Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

problems installing malawarebytes and adaware2008


  • Please log in to reply
13 replies to this topic

#1 deepsea

deepsea

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 30 December 2008 - 01:23 PM

Hi all. I'm having problems installing adaware2008 and malawarebytes' antimalware. It gets to the point where it's almost complete (one or two clicks away I'd say) and a little box comes up saying "invalid floating point operation" with a bright red circle with an X cutaway in the middle. This has got me quite suspicious cos the same red circle/x combo was on a spyware(i think) prompt on the lower righthand options box today. I've installed SUPERantispyware and that got rid of the dodgy indian website offering virus scans,etc (although AVG free and windows defender didn't work) I messed around trying to get pctools anti spyware (can't remember the name) which didn't work and so uninstalled.I think something is now blocking me opening these programmes because after removing 868 bugs i had to swith off WEB GUARDIAN LSP to get back online. I'm not particularly comp savvy and am slightly scared of trying lsp-fix. I still think there's a prob cos when i clicked on the lsp fix info the same dodgy flashing window popped up trying to sell me anti virus software. Any help would be apprecaited. SUPERantispyware seems good (compared to AVG and windows defender) but obviously isn't getting the whole lot. Thanx

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,566 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:01:48 PM

Posted 30 December 2008 - 01:35 PM

Hi I am moving this to the "Infected" forum for the time being..
Please post the SAS scan log.
Disable any tools like BOClean and SppyBot if installed and try MBAM again.

Also try this suggestion for MBAM.
Some types of malware will disable MBAM and other security tools. If MBAM will not install, try renaming it. Right-click on the mbam-setup.exe file and change the .exe extension to .bat, .com, .pif, or .scr and then double-click on it to run.

If after installation, MBAM will not run, open the Malwarebytes' Anti-Malware folder in Program Files, right-click on mbam.exe and change the .exe as noted above. Then double-click on it to run.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 deepsea

deepsea
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 31 December 2008 - 05:12 AM

Hi boopme, thanks for replying so quick. I'm gonna do as you suggested regarding the .exe options. I don't know what the SAS scan is or how to do ith though. Can you tell me how to do this please? many thanks

#4 deepsea

deepsea
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 31 December 2008 - 07:20 AM

Hi. I ran malawarebytes from the icons i downloaded yesterday. No idea why they suddenly started working but i'll take all the help i can get. I've been on justin.tv a lot wathching streaming and getting lots of AVG trojan warnings ( i click heal). MBAM got 40 or so bugs. I'm wondering about a firewall. ZONEALARM? AVG seems to inform me of threats but not sure if this is firewall or not. How do I check? If you don't reply anytume I'll understand - it's new years after all!!!!
Happy Hogmanay and best wishes for the new year :thumbsup:

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,073 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:48 PM

Posted 31 December 2008 - 08:33 AM

Please post the results of your MBAM scan for review.

To retrieve the MBAM scan log information, launch MBAB.
• Click the Logs Tab at the top.
mbam-log-2008-10-12(13-35-16).txt should show in the list. <- your dates will be different from this exampe
• Click on the log name to highlight it.
• Go to the bottom and click on Open.
• The log should automatically open in notepad as a text file.
• Go to Edit and choose Select all.
• Go back to Edit and choose Copy or right-click on the highlighted text and choose copy from there.
• Come back to this thread, click Add Reply, then right-click and choose Paste.

Understanding and Using Firewalls

Before installing a 3rd-party firewall, make sure you turn off the the Windows firewall. For instructions with screenshots, see How to turn off the Windows Firewall in SP2 or How to turn on or off the Windows Vista Firewall.

Using two software firewalls on a single computer could cause issues with connectivity to the Internet or other unexpected behavior. Further, running multiple software firewalls can cause conflicts that are hard to identify and troubleshoot. Only one of the firewalls can receive the packets over the network and process them. Sometimes you may even have a conflict that causes neither firewall to protect your connection. However, you can use a hardware firewall (your router) and a software firewall (Kerio or ZoneAlarm) in conjunction. For more information see:

Choosing a firewall is a matter of personal preference, your technical ability/experience, features offered, the amount of resources utilized, how it may affect system performance and what will work best for your system. A particular firewall that works well for one person may not work as well for another. You may need to experiment and find the one most suitable for your use.

Free firewalls:
Comodo Free Firewall
Online Armor Free
Zone Alarm Free Basic Firewall
PC Tools Firewall Plus
Ashampoo FireWall Free
Outpost Firewall Free
Kerio Personal Firewall (available in a full and limited free edition)
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 Triumph Jack

Triumph Jack

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia, PA USA
  • Local time:01:48 PM

Posted 31 December 2008 - 09:35 AM

Hello all.....found this website looking for a solution to my problem.
I am having the same problem as deepsea, unable to run the set-up for Malawarebytes as described by deepsea. Tried the different extensions per boopme's instructions, but does still not work. Same thing happens with Spybot also. Tried in SAFE mode, but no luck.
I know I have the rogue "Real Antivirus" infection and it seems to be affecting my registries. I'm not savvy enough to try and even begin to understand how to reconize & delete the bad registries.
I have not downloaded or run the set-up for "Real Antivirus", so there are no files or programs to find and delete or uninstall.
So far, the infection has:
1) Converted my desktop to all black with a large flashing WARNING window in the middle telling me in broken English that my computer is infected with many viruses. All my Icons are still there though and usable. It also locked my desktop in this mode and am unable to change it.
2) Creates bullbleep "Your Infected Banners" appear over any and all websites I visit. Sometimes all the text on the screen is converted to red. Will sometimes misdirect me to their web site when clicking links.
3) Prevents me from accessing Task Manager with the message that this action has been disabled by the administrator.
4) Prevents me from restoring my computer to an earlier point. Windows goes thru the motions of a system restore, but after reboot, says it was unable to do so.
This thing is a nasty little bugger and has refuted all my amateur attemts to get rid of it.
My only choices seem to be is to find instructions here or to have a McAfee tech go in remotely and try to get rid of it.
I'm not crazy about letting McAfee in. They want to charge $90 on top of what I already pay for the subcription even though they let it in. In fact, I did a full scan after I was infected and it still can't find it. I'm not confident the tech would be able to fix it anyway....probally waste hours of my time and in the end would want to do a reformat.
I am running XP Media Center Edition with all the latest security & service packs.
Any help anyone can provide will be greatly appreciated.......Thanks

#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,073 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:48 PM

Posted 31 December 2008 - 09:46 AM

Welcome to BC Triumph Jack

If you have an issue or problem you would like to discuss, please start your own topic. Doing that will help to avoid the confusion that often occurs when trying to help two or more members at the same time in the same thread. Even if your problem is similar to the original poster's problem, the solution could be different based on the kind of hardware, software, system requirements, etc. you are using and the presence of other malware. Further, posting for assistance in someone else's topic is not considered proper forum etiquette.

Thanks for your cooperation.
The BC Staff
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 deepsea

deepsea
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 31 December 2008 - 10:01 AM

hey jack. I got rid of the immediate nuisance problem with SUPERantispyware from free-spyware.co.uk. the underlying bug stays though. Malwarebytes seems to have got it but still unsure. no idea why it starting working but is working fine now!?!
my malwarebytes log is:

Malwarebytes' Anti-Malware 1.31
Database version: 1582
Windows 5.1.2600 Service Pack 2

31/12/2008 11:51:10
mbam-log-2008-12-31 (11-51-10).txt

Scan type: Full Scan (C:\|)
Objects scanned: 92973
Time elapsed: 1 hour(s), 35 minute(s), 4 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 31
Registry Values Infected: 8
Registry Data Items Infected: 7
Folders Infected: 0
Files Infected: 17

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a} (Rogue.WinAntivirus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MyWebSearch Email Plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MyWebSearch Email Plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\My Web Search Bar Search Scope Monitor (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Framework Windows (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\activedesktop\NoChangingWallpaper (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSetActiveDesktop (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\MSN Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP531\A0065389.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP531\A0065390.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066358.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066342.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066344.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066346.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066349.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066350.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066351.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066353.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066356.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066357.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066364.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{E449B8C7-AE23-4539-98F7-0AD8ABD9B185}\RP532\A0066365.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Documents and Settings\Steph\Local Settings\Temp\mousehook.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

I also did a SUPERantisyware system scan and it had a few questionable files.
These are belolw:

Recognized SAFE Applications and Files Show/Hide Info


Running Applications

ALG.EXE Application Layer Gateway Service More Info
Description
Component of Internet Connection Sharing and Internet Connection Firewall

File Location on your Computer
C:\WINDOWS\SYSTEM32\ALG.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
44544 MD5 Checksum/Fingerprint
F1958FBF86D5C004CF19A5951A9514B7

Company Name
Microsoft Corp. Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
APPLICATION LAYER GATEWAY SERVICE File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
ALG.EXE Original File Name
ALG.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




APPLEMOBILEDEVICESERVICE.EXE APPLE MOBILE DEVICE SERVICE More Info
Description
APPLE MOBILE DEVICE SERVICE

File Location on your Computer
C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
116040 MD5 Checksum/Fingerprint
68277BB887A67D992A81B01710AFF92A

Company Name
APPLE, INC. Company Url/Website


File Version Information Show/Hide Version Information

File Description
APPLE MOBILE DEVICE SERVICE File Version
2.0.28.0
Product Name
APPLE MOBILE DEVICE SERVICE Product Version
2.0.28.0
Internal Name
APPLEMOBILEDEVICESERVICE Original File Name
APPLEMOBILEDEVICESERVICE.EXE
Legal Copyright
© 2007-2008 APPLE INC. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




AVGAMSVR.EXE AVG Alert Manager More Info
Description
Alert manager for AVG Anti-Virus System

File Location on your Computer
C:\PROGRA~1\GRISOFT\AVG7\AVGAMSVR.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
418816 MD5 Checksum/Fingerprint
3C7B93F947355E374A49564D0D017B7B

Company Name
GRISOFT, s.r.o. Company Url/Website
www.grisoft.com

File Version Information Show/Hide Version Information

File Description
AVG ALERT MANAGER File Version
7.5.0.496
Product Name
AVG ANTI-VIRUS SYSTEM Product Version
7.5.0.496
Internal Name
AVGAMSVR Original File Name
AVGAMSVR.EXE
Legal Copyright
COPYRIGHT © 2007 GRISOFT, S.R.O. Legal Trademarks

Private Build
WIN32 RELEASE Special Build
AVGVC71_2007_1007_203447(496), SVNREV 61671 (/TRUNK)



AVGCC.EXE AVG Control Center More Info
Description
Control Center AVG Anti-Virus System

File Location on your Computer
C:\PROGRA~1\GRISOFT\AVG7\AVGCC.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
590848 MD5 Checksum/Fingerprint
F1B42DE29AF84F24FB59989805B1B62D

Company Name
GRISOFT, s.r.o. Company Url/Website
www.grisoft.com

File Version Information Show/Hide Version Information

File Description
AVG CONTROL CENTER File Version
7.5.0.545
Product Name
AVG ANTI-VIRUS SYSTEM Product Version
7.5.0.545
Internal Name
AVGCC Original File Name
AVGCC.EXE
Legal Copyright
COPYRIGHT © 2008 GRISOFT, S.R.O. Legal Trademarks

Private Build
WIN32 RELEASE Special Build
AVGVC71_2008_0912_151358(545), SVNREV 83847 (/BRANCHES/STABLE_UPGRADER)



AVGEMC.EXE AVG E-Mail Scanner More Info
Description
Scans e-mail for viruses. Part of the AVG Anti-Virus System

File Location on your Computer
C:\PROGRA~1\GRISOFT\AVG7\AVGEMC.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
406528 MD5 Checksum/Fingerprint
FC0B2AE890BB0DC8C2306DABEDC8A4BA

Company Name
GRISOFT, s.r.o. Company Url/Website
www.grisoft.com

File Version Information Show/Hide Version Information

File Description
AVG E-MAIL SCANNER File Version
7.5.0.510
Product Name
AVG ANTI-VIRUS SYSTEM Product Version
7.5.0.510
Internal Name
AVGEMC Original File Name
AVGEMC.EXE
Legal Copyright
COPYRIGHT © 2007 GRISOFT, S.R.O. Legal Trademarks

Private Build
WIN32 RELEASE Special Build
AVGVC71_2007_1203_115056(510), SVNREV 65831 (/TRUNK)



AVGUPSVC.EXE AVG Update Service More Info
Description
AVG 7.0 Anti-Virus System

File Location on your Computer
C:\PROGRA~1\GRISOFT\AVG7\AVGUPSVC.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
49664 MD5 Checksum/Fingerprint
30A14F65DB477DC00A64A5A24E96919C

Company Name
GRISOFT, s.r.o. Company Url/Website
www.grisoft.com

File Version Information Show/Hide Version Information

File Description
AVG UPDATE SERVICE File Version
7.5.0.420
Product Name
AVG 7.5 ANTI-VIRUS SYSTEM Product Version
7.5.0.420
Internal Name
AVGUPSVC Original File Name
AVGUPDSVC.EXE
Legal Copyright
COPYRIGHT © 2006 GRISOFT, S.R.O. Legal Trademarks

Private Build
WIN32 RELEASE Special Build
AVGVC71_2006_0925_211033(420), SVNREV 47263 (/TRUNK)



CSRSS.EXE Client/Server Subsystem More Info
Description
Handles various Windows run-time operations

File Location on your Computer
C:\WINDOWS\SYSTEM32\CSRSS.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
6144 MD5 Checksum/Fingerprint
F12B178B1678D778CFD3FF1FC38C71FB

Company Name
Microsoft Corp Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
CLIENT SERVER RUNTIME PROCESS File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
CSRSS.EXE Original File Name
CSRSS.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




CTFMON.EXE CTF Loader - Part of Microsoft Office XP More Info
Description
The CTF Loader is part of Microsoft Office XP. It is used to activate the Language Bar (voice recognition).

File Location on your Computer
C:\WINDOWS\SYSTEM32\CTFMON.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
15360 MD5 Checksum/Fingerprint
24232996A38C0B0CF151C2140AE29FC8

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
CTF LOADER File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
CTFMON Original File Name
CTFMON.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




EXPLORER.EXE Microsoft Windows Explorer More Info
Description
Explorer is used to view folders and files in Microsoft Windows.

File Location on your Computer
C:\WINDOWS\EXPLORER.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
1033216 MD5 Checksum/Fingerprint
97BD6515465659FF8F3B7BE375B2EA87

Company Name
Microsoft Corp Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
WINDOWS EXPLORER File Version
6.00.2900.3156 (XPSP_SP2_GDR.070613-1234)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
6.00.2900.3156
Internal Name
EXPLORER Original File Name
EXPLORER.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




EZSP_PX.EXE ezShieldProtector for Px More Info
Description
Used by Easy Systems Japan CD and DVD writing software

File Location on your Computer
C:\WINDOWS\SYSTEM32\EZSP_PX.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
40960 MD5 Checksum/Fingerprint
2849ED071A0D83406BDA342AA767F24E

Company Name
Easy Systems Japan Company Url/Website
www.easy.co.jp

File Version Information Show/Hide Version Information

File Description
EZSP_PX MFC APPLICATION File Version
1, 0, 0, 0
Product Name
EZSP_PX APPLICATION Product Version
1, 0, 0, 0
Internal Name
EZSP_PX Original File Name
EZSP_PX.EXE
Legal Copyright
COPYRIGHT © 2002 EASY SYSTEMS JAPAN LTD. Legal Trademarks

Private Build
1014 Special Build
1014



IEXPLORE.EXE Microsoft Internet Explorer More Info
Description
Microsoft Internet Explorer (Browser)

File Location on your Computer
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
633632 MD5 Checksum/Fingerprint
9D3DB9ADFABD2F0BC778EC03250A3ABB

Company Name
Microsoft Corp Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
INTERNET EXPLORER File Version
7.00.6000.16762 (VISTA_GDR.081013-1507)
Product Name
WINDOWS® INTERNET EXPLORER Product Version
7.00.6000.16762
Internal Name
IEXPLORE Original File Name
IEXPLORE.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




IPODSERVICE.EXE iPodService Module. More Info
Description
iPodService Module. Installed with IPod software package.

File Location on your Computer
C:\PROGRAM FILES\IPOD\BIN\IPODSERVICE.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
532264 MD5 Checksum/Fingerprint
B510D6665EA4562797187F18094A040E

Company Name
Apple Computer, Inc. Company Url/Website
www.apple.com

File Version Information Show/Hide Version Information

File Description
IPODSERVICE MODULE File Version
7.7.0.43
Product Name
ITUNES Product Version
7.7.0.43
Internal Name
IPODSERVICE Original File Name
IPODSERVICE.EXE
Legal Copyright
© 2003-2008 APPLE INC. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




ITUNESHELPER.EXE iTunesHelper Module More Info
Description
Part of iTunes/IPod install package.

File Location on your Computer
C:\PROGRAM FILES\ITUNES\ITUNESHELPER.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
289064 MD5 Checksum/Fingerprint
12577ED7558A642C53C959E72FF2455F

Company Name
Apple Computer, Inc. Company Url/Website
www.apple.com

File Version Information Show/Hide Version Information

File Description
ITUNESHELPER MODULE File Version
7.7.0.43
Product Name
ITUNES Product Version
7.7.0.43
Internal Name
ITUNESHELPER Original File Name
ITUNESHELPER.EXE
Legal Copyright
© 2003-2008 APPLE INC. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




LSASS.EXE Local Security Authority Service More Info
Description
Handles security authentication under Microsoft Windows

File Location on your Computer
C:\WINDOWS\SYSTEM32\LSASS.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
13312 MD5 Checksum/Fingerprint
84885F9B82F4D55C6146EBF6065D75D2

Company Name
Microsoft Corp Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
LSA SHELL (EXPORT VERSION) File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
LSASS.EXE Original File Name
LSASS.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




MDNSRESPONDER.EXE Apple Bonjour Service for iTunes More Info
Description
Apple Bonjour Service for iTunes

File Location on your Computer
C:\PROGRAM FILES\BONJOUR\MDNSRESPONDER.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
229376 MD5 Checksum/Fingerprint
CFD4C3352E29A8B729536648466E8DF5

Company Name
Apple Computer Company Url/Website
www.apple.com

File Version Information Show/Hide Version Information

File Description
BONJOUR SERVICE File Version
1,0,4,12
Product Name
BONJOUR Product Version
1,0,4,12
Internal Name
MDNSRESPONDER.EXE Original File Name
MDNSRESPONDER.EXE
Legal Copyright
COPYRIGHT © 2003-2007 APPLE INC. Legal Trademarks

Private Build
Special Build




MSASCUI.EXE Windows Defender User Interface More Info
Description
Windows Defender User Interface

File Location on your Computer
C:\PROGRAM FILES\WINDOWS DEFENDER\MSASCUI.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
866584 MD5 Checksum/Fingerprint
77C03BF23AE56B0A31AE4D5BB4B3D0AC

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
WINDOWS DEFENDER USER INTERFACE File Version
1.1.1593.0
Product Name
WINDOWS DEFENDER Product Version
1.1.1593.0
Internal Name
MSASCUI Original File Name
MSASCUI.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




MSMPENG.EXE Microsoft Windows Defender Service Executable More Info
Description
Microsoft Windows Defender Service Executable

File Location on your Computer
C:\PROGRAM FILES\WINDOWS DEFENDER\MSMPENG.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
13592 MD5 Checksum/Fingerprint
F45DD1E1365D857DD08BC23563370D0E

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
SERVICE EXECUTABLE File Version
1.1.1593.0
Product Name
WINDOWS DEFENDER Product Version
1.1.1593.0
Internal Name
MSMPENG.EXE Original File Name
MSMPENG.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




MSNMSGR.EXE MSN Messenger More Info
Description
MSN Messenger Application

File Location on your Computer
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
5674352 MD5 Checksum/Fingerprint
C4281AD865739E71FD1E4DAC19A68D60

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
MESSENGER File Version
8.1.0178.00
Product Name
MESSENGER Product Version
8.1.0178
Internal Name
MSNMSGR.EXE Original File Name
MSNMSGR.EXE
Legal Copyright
COPYRIGHT © MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




NOTEPAD.EXE Microsoft Windows Notepad More Info
Description
Notepad application that is included in Microsoft Windows

File Location on your Computer
C:\WINDOWS\SYSTEM32\NOTEPAD.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
69120 MD5 Checksum/Fingerprint
388B8FBC36A8558587AFC90FB23A3B99

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
NOTEPAD File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
NOTEPAD Original File Name
NOTEPAD.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




NVSVC32.EXE NVidia Driver Service More Info
Description
Used by NVidia graphics card drivers

File Location on your Computer
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
65536 MD5 Checksum/Fingerprint
693A199B77F080FAF10EE6C7E04059D3

Company Name
NVIDIA Corporation Company Url/Website
www.nvidia.com

File Version Information Show/Hide Version Information

File Description
NVIDIA DRIVER HELPER SERVICE, VERSION 43.28 File Version
6.14.01.4328
Product Name
NVIDIA DRIVER HELPER SERVICE, VERSION 43.28 Product Version
6.14.01.4328
Internal Name
NVSVC Original File Name
NVSVC32.EXE
Legal Copyright
© NVIDIA CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




PCFMGR.EXE PCF Manager Local Server for PowerPanel More Info
Description
PCF Manager Local Server used by Phoenix Motherboards

File Location on your Computer
C:\PROGRAM FILES\POWERPANEL\PROGRAM\PCFMGR.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
872448 MD5 Checksum/Fingerprint
A2AF87E61043B7BEBD1D7B2653502F39

Company Name
Phoenix Technologies Ltd. Company Url/Website


File Version Information Show/Hide Version Information

File Description
PCF MANAGER LOCAL SERVER File Version
5.2.0.1
Product Name
POWERPANEL 3.0 Product Version
5.2.0-S001
Internal Name
PCFMGR Original File Name
PCFMGR.EXE
Legal Copyright
COPYRIGHT © 1998, PHOENIX TECHNOLOGIES LTD. Legal Trademarks
POWERPANEL 3.0 ™
Private Build
Special Build




REALSCHED.EXE RealNetworks Scheduler More Info
Description
RealNetworks Scheduler. Part of the RealPlayer Installation.

File Location on your Computer
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
185896 MD5 Checksum/Fingerprint
74BC945EB2584E90619A56EF5028AB0F

Company Name
RealNetworks, Inc. Company Url/Website
www.real.com

File Version Information Show/Hide Version Information

File Description
REALNETWORKS SCHEDULER File Version
0.1.0.4279
Product Name
REALPLAYER (32-BIT) Product Version
0.1.0.4279
Internal Name
SCHEDAPP Original File Name
REALSCHED.EXE
Legal Copyright
COPYRIGHT © REALNETWORKS, INC. 1995-2007 Legal Trademarks
REALAUDIO™ IS A TRADEMARK OF REALNETWORKS, INC.
Private Build
Special Build




SERVICES.EXE Windows Services Controller More Info
Description
Used under NT based systems (NT, 2000, XP) to manage system services

File Location on your Computer
C:\WINDOWS\SYSTEM32\SERVICES.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
108032 MD5 Checksum/Fingerprint
C6CE6EEC82F187615D1002BB3BB50ED4

Company Name
Microsoft Corp Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
SERVICES AND CONTROLLER APP File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
SERVICES.EXE Original File Name
SERVICES.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SMSS.EXE Session Manager More Info
Description
Used by the Terminal Server of Microsoft Windows to manage sessions

File Location on your Computer
C:\WINDOWS\SYSTEM32\SMSS.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
50688 MD5 Checksum/Fingerprint
BD7FB0957C716F1A60333AEE04DE2178

Company Name
Microsoft Corp Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
WINDOWS NT SESSION MANAGER File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
SMSS.EXE Original File Name
SMSS.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SPOOLSV.EXE Print Spooler Service More Info
Description
Microsoft Windows printer spooler. Handles print jobs from all Windows applications.

File Location on your Computer
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
57856 MD5 Checksum/Fingerprint
DA81EC57ACD4CDC3D4C51CF3D409AF9F

Company Name
Microsoft Corp Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
SPOOLER SUBSYSTEM APP File Version
5.1.2600.2696 (XPSP_SP2_GDR.050610-1519)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2696
Internal Name
SPOOLSV.EXE Original File Name
SPOOLSV.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SUPERANTISPYWARE.EXE SUPERAntiSpyware Application More Info
Description
SUPERAntiSpyware Application

File Location on your Computer
C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
1830128 MD5 Checksum/Fingerprint
7E6A38E6EDA682684CE4521608125552

Company Name
SUPERAntiSpyware.com Company Url/Website
www.superantispyware.com

File Version Information Show/Hide Version Information

File Description
SUPERANTISPYWARE APPLICATION File Version
4, 24, 0, 1004
Product Name
SUPERANTISPYWARE Product Version
4, 24, 0, 1004
Internal Name
SUPERANTISPYWARE APPLICATION Original File Name
SUPERANTISPYWARE.EXE
Legal Copyright
COPYRIGHT © 2005-2008 BY SUPERANTISPYWARE.COM AND SUPERADBLOCKER.COM Legal Trademarks
SUPERANTISPYWARE™
Private Build
Special Build




SVCHOST.EXE Generic Host Process for Win32 Services More Info
Description
Generic Host Process for Win32 Services

File Location on your Computer
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
14336 MD5 Checksum/Fingerprint
8F078AE4ED187AAABC0A305146DE6716

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
GENERIC HOST PROCESS FOR WIN32 SERVICES File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
SVCHOST.EXE Original File Name
SVCHOST.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SVCHOST.EXE Generic Host Process for Win32 Services More Info
Description
Generic Host Process for Win32 Services

File Location on your Computer
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
14336 MD5 Checksum/Fingerprint
8F078AE4ED187AAABC0A305146DE6716

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
GENERIC HOST PROCESS FOR WIN32 SERVICES File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
SVCHOST.EXE Original File Name
SVCHOST.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SVCHOST.EXE Generic Host Process for Win32 Services More Info
Description
Generic Host Process for Win32 Services

File Location on your Computer
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
14336 MD5 Checksum/Fingerprint
8F078AE4ED187AAABC0A305146DE6716

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
GENERIC HOST PROCESS FOR WIN32 SERVICES File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
SVCHOST.EXE Original File Name
SVCHOST.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SVCHOST.EXE Generic Host Process for Win32 Services More Info
Description
Generic Host Process for Win32 Services

File Location on your Computer
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
14336 MD5 Checksum/Fingerprint
8F078AE4ED187AAABC0A305146DE6716

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
GENERIC HOST PROCESS FOR WIN32 SERVICES File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
SVCHOST.EXE Original File Name
SVCHOST.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SVCHOST.EXE Generic Host Process for Win32 Services More Info
Description
Generic Host Process for Win32 Services

File Location on your Computer
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
14336 MD5 Checksum/Fingerprint
8F078AE4ED187AAABC0A305146DE6716

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
GENERIC HOST PROCESS FOR WIN32 SERVICES File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
SVCHOST.EXE Original File Name
SVCHOST.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




WINLOGON.EXE Windows NT/2000/XP Logon Process More Info
Description
Manages user logon and logoff information.

File Location on your Computer
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
502272 MD5 Checksum/Fingerprint
01C3346C241652F43AED8E2149881BFE

Company Name
Microsoft Corp Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
WINDOWS NT LOGON APPLICATION File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
WINLOGON Original File Name
WINLOGON.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




WLLOGINPROXY.EXE MICROSOFT® WINDOWS LIVE LOGIN HELPER More Info
Description
MICROSOFT® WINDOWS LIVE LOGIN HELPER

File Location on your Computer
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WLLOGINPROXY.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
115024 MD5 Checksum/Fingerprint
44CDED85B91EEF32E9CBCA348371F6BB

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
WLLOGINPROXY.EXE File Version
4.100.313.1
Product Name
MICROSOFT® WINDOWS LIVE LOGIN HELPER Product Version
4.100.313.1
Internal Name
WLLOGINPROXY Original File Name
WLLOGINPROXY.EXE
Legal Copyright
COPYRIGHT © 1995-2006 MICROSOFT CORPORATION. Legal Trademarks
MICROSOFT® IS A REGISTERED TRADEMARK OF MICROSOFT CORPORATION.
Private Build
Special Build




WUAUCLT.EXE Microsoft Automatic Updates More Info
Description
Microsoft Automatic Updates Application

File Location on your Computer
C:\WINDOWS\SYSTEM32\WUAUCLT.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
51224 MD5 Checksum/Fingerprint
E654B78D2F1D791B30D0ED9A8195EC22

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
WINDOWS UPDATE AUTOMATIC UPDATES File Version
7.2.6001.788 (WINMAIN_OOB/WU_WSUSWLC(WMBLA).081016-1330)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
7.2.6001.788
Internal Name
WUAUCLT.EXE Original File Name
WUAUCLT.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build





Browser Extensions, Toolbars and Registry Applications

ACROIEHELPER.DLL Acrobat Helper Library More Info
Description
Adobe Acrobat IE Helper Version 6.0 for ActivieX

File Location on your Computer
C:\PROGRAM FILES\COMMON FILES\ADOBE\ACROBAT\ACTIVEX\ACROIEHELPER.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
File Size (bytes)
62080 MD5 Checksum/Fingerprint
C11F6A1F61481E24BE3FDC06EA6F7D2A

Company Name
Adobe Systems Incorporated Company Url/Website
www.adobe.com

File Version Information Show/Hide Version Information

File Description
ADOBE PDF HELPER FOR INTERNET EXPLORER File Version
8.0.0.2006102200
Product Name
ACROIEHELPER LIBRARY Product Version
8.0.0.2006102200
Internal Name
ACROIEHELPER Original File Name
ACROIEHELPER.DLL
Legal Copyright
COPYRIGHT 1984-2006 ADOBE SYSTEMS INCORPORATED AND ITS LICENSORS. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




BROWSEUI.DLL Shell Browser UI Library More Info
Description
Shell Browser UI Library

File Location on your Computer
%SYSTEMROOT%\SYSTEM32\BROWSEUI.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{438755C2-A8BA-11D1-B96B-00A0C90312E1}
File Size (bytes)
1022976 MD5 Checksum/Fingerprint
765FAAF3EEAD18A47811AB23DBE4C095

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
SHELL BROWSER UI LIBRARY File Version
6.00.2900.3059 (XPSP_SP2_QFE.070104-0040)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
6.00.2900.3059
Internal Name
BROWSEUI.DLL Original File Name
BROWSEUI.DLL
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




BROWSEUI.DLL Shell Browser UI Library More Info
Description
Shell Browser UI Library

File Location on your Computer
%SYSTEMROOT%\SYSTEM32\BROWSEUI.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler
{8C7461EF-2B13-11D2-BE35-3078302C2030}
File Size (bytes)
1022976 MD5 Checksum/Fingerprint
765FAAF3EEAD18A47811AB23DBE4C095

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
SHELL BROWSER UI LIBRARY File Version
6.00.2900.3059 (XPSP_SP2_QFE.070104-0040)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
6.00.2900.3059
Internal Name
BROWSEUI.DLL Original File Name
BROWSEUI.DLL
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




BROWSEUI.DLL Shell Browser UI Library More Info
Description
Shell Browser UI Library

File Location on your Computer
%SYSTEMROOT%\SYSTEM32\BROWSEUI.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{01E04581-4EEE-11D0-BFE9-00AA005B4383}
File Size (bytes)
1022976 MD5 Checksum/Fingerprint
765FAAF3EEAD18A47811AB23DBE4C095

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
SHELL BROWSER UI LIBRARY File Version
6.00.2900.3059 (XPSP_SP2_QFE.070104-0040)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
6.00.2900.3059
Internal Name
BROWSEUI.DLL Original File Name
BROWSEUI.DLL
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




IEFRAME.DLL Shell Browser UI Library More Info
Description
Shell Browser UI Library

File Location on your Computer
C:\WINDOWS\SYSTEM32\IEFRAME.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Internet Explorer\URLSearchHooks
{CFBFAE00-17A6-11D0-99CB-00C04FD64497}
File Size (bytes)
6066176 MD5 Checksum/Fingerprint
23DD2287BA2630805E16571CB5E4E3EB

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
INTERNET EXPLORER File Version
7.00.6000.16762 (VISTA_GDR.081013-1507)
Product Name
WINDOWS® INTERNET EXPLORER Product Version
7.00.6000.16762
Internal Name
IEFRAME.DLL Original File Name
IEFRAME.DLL
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




MPSHHOOK.DLL Microsoft Windows Defender Shell Execute Hook More Info
Description
Microsoft Windows Defender Shell Execute Hook

File Location on your Computer
C:\PROGRA~1\WINDOW~4\MPSHHOOK.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}
File Size (bytes)
83224 MD5 Checksum/Fingerprint
F9D82B82F1B7C0B2D2606A987073F58C

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
SHELL EXECUTION MONITOR File Version
1.1.1593.0
Product Name
WINDOWS DEFENDER Product Version
1.1.1593.0
Internal Name
MPSHHOOK Original File Name
MPSHHOOK.DLL
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SASSEH.DLL SUPERAntispyware ShellExecuteHook More Info
Description
SUPERAntispyware ShellExecuteHook used to detect harmful applications as they start.

File Location on your Computer
C:\PROGRAM FILES\SUPERANTISPYWARE\SASSEH.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}
File Size (bytes)
77824 MD5 Checksum/Fingerprint
ECD5517A6633826057D4F050927DDF56

Company Name
SuperAdBlocker.com Company Url/Website
www.superadblocker.com

File Version Information Show/Hide Version Information

File Description
SHELLEXECUTEHOOK File Version
1, 0, 0, 1012
Product Name
SUPERANTISPYWARE Product Version
1.0.0.1
Internal Name
SASSEH.DLL Original File Name
SASSEH.DLL
Legal Copyright
© COPYRIGHT 2004-2008 SUPERADBLOCKER.COM Legal Trademarks

Private Build
Special Build




SHDOCVW.DLL Microsoft Shell Document Object More Info
Description
Part of Microsoft Windows. Contains various commonly used application components for webbrowser hosting.

File Location on your Computer
%SYSTEMROOT%\SYSTEM32\SHDOCVW.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Internet Explorer\Explorer Bars
{4D5C8C25-D075-11D0-B416-00C04FB90376}
File Size (bytes)
1498112 MD5 Checksum/Fingerprint
2039074B74116904FD2D46110C1DFE8B

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
SHELL DOC OBJECT AND CONTROL LIBRARY File Version
6.00.2900.3059 (XPSP_SP2_QFE.070104-0040)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
6.00.2900.3059
Internal Name
SHDOCVW.DLL Original File Name
SHDOCVW.DLL
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SHDOCVW.DLL Microsoft Shell Document Object More Info
Description
Part of Microsoft Windows. Contains various commonly used application components for webbrowser hosting.

File Location on your Computer
%SYSTEMROOT%\SYSTEM32\SHDOCVW.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Internet Explorer\Explorer Bars
{EFA24E64-B078-11D0-89E4-00C04FC9E26E}
File Size (bytes)
1498112 MD5 Checksum/Fingerprint
2039074B74116904FD2D46110C1DFE8B

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
SHELL DOC OBJECT AND CONTROL LIBRARY File Version
6.00.2900.3059 (XPSP_SP2_QFE.070104-0040)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
6.00.2900.3059
Internal Name
SHDOCVW.DLL Original File Name
SHDOCVW.DLL
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SHELL32.DLL Shell32.DLL is part of the Microsoft Windows Operating System More Info
Description
Shell32.DLL is part of the Microsoft Windows Operating System and contains icons, and API functions used by the Windows Shell.

File Location on your Computer
SHELL32.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{AEB6717E-7E19-11D0-97EE-00C04FD91972}
File Size (bytes)
0 MD5 Checksum/Fingerprint
XXXX

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
File Version

Product Name
Product Version

Internal Name
Original File Name

Legal Copyright
Legal Trademarks

Private Build
Special Build




SHELL32.DLL Shell32.DLL is part of the Microsoft Windows Operating System More Info
Description
Shell32.DLL is part of the Microsoft Windows Operating System and contains icons, and API functions used by the Windows Shell.

File Location on your Computer
%SYSTEMROOT%\SYSTEM32\SHELL32.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Internet Explorer\Toolbar\WebBrowser
{0E5CBF21-D15F-11D0-8301-00AA005B4383}
File Size (bytes)
8460288 MD5 Checksum/Fingerprint
3BE4C2E84D99889685FE2B68E5FA2A9D

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
WINDOWS SHELL COMMON DLL File Version
6.00.2900.3241 (XPSP_SP2_QFE.071025-1245)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
6.00.2900.3241
Internal Name
SHELL32 Original File Name
SHELL32.DLL
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SHELL32.DLL Shell32.DLL is part of the Microsoft Windows Operating System More Info
Description
Shell32.DLL is part of the Microsoft Windows Operating System and contains icons, and API functions used by the Windows Shell.

File Location on your Computer
%SYSTEMROOT%\SYSTEM32\SHELL32.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Internet Explorer\Explorer Bars
{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}
File Size (bytes)
8460288 MD5 Checksum/Fingerprint
3BE4C2E84D99889685FE2B68E5FA2A9D

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
WINDOWS SHELL COMMON DLL File Version
6.00.2900.3241 (XPSP_SP2_QFE.071025-1245)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
6.00.2900.3241
Internal Name
SHELL32 Original File Name
SHELL32.DLL
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SKYPEIEPLUGIN.DLL Skype add-on for IE More Info
Description
Skype add-on for IE

File Location on your Computer
C:\PROGRAM FILES\SKYPE\TOOLBARS\INTERNET EXPLORER\SKYPEIEPLUGIN.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{22BF413B-C6D2-4D91-82A9-A0F997BA588C}
File Size (bytes)
1377576 MD5 Checksum/Fingerprint
23CD1A674E74AA4C1DAE8431E101580B

Company Name
Skype Company Url/Website
www.skype.com

File Version Information Show/Hide Version Information

File Description
SKYPE ADD-ON FOR IE File Version
2, 2, 0, 147
Product Name
SKYPE ADD-ON FOR IE Product Version
2, 2, 0, 147
Internal Name
SKYPE IE HELPER Original File Name
SKYPEIEPLUGIN.DLL
Legal Copyright
© SKYPE TECHNOLOGIES. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




WINDOWSLIVELOGIN.DLL Microsoft WindowsLiveLogin Helper More Info
Description
Microsoft WindowsLiveLogin Helper

File Location on your Computer
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE\WINDOWSLIVELOGIN.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{9030D464-4C02-4ABF-8ECC-5164760863C6}
File Size (bytes)
322368 MD5 Checksum/Fingerprint
E43F7CFDEE2B00A22C96C168147B20D3

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
WINDOWSLIVELOGIN.DLL File Version
4.100.313.1
Product Name
MICROSOFT® WINDOWS LIVE LOGIN HELPER Product Version
4.100.313.1
Internal Name
WINDOWSLIVELOGIN Original File Name
WINDOWSLIVELOGIN.DLL
Legal Copyright
COPYRIGHT © 1995-2006 MICROSOFT CORPORATION. Legal Trademarks
MICROSOFT® IS A REGISTERED TRADEMARK OF MICROSOFT CORPORATION.
Private Build
BUILT BY PPBUILD ON PASSBLD08. Special Build




YT.DLL Yahoo! Toolbar 5.5 for Internet Explorer More Info
Description
Yahoo! Toolbar 5.5 for Internet Explorer

File Location on your Computer
C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YT.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{02478D38-C3F9-4EFB-9B51-7695ECA05670}
File Size (bytes)
882416 MD5 Checksum/Fingerprint
6A2E0E49A4F2A9DF3E6293E37E7486BD

Company Name
Yahoo! Inc. Company Url/Website
www.yahoo.com

File Version Information Show/Hide Version Information

File Description
YAHOO! TOOLBAR File Version
2008, 7, 28, 01
Product Name
YAHOO! TOOLBAR Product Version
7, 2, 2, 0
Internal Name
YT Original File Name
YT.DLL
Legal Copyright
© YAHOO! INC. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




YT.DLL Yahoo! Toolbar 5.5 for Internet Explorer More Info
Description
Yahoo! Toolbar 5.5 for Internet Explorer

File Location on your Computer
C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YT.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Internet Explorer\Toolbar
{EF99BD32-C1FB-11D2-892F-0090271D4F88}
File Size (bytes)
882416 MD5 Checksum/Fingerprint
6A2E0E49A4F2A9DF3E6293E37E7486BD

Company Name
Yahoo! Inc. Company Url/Website
www.yahoo.com

File Version Information Show/Hide Version Information

File Description
YAHOO! TOOLBAR File Version
2008, 7, 28, 01
Product Name
YAHOO! TOOLBAR Product Version
7, 2, 2, 0
Internal Name
YT Original File Name
YT.DLL
Legal Copyright
© YAHOO! INC. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




YT.DLL Yahoo! Toolbar 5.5 for Internet Explorer More Info
Description
Yahoo! Toolbar 5.5 for Internet Explorer

File Location on your Computer
C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YT.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Internet Explorer\URLSearchHooks
{EF99BD32-C1FB-11D2-892F-0090271D4F88}
File Size (bytes)
882416 MD5 Checksum/Fingerprint
6A2E0E49A4F2A9DF3E6293E37E7486BD

Company Name
Yahoo! Inc. Company Url/Website
www.yahoo.com

File Version Information Show/Hide Version Information

File Description
YAHOO! TOOLBAR File Version
2008, 7, 28, 01
Product Name
YAHOO! TOOLBAR Product Version
7, 2, 2, 0
Internal Name
YT Original File Name
YT.DLL
Legal Copyright
© YAHOO! INC. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




YTSINGLEINSTANCE.DLL Yahoo! Toolbar 5.5 for Internet Explorer More Info
Description
Yahoo! Toolbar 5.5 for Internet Explorer

File Location on your Computer
C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YTSINGLEINSTANCE.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
File Size (bytes)
160496 MD5 Checksum/Fingerprint
F64C4241FE5E519F62C47C361DC671D7

Company Name
Yahoo! Inc. Company Url/Website
www.yahoo.com

File Version Information Show/Hide Version Information

File Description
YAHOO! SINGLE INSTANCE FOR MAIL File Version
2008, 7, 28, 01
Product Name
YAHOO! SINGLE INSTANCE FOR MAIL Product Version
7, 2, 2, 0
Internal Name
YTSINGLEINSTANCE.DLL Original File Name
YTSINGLEINSTANCE.DLL
Legal Copyright
© YAHOO! INC. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build





Startup Applications

AVGCC.EXE AVG Control Center More Info
Description
Control Center AVG Anti-Virus System

File Location on your Computer
C:\PROGRA~1\GRISOFT\AVG7\AVGCC.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
590848 MD5 Checksum/Fingerprint
F1B42DE29AF84F24FB59989805B1B62D

Company Name
GRISOFT, s.r.o. Company Url/Website
www.grisoft.com

File Version Information Show/Hide Version Information

File Description
AVG CONTROL CENTER File Version
7.5.0.545
Product Name
AVG ANTI-VIRUS SYSTEM Product Version
7.5.0.545
Internal Name
AVGCC Original File Name
AVGCC.EXE
Legal Copyright
COPYRIGHT © 2008 GRISOFT, S.R.O. Legal Trademarks

Private Build
WIN32 RELEASE Special Build
AVGVC71_2008_0912_151358(545), SVNREV 83847 (/BRANCHES/STABLE_UPGRADER)



CTFMON.EXE CTF Loader - Part of Microsoft Office XP More Info
Description
The CTF Loader is part of Microsoft Office XP. It is used to activate the Language Bar (voice recognition).

File Location on your Computer
C:\WINDOWS\SYSTEM32\CTFMON.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
15360 MD5 Checksum/Fingerprint
24232996A38C0B0CF151C2140AE29FC8

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
CTF LOADER File Version
5.1.2600.2180 (XPSP_SP2_RTM.040803-2158)
Product Name
MICROSOFT® WINDOWS® OPERATING SYSTEM Product Version
5.1.2600.2180
Internal Name
CTFMON Original File Name
CTFMON.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




EZSP_PX.EXE ezShieldProtector for Px More Info
Description
Used by Easy Systems Japan CD and DVD writing software

File Location on your Computer
C:\WINDOWS\SYSTEM32\EZSP_PX.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
40960 MD5 Checksum/Fingerprint
2849ED071A0D83406BDA342AA767F24E

Company Name
Easy Systems Japan Company Url/Website
www.easy.co.jp

File Version Information Show/Hide Version Information

File Description
EZSP_PX MFC APPLICATION File Version
1, 0, 0, 0
Product Name
EZSP_PX APPLICATION Product Version
1, 0, 0, 0
Internal Name
EZSP_PX Original File Name
EZSP_PX.EXE
Legal Copyright
COPYRIGHT © 2002 EASY SYSTEMS JAPAN LTD. Legal Trademarks

Private Build
1014 Special Build
1014



ITUNESHELPER.EXE iTunesHelper Module More Info
Description
Part of iTunes/IPod install package.

File Location on your Computer
C:\PROGRAM FILES\ITUNES\ITUNESHELPER.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
289064 MD5 Checksum/Fingerprint
12577ED7558A642C53C959E72FF2455F

Company Name
Apple Computer, Inc. Company Url/Website
www.apple.com

File Version Information Show/Hide Version Information

File Description
ITUNESHELPER MODULE File Version
7.7.0.43
Product Name
ITUNES Product Version
7.7.0.43
Internal Name
ITUNESHELPER Original File Name
ITUNESHELPER.EXE
Legal Copyright
© 2003-2008 APPLE INC. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




MSASCUI.EXE Windows Defender User Interface More Info
Description
Windows Defender User Interface

File Location on your Computer
C:\PROGRAM FILES\WINDOWS DEFENDER\MSASCUI.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
866584 MD5 Checksum/Fingerprint
77C03BF23AE56B0A31AE4D5BB4B3D0AC

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
WINDOWS DEFENDER USER INTERFACE File Version
1.1.1593.0
Product Name
WINDOWS DEFENDER Product Version
1.1.1593.0
Internal Name
MSASCUI Original File Name
MSASCUI.EXE
Legal Copyright
© MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




MSNMSGR.EXE MSN Messenger More Info
Description
MSN Messenger Application

File Location on your Computer
C:\PROGRAM FILES\MSN MESSENGER\MSNMSGR.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
5674352 MD5 Checksum/Fingerprint
C4281AD865739E71FD1E4DAC19A68D60

Company Name
Microsoft Corporation Company Url/Website
www.microsoft.com

File Version Information Show/Hide Version Information

File Description
MESSENGER File Version
8.1.0178.00
Product Name
MESSENGER Product Version
8.1.0178
Internal Name
MSNMSGR.EXE Original File Name
MSNMSGR.EXE
Legal Copyright
COPYRIGHT © MICROSOFT CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




QTTASK.EXE QuickTime Task More Info
Description
QuickTime Task

File Location on your Computer
C:\PROGRAM FILES\QUICKTIME\QTTASK.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
413696 MD5 Checksum/Fingerprint
F34EB5D4F145ED5FE50033CA3A41ED24

Company Name
Apple Computer, Inc. Company Url/Website
www.apple.com

File Version Information Show/Hide Version Information

File Description
QUICKTIME TASK File Version
7.5 (861)
Product Name
QUICKTIME Product Version
QUICKTIME 7.5 (861)
Internal Name
QUICKTIME TASK Original File Name
QTTASK.EXE
Legal Copyright
COPYRIGHT APPLE INC. 1989-2008 Legal Trademarks

Private Build
Special Build




READER_SL.EXE Adobe Acrobat SpeedLauncher More Info
Description
Adobe Acrobat SpeedLauncher is part of Adobe Acrobat Reader 7.0

File Location on your Computer
C:\PROGRAM FILES\ADOBE\READER 8.0\READER\READER_SL.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
39792 MD5 Checksum/Fingerprint
E28D00EC675F5F5A5A0555E7A4523A6E

Company Name
Adobe Systems Incorporated Company Url/Website
www.adobe.com

File Version Information Show/Hide Version Information

File Description
ADOBE ACROBAT SPEEDLAUNCHER File Version
8.0.0.0
Product Name
ADOBE ACROBAT Product Version
8.0.0.0
Internal Name
Original File Name
ACROSPEEDLAUNCH.EXE
Legal Copyright
COPYRIGHT ADOBE SYSTEMS INCORPORATED 2004 Legal Trademarks

Private Build
Special Build




REALSCHED.EXE RealNetworks Scheduler More Info
Description
RealNetworks Scheduler. Part of the RealPlayer Installation.

File Location on your Computer
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
185896 MD5 Checksum/Fingerprint
74BC945EB2584E90619A56EF5028AB0F

Company Name
RealNetworks, Inc. Company Url/Website
www.real.com

File Version Information Show/Hide Version Information

File Description
REALNETWORKS SCHEDULER File Version
0.1.0.4279
Product Name
REALPLAYER (32-BIT) Product Version
0.1.0.4279
Internal Name
SCHEDAPP Original File Name
REALSCHED.EXE
Legal Copyright
COPYRIGHT © REALNETWORKS, INC. 1995-2007 Legal Trademarks
REALAUDIO™ IS A TRADEMARK OF REALNETWORKS, INC.
Private Build
Special Build




SUPERANTISPYWARE.EXE SUPERAntiSpyware Application More Info
Description
SUPERAntiSpyware Application

File Location on your Computer
C:\PROGRAM FILES\SUPERANTISPYWARE\SUPERANTISPYWARE.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
1830128 MD5 Checksum/Fingerprint
7E6A38E6EDA682684CE4521608125552

Company Name
SUPERAntiSpyware.com Company Url/Website
www.superantispyware.com

File Version Information Show/Hide Version Information

File Description
SUPERANTISPYWARE APPLICATION File Version
4, 24, 0, 1004
Product Name
SUPERANTISPYWARE Product Version
4, 24, 0, 1004
Internal Name
SUPERANTISPYWARE APPLICATION Original File Name
SUPERANTISPYWARE.EXE
Legal Copyright
COPYRIGHT © 2005-2008 BY SUPERANTISPYWARE.COM AND SUPERADBLOCKER.COM Legal Trademarks
SUPERANTISPYWARE™
Private Build
Special Build





Recognized UNSAFE Applications and Files Show/Hide Info


Running Applications

Browser Extensions, Toolbars and Registry Applications

Startup Applications


There are no recognized UNSAFE applications running on your computer


Unrecognized Applications and Files Show/Hide Info


Running Applications

E_S4I091.EXE C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_S4I091.EXE More Info
File Location on your Computer
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_S4I091.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
99840 MD5 Checksum/Fingerprint
FE9197AD88D3899A7B672AB7DEA2AF88

File Version Information Show/Hide Version Information

Company Name
SEIKO EPSON CORPORATION
File Description
EPSON STATUS MONITOR 3 File Version
3.00
Product Name
EPSON STATUS MONITOR 3 Product Version
3.00
Internal Name
E_S4I091 Original File Name
E_S4I091.EXE
Legal Copyright
COPYRIGHT © SEIKO EPSON CORP. 2004 Legal Trademarks

Private Build
Special Build




KHOST.EXE C:\PROGRAM FILES\KONTIKI\KHOST.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\KONTIKI\KHOST.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
1032640 MD5 Checksum/Fingerprint
B5569B12E8FF9A71837C57E7C195169F

File Version Information Show/Hide Version Information

Company Name
KONTIKI INC.
File Description
DELIVERY MANAGER File Version
5.11.704.230
Product Name
DELIVERY MANAGER Product Version
5.11.704.230
Internal Name
KHOST.EXE Original File Name
KHOST.EXE
Legal Copyright
COPYRIGHT 2001-07 KONTIKI, INC. Legal Trademarks

Private Build
Special Build




KSERVICE.EXE C:\PROGRAM FILES\KONTIKI\KSERVICE.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\KONTIKI\KSERVICE.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
3068352 MD5 Checksum/Fingerprint
62CEF3CA80FF1E3AF738DD11E3505DB1

File Version Information Show/Hide Version Information

Company Name
KONTIKI INC.
File Description
DELIVERY MANAGER SERVICE File Version
5.11.704.230
Product Name
DELIVERY MANAGER Product Version
5.11.704.230
Internal Name
KSERVICE Original File Name
KSERVICE.EXE
Legal Copyright
COPYRIGHT 2001-06 KONTIKI, INC. Legal Trademarks

Private Build
Special Build




MBAM.EXE C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAM.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\MALWAREBYTES' ANTI-MALWARE\MBAM.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
1265296 MD5 Checksum/Fingerprint
56E3536902563372047C68B3EB3CA6A5

File Version Information Show/Hide Version Information

Company Name
MALWAREBYTES CORPORATION
File Description
MALWAREBYTES' ANTI-MALWARE File Version
1.31
Product Name
MALWAREBYTES' ANTI-MALWARE Product Version
1.31
Internal Name
MBAM Original File Name
MBAM.EXE
Legal Copyright
© MALWAREBYTES CORPORATION. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build




SEARCHPROTECTION.EXE C:\PROGRAM FILES\YAHOO!\SEARCH PROTECTION\SEARCHPROTECTION.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\YAHOO!\SEARCH PROTECTION\SEARCHPROTECTION.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
223984 MD5 Checksum/Fingerprint
1A258E60BAA8522194F39D7E3DD47EA0

File Version Information Show/Hide Version Information

Company Name
YAHOO! INC.
File Description
YAHOO! APPLICATION File Version
2008, 1, 10, 1
Product Name
SEARCH PROTECTION Product Version
1, 2, 5, 0
Internal Name
Y! SP Original File Name
YSP.EXE
Legal Copyright
YAHOO! COPYRIGHT © 2006-2007 Legal Trademarks

Private Build
Special Build




STACMON.EXE C:\PROGRAM FILES\SIGMATEL\C-MAJOR AUDIO\STACMON.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\SIGMATEL\C-MAJOR AUDIO\STACMON.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
45056 MD5 Checksum/Fingerprint
0E18DE27ACD4E1463FE91A53ED6D6E54

File Version Information Show/Hide Version Information

Company Name

File Description
File Version

Product Name
Product Version

Internal Name
Original File Name

Legal Copyright
Legal Trademarks

Private Build
Special Build




YTBB.EXE C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YTBB.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN0\YTBB.EXE
Registry Path and CLSID where file was detected on your Computer


File Size (bytes)
156912 MD5 Checksum/Fingerprint
BCC1DA6FE894E755C47AC2EC2FFC3213

File Version Information Show/Hide Version Information

Company Name
YAHOO! INC.
File Description
YAHOO! TOOLBAR ASSISTANT File Version
2008, 7, 28, 01
Product Name
YAHOO! TOOLBAR ASSISTANT Product Version
7, 2, 2, 0
Internal Name
YTBB.EXE Original File Name
YTBB.EXE
Legal Copyright
© YAHOO! INC. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build





Browser Extensions, Toolbars and Registry Applications

RPBROWSERRECORDPLUGIN.DLL C:\PROGRAM FILES\REAL\REALPLAYER\RPBROWSERRECORDPLUGIN.DLL More Info
File Location on your Computer
C:\PROGRAM FILES\REAL\REALPLAYER\RPBROWSERRECORDPLUGIN.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
{3049C3E9-B461-4BC5-8870-4C09146192CA}
File Size (bytes)
370296 MD5 Checksum/Fingerprint
4D630E9EF94CF8814DFD0E5938230822

File Version Information Show/Hide Version Information

Company Name
REALPLAYER
File Description
REALPLAYER DOWNLOAD AND RECORD PLUGIN FOR INTERNET EXPLORER File Version
1.0.0.522
Product Name
Product Version
1.0.0.522
Internal Name
RPBROWSERRECORDPLUGIN Original File Name
RPBROWSERRECORDPLUGIN.DLL
Legal Copyright
COPYRIGHT © REALNETWORKS, INC. 1995-2007 Legal Trademarks

Private Build
Special Build




SKYPEIEPLUGIN.DLL C:\PROGRAM FILES\SKYPE\TOOLBARS\INTERNET EXPLORER\SKYPEIEPLUGIN.DLL More Info
File Location on your Computer
C:\PROGRAM FILES\SKYPE\TOOLBARS\INTERNET EXPLORER\SKYPEIEPLUGIN.DLL
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Internet Explorer\Extensions
{77BF5300-1474-4EC7-9980-D32B190E9B07}
File Size (bytes)
1377576 MD5 Checksum/Fingerprint
23CD1A674E74AA4C1DAE8431E101580B

File Version Information Show/Hide Version Information

Company Name
SKYPE TECHNOLOGIES S.A.
File Description
SKYPE ADD-ON FOR IE File Version
2, 2, 0, 147
Product Name
SKYPE ADD-ON FOR IE Product Version
2, 2, 0, 147
Internal Name
SKYPE IE HELPER Original File Name
SKYPEIEPLUGIN.DLL
Legal Copyright
© SKYPE TECHNOLOGIES. ALL RIGHTS RESERVED. Legal Trademarks

Private Build
Special Build





Startup Applications

APPLESYNCNOTIFIER.EXE C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLESYNCNOTIFIER.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\COMMON FILES\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLESYNCNOTIFIER.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
116040 MD5 Checksum/Fingerprint
27E0EB81AE55788C8FBE6D489F862168

File Version Information Show/Hide Version Information

Company Name
APPLE INC.
File Description
APPLESYNCNOTIFIER File Version
1, 0, 0, 9
Product Name
MOBILEME Product Version
1, 0, 0, 1
Internal Name
APPLESYNCNOTIFIER Original File Name
APPLESYNCNOTIFIER.EXE
Legal Copyright
COPYRIGHT APPLE INC. 2008 Legal Trademarks

Private Build
Special Build




E_S4I091.EXE C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_S4I091.EXE More Info
File Location on your Computer
C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\E_S4I091.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
99840 MD5 Checksum/Fingerprint
FE9197AD88D3899A7B672AB7DEA2AF88

File Version Information Show/Hide Version Information

Company Name
SEIKO EPSON CORPORATION
File Description
EPSON STATUS MONITOR 3 File Version
3.00
Product Name
EPSON STATUS MONITOR 3 Product Version
3.00
Internal Name
E_S4I091 Original File Name
E_S4I091.EXE
Legal Copyright
COPYRIGHT © SEIKO EPSON CORP. 2004 Legal Trademarks

Private Build
Special Build




KHOST.EXE C:\PROGRAM FILES\KONTIKI\KHOST.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\KONTIKI\KHOST.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
1032640 MD5 Checksum/Fingerprint
B5569B12E8FF9A71837C57E7C195169F

File Version Information Show/Hide Version Information

Company Name
KONTIKI INC.
File Description
DELIVERY MANAGER File Version
5.11.704.230
Product Name
DELIVERY MANAGER Product Version
5.11.704.230
Internal Name
KHOST.EXE Original File Name
KHOST.EXE
Legal Copyright
COPYRIGHT 2001-07 KONTIKI, INC. Legal Trademarks

Private Build
Special Build




KHOST.EXE C:\PROGRAM FILES\KONTIKI\KHOST.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\KONTIKI\KHOST.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
1032640 MD5 Checksum/Fingerprint
B5569B12E8FF9A71837C57E7C195169F

File Version Information Show/Hide Version Information

Company Name
KONTIKI INC.
File Description
DELIVERY MANAGER File Version
5.11.704.230
Product Name
DELIVERY MANAGER Product Version
5.11.704.230
Internal Name
KHOST.EXE Original File Name
KHOST.EXE
Legal Copyright
COPYRIGHT 2001-07 KONTIKI, INC. Legal Trademarks

Private Build
Special Build




SEARCHPROTECTION.EXE C:\PROGRAM FILES\YAHOO!\SEARCH PROTECTION\SEARCHPROTECTION.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\YAHOO!\SEARCH PROTECTION\SEARCHPROTECTION.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
223984 MD5 Checksum/Fingerprint
1A258E60BAA8522194F39D7E3DD47EA0

File Version Information Show/Hide Version Information

Company Name
YAHOO! INC.
File Description
YAHOO! APPLICATION File Version
2008, 1, 10, 1
Product Name
SEARCH PROTECTION Product Version
1, 2, 5, 0
Internal Name
Y! SP Original File Name
YSP.EXE
Legal Copyright
YAHOO! COPYRIGHT © 2006-2007 Legal Trademarks

Private Build
Special Build




SEARCHPROTECTION.EXE C:\PROGRAM FILES\YAHOO!\SEARCH PROTECTION\SEARCHPROTECTION.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\YAHOO!\SEARCH PROTECTION\SEARCHPROTECTION.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
223984 MD5 Checksum/Fingerprint
1A258E60BAA8522194F39D7E3DD47EA0

File Version Information Show/Hide Version Information

Company Name
YAHOO! INC.
File Description
YAHOO! APPLICATION File Version
2008, 1, 10, 1
Product Name
SEARCH PROTECTION Product Version
1, 2, 5, 0
Internal Name
Y! SP Original File Name
YSP.EXE
Legal Copyright
YAHOO! COPYRIGHT © 2006-2007 Legal Trademarks

Private Build
Special Build




STACMON.EXE C:\PROGRAM FILES\SIGMATEL\C-MAJOR AUDIO\STACMON.EXE More Info
File Location on your Computer
C:\PROGRAM FILES\SIGMATEL\C-MAJOR AUDIO\STACMON.EXE
Registry Path and CLSID where file was detected on your Computer
Software\Microsoft\Windows\CurrentVersion\Run

File Size (bytes)
45056 MD5 Checksum/Fingerprint
0E18DE27ACD4E1463FE91A53ED6D6E54

File Version Information Show/Hide Version Information

Company Name

File Description
File Version

Product Name
Product Version

Internal Name
Original File Name

Legal Copyright
Legal Trademarks

Private Build
Special Build




Thanks to everyone that helps

#9 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,073 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:48 PM

Posted 31 December 2008 - 11:30 AM

Please download ATF Cleaner by Atribune & save it to your desktop. alternate download link
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main "Select Files to Delete" choose: Select All.
  • Click the Empty Selected button.
  • If you use Firefox browser click Firefox at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • If you use Opera browser click Opera at the top and choose: Select All
  • Click the Empty Selected button.
    If you would like to keep your saved passwords, please click No at the prompt.
  • Click Exit on the Main menu to close the program.
Note: On Vista, "Windows Temp" is disabled. To empty "Windows Temp" ATF-Cleaner must be "Run as an Administrator".

Rescan again with MBAM (Quick Scan) in normal mode and check all items found for removal. Don't forgot to check for updates before scanning and to reboot afterwards. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware. When done, click the Logs tab and copy/paste the contents of the new report in your next reply.

Also let us know how your computer is running and if there are any more reports/signs of infection.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#10 deepsea

deepsea
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 31 December 2008 - 03:13 PM

hi quietman, how do i reboot? just switch off and on again?

To follow is the latest MBAM log:


Malwarebytes' Anti-Malware 1.31
Database version: 1582
Windows 5.1.2600 Service Pack 2

31/12/2008 20:11:11
mbam-log-2008-12-31 (20-11-11).txt

Scan type: Quick Scan
Objects scanned: 49343
Time elapsed: 11 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)



Thanks very much for the help

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,073 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:48 PM

Posted 31 December 2008 - 03:19 PM

Go to Start, select Shutdown, from the drop down box next to What do you want your computer to do?, select Restart and click Ok.

Then let us know how your computer is running and if there are any more reports/signs of infection.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 deepsea

deepsea
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:01:48 PM

Posted 31 December 2008 - 05:04 PM

I've done that and everything seems fine. Thank you very much for all the help. I really apprecte it!
I'm gonna put a firewall on tomorrow.......now off out for the bells. Happy New Year to you and all the bestallhe for 2009 :thumbsup:

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 52,073 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:01:48 PM

Posted 31 December 2008 - 05:35 PM

If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Tips to protect yourself against malware and reduce the potential for re-infection:
• "Simple and easy ways to keep your computer safe".
• "How did I get infected?, With steps so it does not happen again!".
• "Hardening Windows Security - Part 1 & Part 2".
• "IE Recommended Minimal Security Settings" - "How to Secure Your Web Browser".

• Avoid gaming sites, underground web pages, pirated software, crack sites, and peer-to-peer (P2P) file sharing programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories and Risks of File-Sharing Technology.

Safe surfing and Happy New Year.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 Triumph Jack

Triumph Jack

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Philadelphia, PA USA
  • Local time:01:48 PM

Posted 31 December 2008 - 06:36 PM

quietman.....My bad. I'll follow that protocal in the future.

deepsea......followed your advice with the SUPERantispyware. It worked, but as you said, some remnants of the virus was still there. I was then able to run the Malwarebytes (SAFE mode only) and that got almost the rest of it. I then ran Spybot and that was able to finally finish it off for good.....

Thanks for the help.....




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users