Updated: February 13, 2007 11:40:39 AM
Type: Spyware
Version: 1.1.1
Publisher: Visicom Media/focalex
Risk Impact: High
File Names: taf.dll
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP
When Spyware.TAFbar runs, it does the following:
- Creates the following file:
taf.dll (detected as Spyware.TAF, likely to be in %SYSTEM%)
Note: %System% is a variable that refers to the System folder. By default this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
- Creates the following registry keys:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4E7BD74F-2B8D-469E-D4FF-EB2CF4D5FA7D}
HKEY_CURRENT_USER\Software\Dynamic Toolbar\TAF
HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-D4FF-EB2CF4D5FA7D}
HKEY_CLASSES_ROOT\taf.TAF
HKEY_CLASSES_ROOT\CLSID\{4E7BD74F-2B8D-469E-D4FF-EB2CF4D5FA7D}
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\{4E7BD74F-2B8D-469E-D4FF-EB2CF4D5FA7D}
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E7BD74F-2B8D-469E-D4FF-EB2CF4D5FA7D}
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
