RE: [Full-Disclosure] tvm.exe / poll each.exe / blehdefyreal toolbar
Date: Wed Jun 09 2004 - 03:28:33 EDT
Try cwshredder.
http://www.spywareinfo.com/~merijn/index.html
Cheers
z
-----Original Message-----
From: full-disclosure-admin@lists.netsys.com
[mailto:full-disclosure-admin@lists.netsys.com] On Behalf Of mark
Sent: Wednesday, 9 June 2004 3:51 PM
To: full-disclosure@lists.netsys.com
Subject: [Full-Disclosure] tvm.exe / poll each.exe / blehdefyreal
toolbar
Anybody know about some trojan(s) that spawn a "tvm.exe" process, a
"poll each.exe" process, inserts a "blehdefyreal" toolbar into IE, and
hijacks the IE homepage to point to allaboutsearching.com? This thing
also opens pop-ups pointing to this page:
If the registry entries related to these processes are deleted then they
keep being recreated.
What is it? And how does one remove it?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Wed Jun 09 04:01:39 2004
This archive was generated by hypermail 2.1.8 : Wed Jun 09 2004 - 04:02:21 EDT
