Spyware CLSID

Discussion in 'SpywareBlaster & Other Forum' started by Paragon, Jun 9, 2003.

Thread Status:
Not open for further replies.
  1. Paragon

    Paragon Guest

    This one installed silently (possibly due to IE misconfiguration) so I don't have a screenshot.
    CLSID: 3B99F202-145A-4E5A-AC7B-88A36910BF5E
    Name: e2g Plugin
    Location: C:\E2G\IeBHOs.DLL

    It adds an entry in the Add/Remove programs dialog to remove it
     
  2. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,434
    Location:
    Netherlands
    Hi Paragon,

    Are you sure about the CLSID?
    It sure looks a lot like: O {3643ABC2-21BF-46B9-B230-F247DB0C6FD6}: IeBHOs.dll - E2Give
    I found here: http://www.spywareinfoforum.com/bhos/

    Do you have a sample?

    Regards,

    Pieter
     
  3. Paragon

    Paragon Guest

    Looks like I found a variant. Same spyware, different CLSID. The CLSID was copy & pasted, so it's correct.
    The E2G folder contained only a merchants.txt file, and the DLL file. Is this what you mean by a sample?
    I don't see the option to upload them.
     
  4. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,434
    Location:
    Netherlands
    Hi paragon,

    Could you please send the dll to the e-mailaddress that is in my profile?
    I´ll see to it that the anti-spyware-programmers get a copy.

    TIA,

    Pieter
     
  5. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,434
    Location:
    Netherlands
    Hi Paragon,

    Thank you for all the trouble you went through to get that file to me. I´ll pass it on to the undoubtedly interested parties.

    Regards,

    Pieter
     
  6. Paragon

    Paragon Guest

    No problem. I just hope to see it in the database soon. :)
     
  7. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,434
    Location:
    Netherlands
    Hi Paragon, :)

    I hate to disappoint you, but it already is.
    You must have misread the CLSID somehow. It had the one I mentioned in my first post. o_O

    Regards,

    Pieter
     
  8. Paragon

    Paragon Guest

    Not so. The one it used on my system is the one I posted. I copy & pasted right from my registry.
    And if it's already blocking it, then how did I get it?
     
  9. Pieter_Arntz

    Pieter_Arntz Spyware Veteran

    Joined:
    Apr 27, 2002
    Posts:
    13,434
    Location:
    Netherlands
    Hi Paragon,

    I doublechecked and attached an image of what Reshack tells me.

    Regards,

    Pieter
     

    Attached Files:

Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.