ATP (goldensunset.exe)

ATP (goldensunset.exe) is an adware bundler that installs other adware with itself like Adware-NetPals (Favoriteman). Favoriteman installs installs itself as a Browser Helper Object and attempts to contact remote servers to download new executable content.

General information:

Malware Name: ATP (goldensunset.exe)
Malware Type: Adware Bundler
Company Name: teamtaylormade.com
Company URL: http://www.teamtaylormade.com/
Threat Level: Low Risk
Operating System: WIN XP
Installation Type: Installed through EXE
Operation: Time of After Installation

Company Description:

teamtaylormade.com provides you the software ATP (goldensunset.exe) that is a beautiful golden sunset over a rippling body of water not only shows the peaceful flowing water but the rising mist reflecting in the sun.

Spyware Description:

ATP (goldensunset.exe) is an adware bundler that installs other adware with itself like Adware-NetPals (Favoriteman). Favoriteman installs installs itself as a Browser Helper Object and attempts to contact remote servers to download new executable content.

Characteristics/Symptoms:

    -> It installs other adware with itself like Adware-NetPals (Favoriteman). -> Favoriteman installs installs itself as a Browser Helper Object and attempts to contact remote servers to download new executable content.

Additional information might be found here:

google Search at Google for ATP (goldensunset.exe)
bing Search at Bing for ATP (goldensunset.exe)
yahoo Search at Yahoo for ATP (goldensunset.exe)

Processes Running:

Golden Sunset.scr

File information Created after Installation:

File Location Size (Bytes) Type
C:\Documents and Settings\[USER]\Local Settings\Temp\42odhr0b.exe 55296 Application
C:\WINDOWS\system32\Golden Sunset.scr 1051646 Screen Saver

Folder information Created after Installation:

Folder Location

Registry information Created after Installation:

Main Registry Key Sub Registry Key Key Value Name
HKEY_CLASSES_ROOT \CLSID\{00000EF1-0786-4633-87C6-1AA7A44296DA}
HKEY_CLASSES_ROOT \CLSID\{00000EF1-0786-4633-87C6-1AA7A44296DA}\InprocServer32 ThreadingModel
HKEY_LOCAL_MACHINE \SOFTWARE\Classes\F1.Organizer