Firstly: mega-kudo's to
Salim38 for your diligence in this matter. On this occasion, I simply wasn't curious enough to invest the time necessary to perform the unavoidable, labor intensive deduction you accomplished in order to determine the source program, but I'm very appreciative you were. Not coincidentally, I indeed previously had the TweakXP utility installed on my target system (~2 years ago).
Secondly: kudo's also to
Yodama for the professionalism shown in admitting error ... "So I have to admit that I was wrong here". Because frankly, that statement is not true. You didn't "HAVE to admit" you were wrong, but rather, in a timely and direct manner, you CHOSE to. That PROVES character, whereas merely being right proves nothing other than you happen to be right.
Thirdly: to
jgs57 ... is it possible that like me, your system did (past tense) have TweakXP installed at some point? After all, as I stated and detailed in my first post, your scan disposition is IDENTICAL to mine: the filename, path, filesize, REG-keys, and (most importantly), MD5 checksum's all match. Therefore, ipso-facto, if I'm OK, then you're OK. Regardless, if you have already allowed SpyBot S&D to "fix" and quarantine the subject file and REG-keys, AND you have not experienced any repercussion (as you report), my advice would be simply to leave in quarantine ... or hell, restore ... either way, it "ain't no thang".
Lastly: For what it's worth, I did come across one rather old 2005
forum discussion related to SVKP.sys as a malware. Its particular M.O. (modus operandi) was to place one or more of the following files on your system drive:
msdirectx.sys
xz.bat
lockx.exe
If so inclined, simply execute a search on your system drive (typically C:\) for these files (msdirectx.sys OR xz.bat OR lockx.exe), and if not found, you can safely rule that remote possibility out.
