SystemHelper Spyware Profile

SystemHelper is a spyware program that installs itself as a browser add on.  It does this in order to bypass your security suite’s firewall.  It also exploits a vulnerability in the Adobe Flash program.

SystemHelper is a Trojan Downloader program.  As such, it can download other spyware programs.  In this particular case, it seems to download pop-up advertisements that use Adobe Flash technology.  This takes a large percentage of your system resources and can slow down your computer and cause program errors.

If you get infected with SystemHelper, it is recommended that you do not try to remove it manually.  Several of the associated files have similar names to legitimate files, and you may accidentally remove real files when you do this.  We recommend that you use ZookaWare PC Cleaner to remove this bug.

Also Known As:

trojan-downloader-admedia, AdPlug, adup.exe

Associated Files:
adup.exe,
tl.dll,
flash9.dll,
HKEY_CLASSES_ROOTadodb.flash
HKEY_CLASSES_ROOTadodb.flash.1
HKEY_CLASSES_ROOTadodb.flash.1clsid
HKEY_CLASSES_ROOTadodb.flashclsid
HKEY_CLASSES_ROOTadodb.flashcurver
HKEY_CLASSES_ROOTadodb.flashparameter
HKEY_CLASSES_ROOTadodb.flashparameter adid
HKEY_CLASSES_ROOTadodb.flashparameter adtimes
HKEY_CLASSES_ROOTadodb.flashparameter checktime
HKEY_CLASSES_ROOTadodb.flashparameter city
HKEY_CLASSES_ROOTadodb.flashparameter downloadtime
HKEY_CLASSES_ROOTadodb.flashparameter ip
HKEY_CLASSES_ROOTadodb.flashparameter lastpopid
HKEY_CLASSES_ROOTadodb.flashparameter province
HKEY_CLASSES_ROOTadodb.flashparameter rectime
HKEY_CLASSES_ROOTadodb.flashparameter regtime
HKEY_CLASSES_ROOTadodb.flashparameter tasknum
HKEY_CLASSES_ROOTadodb.flashparameter tlversion
HKEY_CLASSES_ROOTadodb.flashparameter updatetime
HKEY_CLASSES_ROOTadodb.flashparameter version
HKEY_CLASSES_ROOTclsid{b88dbc3f-41fb-40ae-afb0-4220e842b710}
HKEY_CLASSES_ROOTclsid{b88dbc3f-41fb-40ae-afb0-4220e842b710}inprocserver32
HKEY_CLASSES_ROOTclsid{b88dbc3f-41fb-40ae-afb0-4220e842b710}inprocserver32 threadingmodel
HKEY_CLASSES_ROOTclsid{b88dbc3f-41fb-40ae-afb0-4220e842b710}progid
HKEY_CLASSES_ROOTclsid{b88dbc3f-41fb-40ae-afb0-4220e842b710}programmable
HKEY_CLASSES_ROOTclsid{b88dbc3f-41fb-40ae-afb0-4220e842b710}typelib
HKEY_CLASSES_ROOTclsid{b88dbc3f-41fb-40ae-afb0-4220e842b710}versionindependentprogid
HKEY_CLASSES_ROOTinterface{fd439585-0591-4877-af40-da4ecfd3a5a3}
HKEY_CLASSES_ROOTinterface{fd439585-0591-4877-af40-da4ecfd3a5a3}proxystubclsid
HKEY_CLASSES_ROOTinterface{fd439585-0591-4877-af40-da4ecfd3a5a3}proxystubclsid32
HKEY_CLASSES_ROOTinterface{fd439585-0591-4877-af40-da4ecfd3a5a3}typelib
HKEY_CLASSES_ROOTinterface{fd439585-0591-4877-af40-da4ecfd3a5a3}typelib version
HKEY_CLASSES_ROOTtypelib{7627d225-08e6-42f6-af5d-c1b7a50639b8}
HKEY_CLASSES_ROOTtypelib{7627d225-08e6-42f6-af5d-c1b7a50639b8}1.0
HKEY_CLASSES_ROOTtypelib{7627d225-08e6-42f6-af5d-c1b7a50639b8}1.0�
HKEY_CLASSES_ROOTtypelib{7627d225-08e6-42f6-af5d-c1b7a50639b8}1.0�win32
HKEY_CLASSES_ROOTtypelib{7627d225-08e6-42f6-af5d-c1b7a50639b8}1.0flags
HKEY_CLASSES_ROOTtypelib{7627d225-08e6-42f6-af5d-c1b7a50639b8}1.0helpdir
HKEY_LOCAL_MACHINEsoftwareadobe system incorporated
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object adid
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object adtimes
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object checktime
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object city
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object downloadtime
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object firstcheckok
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object ip
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object lastpopid
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object province
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object rectime
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object regtime
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object tasknum
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object tlversion
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object updatetime
HKEY_LOCAL_MACHINEsoftwareadobe system incorporatedshockwave flash object version
HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorerbrowser helper objects{b88dbc3f-41fb-40ae-afb0-4220e842b710}

Download Free Scan
ZookaWare runs on Windows Vista, 7, 8 and 10. It has no ads, popups or bundled software and fully uninstalls by clicking Start > All Programs > select ZookaWare and click Uninstall.

Leave a Reply

Your email address will not be published. Required fields are marked *

css.php