Content
Downloader-ABJ
- Type
- Program
- SubType
- Downloader
- Discovery Date
- 06/02/2005
- Length
- Minimum DAT
- 4505 (06/02/2005)
- Updated DAT
- 5615 (05/14/2009)
- Minimum Engine
- 5.1.00
- Description Added
- 06/02/2005
- Description Modified
- 05/10/2007 3:38 PM (PT)
Tab Navigation
Characteristics
This is not a virus or a trojan. It is detected as a "potentially unwanted program".
This detection is for the PopCap Loader and Updater component from PopCap Games. Generally, the name of this dll is popcaploader.dll. This dll installs itself by creating the following registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\
- MiscStatus\1\: "131473"
- VersionIndependentProgID\: "PopCapLoader.PopCapLoaderCtrl2"
- Version\: "1.0"
- TypeLib\: "{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}"
- ToolboxBitmap32\: "\%DLL_PATH%\popcaploader.dll, 101"
- ProgID\: "PopCapLoader.PopCapLoaderCtrl2.1"
- MiscStatus\: "0"
- InprocServer32\: "\%DLL_PATH%\popcaploader.dll"
- InprocServer32\ThreadingModel: "Apartment"
- : "PopCapLoader Object"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}\:
- "IPopCapLoaderCtrl"
- "_IPopCapLoaderCtrlEvents"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}\1.0\
- 0\win32\: "\%DLL_PATH%\popcaploader.dll"
- HELPDIR\: "%DLL_PATH%"
- FLAGS\: "0"
- "POPCAPLOADERLib"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PopCapLoader.PopCapLoaderCtrl2\
CurVer\: "PopCapLoader.PopCapLoaderCtrl2.1"
- CLSID\: "{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"
- : "PopCapLoader Object"
- CLSID\: "{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"
- : PopCapLoader Object"
where %DLL_PATH% is the path where this dll resides on disk.
Symptoms
Method of Infection
Removal
AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.
Variants
Variants
N/A
All Information
Overview -
Aliases
- Adware/PopCapLoader (Fortinet )
- Downloader-AK (CA eTrust PestPatrol)
- not-a-virus:Downloader.Win32.PopCap.b (Kaspersky)
Characteristics
Characteristics -
This is not a virus or a trojan. It is detected as a "potentially unwanted program".
This detection is for the PopCap Loader and Updater component from PopCap Games. Generally, the name of this dll is popcaploader.dll. This dll installs itself by creating the following registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}\
- MiscStatus\1\: "131473"
- VersionIndependentProgID\: "PopCapLoader.PopCapLoaderCtrl2"
- Version\: "1.0"
- TypeLib\: "{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}"
- ToolboxBitmap32\: "\%DLL_PATH%\popcaploader.dll, 101"
- ProgID\: "PopCapLoader.PopCapLoaderCtrl2.1"
- MiscStatus\: "0"
- InprocServer32\: "\%DLL_PATH%\popcaploader.dll"
- InprocServer32\ThreadingModel: "Apartment"
- : "PopCapLoader Object"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}\:
- "IPopCapLoaderCtrl"
- "_IPopCapLoaderCtrlEvents"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}\1.0\
- 0\win32\: "\%DLL_PATH%\popcaploader.dll"
- HELPDIR\: "%DLL_PATH%"
- FLAGS\: "0"
- "POPCAPLOADERLib"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PopCapLoader.PopCapLoaderCtrl2\
CurVer\: "PopCapLoader.PopCapLoaderCtrl2.1"
- CLSID\: "{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"
- : "PopCapLoader Object"
- CLSID\: "{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}"
- : PopCapLoader Object"
where %DLL_PATH% is the path where this dll resides on disk.
Symptoms
Symptoms -
Method of Infection
Method of Infection -
Removal -
Removal -
AVERT recommends to always use latest DATs and engine. This threat will be cleaned if you have this combination.
Additional Windows ME/XP removal considerations
Variants
Variants -
N/A
