| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: Zach.Forsyth at kiandra.com (Zach Forsyth) Subject: tvm.exe / poll each.exe / blehdefyreal toolbar Try cwshredder. http://www.spywareinfo.com/~merijn/index.html Cheers z -----Original Message----- From: full-disclosure-admin@...ts.netsys.com [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of mark Sent: Wednesday, 9 June 2004 3:51 PM To: full-disclosure@...ts.netsys.com Subject: [Full-Disclosure] tvm.exe / poll each.exe / blehdefyreal toolbar Anybody know about some trojan(s) that spawn a "tvm.exe" process, a "poll each.exe" process, inserts a "blehdefyreal" toolbar into IE, and hijacks the IE homepage to point to allaboutsearching.com? This thing also opens pop-ups pointing to this page: http://69.20.62.53/yyy3.html If the registry entries related to these processes are deleted then they keep being recreated. What is it? And how does one remove it? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists