File details
File name: scripthelper.exe
Version: 14.2.0.1
Size: 1.16 MB
Original file name: ScriptHelper.exe
Digital certificate
Certificate authority:
VeriSign
Expiration date: 3/30/2013
Resource utilization
 | CPU utilization averages |
Total CPU: 0.2272722557%
Privileged CPU:
0.1520598545%

User CPU:
0.07521240116982%

Privileged CPU time: 156 ms
Privileged CPU time /min: 0 ms
CPU cycle count:
699,716,242
Context switches /sec:
20
 | Memory utilization averages |
Committed memory:
76.14 MB
Peak committed memory: 78.64 MB
Paged memory:
1.75 MB
Peak paged memory: 1.86 MB
Paged system memory:
139.55 KB
Non-paged system memory: 11.38 KB
Working set memory:
6.08 MB
Peak working set memory: 6.15 MB
Min working set memory: 6.08 MB
Private memory:
1.75 MB
Page faults:
1,770
Page faults /min: 0
 | Process I/O averages |
Total read operations:
107
Total read transfer: 31.23 KB
Total write operations:
376
Total write transfer: 68.35 KB
Total other operations:
1,401
Total other transfer: 8.3 KB
 | GUI Object Averages |
GDI objects:
9
Peak GDI objects: 9
USER objects:
4
Peak USER objects: 4
Resources
Handle count average: 135
Thread count average: 5
Thread resource averages
Total CPU: 0.127934933209%
Privileged CPU: 0.085289955472%
User CPU: 0.042644977736%
CPU Cycle count /sec: 3,624,451
Context switches /sec: 12
Module memory size: 1.17 MB
Process details
Runs as (owner): User
Integrety level: Medium
Windows platform: 64-bit
Parent Process
Process Command
"C:\Program Files\Common Files\AVG Secure Search\ScriptHelperInstaller\14.2.0\ScriptHelper.exe" -Embedding
Safe for scripting control details
CLSID: {F25AF245-4A81-40DC-92F9-E9021F207706}
Command: CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
Safe for initializing control details
CLSID: {F25AF245-4A81-40DC-92F9-E9021F207706}
Command: CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
Image hashes
MD5: d48125fbbb855b6652899da5fd51bba5
SHA-1: f297f3967ae3977070a83a1c042c0f4caa2a61f6
SHA-256: f7a9893738c908958b038635d7aeef7018510731a9247f5d442e73deb4e46ed1
PE image details
File packed: No
Import Table
advapi32.dll

RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
CryptAcquireContextW
CryptGetHashParam
CryptHashData
CryptDestroyHash
CryptDestroyKey
CryptCreateHash
CryptEncrypt
CryptAcquireContextA
CryptReleaseContext
CryptDeriveKey
AdjustTokenPrivileges
RegSetKeySecurity
FreeSid
SetEntriesInAclW
AddAccessAllowedAce
AllocateAndInitializeSid
InitializeAcl
GetNamedSecurityInfoW
LookupPrivilegeValueW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegFlushKey
GetLengthSid
RegQueryValueExW
GetTokenInformation
OpenProcessToken
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegDeleteKeyW
RegSetValueExW
crypt32.dll

kernel32.dll
ole32.dll

CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CLSIDFromProgID
rpcrt4.dll

NdrOleAllocate
NdrOleFree
IUnknown_QueryInterface_Proxy
NdrCStdStubBuffer2_Release
UuidToStringW
NdrStubCall2
NdrStubForwardingFunction
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
shell32.dll

ShellExecuteW
SHGetSpecialFolderPathW
shlwapi.dll

user32.dll

CharUpperW
GetMessageW
PostThreadMessageW
DispatchMessageW
TranslateMessage
CharNextW
LoadStringW
PostMessageW
FindWindowW
wsprintfW
EnumWindows
GetClassNameW
IsWindow
GetSystemMetrics
version.dll

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW
wininet.dll

FindFirstUrlCacheEntryW
InternetOpenW
InternetConnectW
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
InternetReadFile
InternetCloseHandle
HttpOpenRequestW
HttpQueryInfoW
HttpAddRequestHeadersW
InternetSetOptionW
HttpSendRequestW