Threat Information for "TargetSaver"
| Summary | Top |
- Name: TargetSaver
- Aliases:Trojan.Downloader.TSUpdate.J, Downloader.TSUpdate.j, W32/TSUpdate.j!tr.dldr, Trojan-Downloader.Win32.TSUpdate.p, Uploader-R, TargetSaver (threat-c)
- Date Discovered: 2006-08-16
- Protection Added: 2006-08-17
| Description | Top |
-- Ease of Removal 1: Uses running processes 2: Injects DLLs into running processes 3: File names uniquely generated 4: File contents uniquely generated 5: Creates new unique registry entries -- Damage/Intrusion/Annoyance 1: Autoruns at startup without an option to be disabled 2: Displays targeted popup advertisements [SPYWARE ONLY] -- Propagation/Saturation 1: Bundled with third-party applications [SPYWARE ONLY] 2: Creates new files
| Technical Details | Top |
- Added Directory/File:
FilePath: %COMMONFILESDIR%\tsa\tsl2.exe - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe* MD5: d7b8d16e9be6883b0e43fd4ae90ed09a - Added Directory/File:
FilePath: %TEMPDIR%\GL*.EXE - Added Directory/File:
FilePath: %WINDIR%\w? MD5: 973567b98cdfc147df4e60471d9df072 - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: 050731180c404db42028e8e044aea558 - Added Directory/File:
FilePath: %COMMONFILESDIR%\tsa\ts2.exe - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: 6a87b94c5027d0307cab1906a59a7004 - Added Directory/File:
FilePath: %TEMPDIR%\tsinstall* - Added Directory/File:
FilePath: %COMMONFILESDIR%\tsa - Added Directory/File:
FilePath: %COMMONFILESDIR%\vocabulary - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.dll MD5: 74467045cbfcea0d588f5a2166843307 - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: 12401c4989663bba0fd9fe463a21793e - Added Directory/File:
FilePath: %COMMONFILESDIR%\tsa\tsuninst.exe - Added Directory/File:
FilePath: %COMMONFILESDIR%\class-barrel - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: 8c9040687c7eb237aa458d94dc8784cf - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe* MD5: 9b6af14d4773a8526228980f838b4193 - Added Directory/File:
FilePath: %COMMONFILESDIR%\tsa\tsm2.exe - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: 5d89c1022e687d6793505054eddbe1a7 - Added Directory/File:
FilePath: %ROOTDRIVE%stub*.exe - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: b972bce44a84a999ccd4a086ac3a5ee0 - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: 84579ce8dc4b5e1fc95a4f6cebe8c79e - Added Directory/File:
FilePath: %COMMONFILESDIR%\tsa\tsl.exe - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: d7b8d16e9be6883b0e43fd4ae90ed09a - Added Directory/File:
FilePath: %TEMPDIR%\tsupdate* - Added Directory/File:
FilePath: %SYSTEMDIR%\tsuninst.exe - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: 417499b1a15f4aebbb4326f4d2ece123 - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: 8a1b3de3659fbee9e114629bd621bcff - Added Directory/File:
FilePath: %TEMPDIR%\ts*.exe - Added Directory/File:
FilePath: %COMMONFILESDIR%\tsa\rainbow\classify.dll - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.dll MD5: 52051b4d873159aa1f32eb39f284eb53 - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: a8facb4e97fbe8942b5ee3845d650ee3 - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: 17bc9aa337c706ebe515df7ecfcae6e2 - Added Directory/File:
FilePath: %COMMONFILESDIR%\tsa\tsp2.exe - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.lck - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe MD5: 367f3948b096b05d5ba82b60765d6fa6 - Added Directory/File:
FilePath: %COMMONFILESDIR%\?????.exe* MD5: 4ee62a126582a183be42269722920c81 - Added Registry Key:
Key: HKLM\SOFTWARE\TSA - Added Registry Key:
Key: HKLM\%CURRENTVERSIONREG%\Uninstall\TSL Installer - Added Registry Key:
Key: HKCU\Software\tsl2 - Added Registry Key:
Key: HKCU\Software\TSA - Added Registry Key:
Key: HKLM\%CURRENTVERSIONREG%\Uninstall\TSA - Added Registry Value:
Key: HKCU\%CURRENTVERSIONREG%\Run Value: Tsa2
