GLB1A2B.EXE

Discussion in 'Trojan Defence Suite' started by Spray-on Dust, Dec 13, 2004.

Thread Status:
Not open for further replies.
  1. Spray-on Dust

    Spray-on Dust Registered Member

    Joined:
    Dec 6, 2004
    Posts:
    51
    Hey guys. I'm taking a chance on whether is the right forum or not. It was a toss up between this and the PG forum. (Btw, I recently installed PG and I love it. Awesome work. I'll be purchasing it when I have the funds.)

    So I recently downloaded Adaware 6 and after doing so, realized that Adaware SE was now the current version. So I uninstalled Adaware 6 and installed SE. Then, as I'm looking through the Security tab in PG I see this glb1a2b.exe and right away I get the feeling it shouldn't be there. Mainly because the filename looked really bizarre. I googled the file and came up with tons of conflicting reports dating back about 4 years. Some say it's nothing and that it's a leftover from a bad install/un-install from Adaware and some say it's a trojan/virus/worm hybrid. More info on that here: http://groups-beta.google.com/group...LB1A2B.exe&hl=en&lr=&ie=UTF-8&oe=UTF-8&rnum=1
    Well in PG, it's priveladges were set to 'always allow' so I just went and set it to deny always. Then I just removed it completely, to see if and when it shows up again. (I ran Adware ((in protected mode))and I recieved no alerts.) Except for an alert telling me that Adaware was denied of trying to terminate the smss.exe process, but that's another story.

    So, (this is where TDS comes in) I'm wondering what I should do about this file if and when I do a scan and it comes up with this file or others. I haven't performed a scan yet because it takes quite a while and i'm eager to know what this is. I'd love to hear anything you know about this file. Thanks much.
     
  2. Pilli

    Pilli Registered Member

    Joined:
    Feb 13, 2002
    Posts:
    6,217
    Location:
    Hampshire UK
    Hi Spray - on - Dust, If you want to be certain that the file is clean then please submit a zipped copy to submit@diamondcs.com.au for analysis.

    HTH Pilli
     
Thread Status:
Not open for further replies.