Full Disclosure mailing list archives
Re: tvm.exe / poll each.exe / blehdefyreal toolbar
From: Andrew Clover <and-bugtraq () doxdesk com>
Date: Thu, 10 Jun 2004 08:14:27 +0900
mark () edwards org wrote:
Anybody know about some trojan(s) that spawn a "tvm.exe" process
Probably the recent new TVMedia variant.
inserts a "blehdefyreal" toolbar into IE
There are a few parasites that use such random names. This is likely lop.
and hijacks the IE homepage to point to allaboutsearching.com?
This is definitely lop.
This thing also opens pop-ups pointing to this page:
http://69.20.62.53/yyy3.html
That's Look2Me.The likelihood is you have *many* parasites installed. Ad-Aware and Spybot may be able to remove a lot, but if you're massively infected a reinstall may indeed be easier/safer.
-- Andrew Clover mailto:and () doxdesk com http://www.doxdesk.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- tvm.exe / poll each.exe / blehdefyreal toolbar mark (Jun 08)
- Re: tvm.exe / poll each.exe / blehdefyreal toolbar petard (Jun 09)
- Re: tvm.exe / poll each.exe / blehdefyreal toolbar 404 (Jun 09)
- Re: tvm.exe / poll each.exe / blehdefyreal toolbar Nick FitzGerald (Jun 09)
- Re: tvm.exe / poll each.exe / blehdefyreal toolbar Aaron Gee-Clough (Jun 09)
- Re: tvm.exe / poll each.exe / blehdefyreal toolbar Nick FitzGerald (Jun 09)
- Re: tvm.exe / poll each.exe / blehdefyreal toolbar petard (Jun 09)
- Re: tvm.exe / poll each.exe / blehdefyreal toolbar petard (Jun 09)
- Re: tvm.exe / poll each.exe / blehdefyreal toolbar Andrew Clover (Jun 09)
- <Possible follow-ups>
- RE: tvm.exe / poll each.exe / blehdefyreal toolbar Zach Forsyth (Jun 09)
- Re: tvm.exe / poll each.exe / blehdefyreal toolbar mark (Jun 09)
- Re: tvm.exe / poll each.exe / blehdefyreal toolbar Harlan Carvey (Jun 09)