Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

e2give malware

Feb 8, 2004 12:54AM PST

I run spybot search and destroy 261 with the latest update, it didn't find any...

Then I run Adaware 6.181, it found e2give malware.

Why spybot didn't catch it (I think, its an old malware)

Meanwhile I see e2give in the spywareblaster list.. and should be block(?) but why it is still being installed in my PC?

How do I clean e2give? Is it enough to let adaware fix it?

Thank You for any explanation and information.

Discussion is locked

- Collapse -
Re:e2give malware
Feb 8, 2004 12:59AM PST

Description

E2Give is an Internet Explorer Browser Helper Object that redirects accesses to web merchants in order to claim their affiliate fees.
Variants

E2Give/E2GBHO is an early version distributed form December 2002. Its main file is e2gbho.dll, stored in an 'E2Give' folder in Program Files.

E2Give/IeBHOs is a newer variant, main file iechos.dll, stored in a folder called 'E2G' in the root of the C: drive.
Distribution

Installed by ActiveX drive-by download, believed to be used in pop-up advertisements.
What it does
Advertising

No.
Privacy violation

Not known.
Security issues

Not known.
Stability problems

No, though it can make opening new Windows Explorer windows very slow.

More info and Manual Removal of e2give at http://www.doxdesk.com/parasite/E2Give.html

Why spybot didn't catch it (I think, its an old malware)

Meanwhile I see e2give in the spywareblaster list.. and should be block(?) but why it is still being installed in my PC?


Maybe there's a new variant for e2give that is why it was not detected or caught by SSD or SpywareBlaster.

HTH

- Collapse -
Re:e2give malware
Feb 8, 2004 1:08AM PST

Spybot also has E2Give in its definitions since July 17, 2003 http://spybotsd.net-integration.net/spybotreports/07202003.html

Maybe it's a new variant?? It is a Browser Helper Object.

Have a look if you can find this file:

X {3643ABC2-21BF-46B9-B230-F247DB0C6FD6}: IeBHOs.dll - E2Give

http://www.spywareinfo.com/bhos/

Description
E2Give is an Internet Explorer Browser Helper Object that redirects accesses to web merchants in order to claim their affiliate fees.

Variants
E2Give/E2GBHO is an early version distributed form December 2002. Its main file is e2gbho.dll, stored in an 'E2Give' folder in Program Files.

E2Give/IeBHOs is a newer variant, main file iechos.dll, stored in a folder called 'E2G' in the root of the C: drive.

http://www.doxdesk.com/parasite/E2Give.html

- Collapse -
Thank you for the information
Feb 8, 2004 1:27AM PST

I think I managed to remove it or atleast Adaware get rid of it.

Then I did search for any .dll file and registry key you mention.. didn't find any.

I guess SSD and Spywareblaster lag behind adaware on this one.

Anyway, thank you again for the info.

- Collapse -
(NT) Gakada - You're Welcome - Glad WE could help :)
Feb 8, 2004 1:34AM PST

.