[Full-Disclosure] tvm.exe / poll each.exe / blehdefyreal toolbar
Andrew Clover
and-bugtraq at doxdesk.com
Thu Jun 10 00:14:27 BST 2004
mark at edwards.org wrote:
> Anybody know about some trojan(s) that spawn a "tvm.exe" process
Probably the recent new TVMedia variant.
> inserts a "blehdefyreal" toolbar into IE
There are a few parasites that use such random names. This is likely lop.
> and hijacks the IE homepage to point to allaboutsearching.com?
This is definitely lop.
> This thing also opens pop-ups pointing to this page:
> http://69.20.62.53/yyy3.html
That's Look2Me.
The likelihood is you have *many* parasites installed. Ad-Aware and
Spybot may be able to remove a lot, but if you're massively infected a
reinstall may indeed be easier/safer.
--
Andrew Clover
mailto:and at doxdesk.com
http://www.doxdesk.com/
Full-Disclosure is hosted and sponsored by Secunia.