's not a virus anymore"
it seems that the file had been updated...
I just dont know why the hell it happened with msgplus!...
That file has been associated with a password stealing trojan. If that is the case, deleting that one file is not sufficient.
Check for the existence of the following CLSID:
C41A1C0E-EA6C-11D4-B1B8-444553540000
http://www.daniweb.com/techtalkforums/thread7655.html
http://www.sophos.com/virusinfo/analyses/trojbamerb.html
RE: Virus when clicking the toast by Menthix on 10-11-2006 at 02:39 PM
quote:Just tested to make sure, it's not a file from Messenger Plus! ot the sponsor.
Originally posted by Chancer
is it a Plus! file?
Did you download any scripts for Messenger Plus and if so, which ones?