Search:       

Tuesday, 7 October 2008       

Unclassified.Spyware.Loader Spyware/Adware Definition


Name: Unclassified.Spyware.Loader
Category: Spyware
Advice: Remove
Risk: Elevated Risk Elevated threats are usually threats that fall into the range of adware in which data about a user's habits are tracked and sent back to a server for analysis without your consent or knowledge.
Description: Spyware.Loader is spyware that is set to automatically start when Windows loads up by hiding itself in a number of different startup locations.

Startup registry keys are a number of registry entries in the Window's registry that store paths to applications on your computer. Applications that are listed in any of these registry keys and are loaded automatically when Windows boots up. These keys generally apply to Windows 95, 98, ME, NT, 2000, XP, and 2003.

Registry Local Machine Run
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun
Any application path placed in this location will start when any user logs into Windows. These are the most common startup locations for programs to install auto start from. By default these keys are not executed in Safe mode. If you prefix the value of these keys with an asterisk, *, is will run in Safe Mode.

Registry Current User Run
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun
Any application path placed in this location will start when the current user for this key logs into Windows. These are the most common startup locations for programs to install auto start from. By default these keys are not executed in Safe mode. If you prefix the value of these keys with an asterisk, *, is will run in Safe Mode.

Registry Local Machine RunOnce
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOnce
Any application path placed in this location will start when any user logs into Windows. These keys are designed to be used primarily by Setup programs. Entries in these keys are started once and then are deleted from the key. If there a exclamation point preceding the value of the key, the entry will not be deleted until after the program completes, otherwise it will be deleted before the program runs. This is important, because if the exclamation point is not used, and the program referenced in this key fails to complete, it will not run again as it will have already been deleted. All entries in this key are started synchronously in an undefined order. Due to this, all programs in this key must be finished before any entries in HKEY_LOCAL_MACHINE...Run, HKEY_CURRENT_USER...Run, HKEY_CURRENT_USER...RunOnce, and Startup Folders can be loaded.

Registry Current User RunOnce
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunOnce
Any application path placed in this location will start when the current user for this key logs into Windows. These keys are designed to be used primarily by Setup programs. Entries in these keys are started once and then are deleted from the key. If there a exclamation point preceding the value of the key, the entry will not be deleted until after the program completes, otherwise it will be deleted before the program runs. This is important, because if the exclamation point is not used, and the program referenced in this key fails to complete, it will not run again as it will have already been deleted. All entries in this key are started synchronously in an undefined order. Due to this, all programs in this key must be finished before any entries in HKEY_LOCAL_MACHINE...Run, HKEY_CURRENT_USER...Run, HKEY_CURRENT_USER...RunOnce, and Startup Folders can be loaded.

Registry Local Machine RunOnceEx
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunOnceEx

Registry Current User RunOnceEx
HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRunOnceEx

Registry Local Machine RunServicesOnce
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRunServicesOnce

Registry Local Machine RunServices
HKEY_LOCAL_MACHINESOFT
Signatures: process: sstb.exe: MD5 Hash: a80a1bd32724770b1ab... process: winxpdll32.exe: MD5 Hash: 4fe942461b2e118f9b5... process: winupdtl.exe: MD5 Hash: 82d1497868bc659e384... process: aaupdt.exe: MD5 Hash: 0d71a26f19ce5e36112... process: grwinsthlp.exe: MD5 Hash: b409f5ea90cbdaf38f4... process: infolog.exe: MD5 Hash: f72beca06f39362bae1..
Type: Spyware - Spyware's primary purpose is to collect demographic and usage information from your computer, usually for advertising purposes. Spyware usually that 'sneaks' onto a system or performs other activities hidden to the user. Spyware programs are usually bundled as a hidden component and downloaded from the Internet. These modules are almost always installed on the system secretively and try to run secretively as well.


Top Spyware Visited Pages:
007.2Search
007.msnnames
00Sub7_20
Advanced Email Monitoring
AlwaysUpdateNews
ATLEvents.BHO
ATPartners
Aureate
Axexx CHM
Banker.TU
Bridge/WinFavorites
Brodcast DSSAGENT
C2.Lop
CommonSearch VCatch
Conducent

 

Main Menu
Home
Top Downloads
New Programs
Awards
Submit
Link to us
Spyware Definitions
Viruses Info
Recipes
Jokes
Contact us

Spyware Categories
  Adware
  Adware Bundler
  AOL Exploit
  Backdoor
  Browser Hijacker
  Browser Plug-in
  Commercial Key Logger
  Commercial Remote Control
  Cookie
  Dialer
  E-Mail Flooder
  Hostile ActiveX Control
  ICQ Exploit
  Joke Program
  Key Logger
  Loader
  Low Risk Adware
  Misc
  Nuker
  P2P
  Password Hijacker
  Potential Privacy Risk
  Potentially dangerous utilities/tools
  RAT
  Search Hijacker
  Security Disabler
  Spyware
  Stealth Notifier
  Surveillance
  Toolbar
  Trojan
  Trojan Downloader
  Trojan FTP
  Trojan Telnet
  Viruses
  Worm
 



 

 
- Privacy Policy -