False positive

Pau · May 10, 2014, 10:27am

Hello, I am not sure whether or not this one is an FP, but this “malicious file” has been appearing again and again for the past 5 days. I’ll even show you a picture below. The malware name is ApplicUnwnt@#1iavjarpsslwf, the location is C:\Users\toshiba\AppData\Local\Temp\SPSetup.exe
I get very nervous when a virus is involved, so I hope these info will help.

[attachment deleted by admin]

yuvarajm · May 10, 2014, 11:38am

Hi,

This is to inform you that the file you have reported to us (SHA1:fec19241949864de766a2d193bc81e3366e379e4) is not a False Positive.

Regards,
Yuvaraj M

ReviewsAntivirus · May 10, 2014, 12:22pm

That’s probably just a PUP ((potentially unwanted program), not malicious. I suggest you to remove it, if you don’t know the application.

Pau · May 10, 2014, 3:32pm

Thanks for your replies. If you don’t mind me asking, how do I remove it? I can’t see a remove button anywhere. When In search for the file location in my pc, it’s not there either. Answers appreciated thankyou

ReviewsAntivirus · May 10, 2014, 3:55pm

Can you do this?

Pau · May 10, 2014, 4:21pm

Yes, thank you. I was able to find the “AppData” folder because of your help, but still no signs of the file “SPSetup.exe”. What could have happened? Thank you for your help. Also I took the liberty of searching this “SPSetup.exe” but I’m not entirely sure about what I have read. http://www.onlinespywareexpert.com/exe-errors/SpSetup.exe.html

ReviewsAntivirus · May 10, 2014, 4:30pm

That’s an affiliate of SpyHunter. I suggest you to stay away from it. SpyHunter is a dubious antispyware, many people accuse them of fake alerts. It’s needed to pay to clean your PC using it.

Can you open the command prompt and type this?

dir C:\Users\toshiba\AppData\Local\Temp>>data.txt & notepad data.txt & timeout 3 & del data.txt

If you want to copy-paste it, you must use the right mouse button because CTRL+V doesn’t work in CMD.

Please show me the contents of the notepad that will open after running this command.

Pau · May 10, 2014, 4:45pm

These are the results you are looking for?

Volume in drive C has no label.
Volume Serial Number is 8449-60C0

Directory of C:\Users\toshiba\AppData\Local\Temp

05/11/2014 12:40 AM .
05/11/2014 12:40 AM …
10/26/2013 08:07 AM 0
02/12/2014 08:37 PM 02121957-00001180-4zrmh3c7c2
02/15/2014 10:19 PM 02152219-00001674-lcn2bzvxaj
02/22/2014 01:29 AM 02220129-0000044c-glo292u93j
02/22/2014 04:43 AM 02220443-00001458-cx3xmdedcx
03/12/2014 12:03 PM 03121203-000017d4-9gn1lo4yrk
03/12/2014 12:04 PM 03121204-0000151c-2f77ff5rue
03/12/2014 12:07 PM 03121207-00001258-6l923027fv
03/15/2014 02:58 PM 03151458-000014f0-2hot7weh1a
03/15/2014 03:12 PM 03151512-00000428-26207svgyt
04/29/2014 05:12 AM 04290512-00001388-tjwn74hq78
09/10/2013 04:56 PM 08181644-00000798-xvtlpi314r
08/18/2013 05:07 PM 08181707-00000798-lryi5zhdta
08/18/2013 05:10 PM 08181709-0000163c-ce80599ski
08/18/2013 05:09 PM 08181709-000016c4-ati1nf9no8
08/18/2013 07:39 PM 08181710-000011b4-7dxq3uhj61
12/19/2013 06:17 PM 12191814-000007e0-4jbj9xdy98
12/28/2013 08:01 PM 1232_12650
12/28/2013 08:01 PM 1336_21245
12/28/2013 08:01 PM 1656_10373
12/28/2013 08:01 PM 1656_24516
05/06/2014 03:28 PM 1676_30521
05/06/2014 03:28 PM 1740_28355
01/17/2014 01:37 AM 1824_1743
01/17/2014 01:37 AM 1824_17437
01/17/2014 01:37 AM 1824_8495
01/17/2014 01:37 AM 1936_8725
12/28/2013 08:01 PM 2000_7493
01/26/2014 06:24 PM 2116_17230
01/26/2014 06:24 PM 2128_29322
01/17/2014 01:37 AM 2164_2899
01/17/2014 01:37 AM 2296_12098
12/28/2013 08:01 PM 2296_25979
12/28/2013 08:01 PM 2296_29850
01/17/2014 01:37 AM 2296_7428
05/06/2014 03:28 PM 2332_17131
05/06/2014 03:28 PM 2332_32466
05/06/2014 03:28 PM 2332_6567
05/06/2014 03:28 PM 2380_13093
01/26/2014 06:24 PM 2540_26382
01/17/2014 01:37 AM 2560_30183
05/06/2014 03:28 PM 2588_22452
05/06/2014 03:28 PM 2588_29188
01/17/2014 01:37 AM 2640_7953
01/17/2014 01:37 AM 2660_29582
05/06/2014 03:28 PM 2904_28920
12/28/2013 08:01 PM 2980_12102
01/26/2014 06:24 PM 2984_15112
10/26/2013 08:07 AM 3028_29809
12/28/2013 08:01 PM 3044_16860
12/28/2013 08:01 PM 3156_14353
12/28/2013 08:01 PM 3156_20760
12/28/2013 08:01 PM 3156_22680
12/28/2013 08:01 PM 3192_17266
12/28/2013 08:01 PM 3192_26529
01/17/2014 01:37 AM 3208_10831
11/17/2013 01:27 AM 3240_12250
05/06/2014 03:28 PM 3248_30506
05/06/2014 03:28 PM 3276_16996
05/06/2014 03:28 PM 3340_14915
12/28/2013 08:01 PM 3348_15343
01/17/2014 01:37 AM 3348_28978
01/17/2014 01:37 AM 3348_32063
01/17/2014 01:37 AM 3348_405
12/28/2013 08:01 PM 3348_6951
12/28/2013 08:01 PM 3384_8650
12/28/2013 08:01 PM 3392_11486
12/28/2013 08:01 PM 3392_14172
10/26/2013 08:07 AM 3488_14639
10/26/2013 08:07 AM 3488_28620
01/26/2014 06:24 PM 3492_23580
05/06/2014 03:28 PM 3500_26931
05/06/2014 03:28 PM 3556_9907
10/26/2013 08:07 AM 3616_18186
12/28/2013 08:01 PM 3628_13193
12/28/2013 08:01 PM 3632_28068
12/28/2013 08:01 PM 3676_28024
10/26/2013 08:07 AM 3728_12921
10/26/2013 08:07 AM 3728_14753
05/06/2014 03:28 PM 3776_31376
05/06/2014 03:28 PM 3804_1406
12/28/2013 08:01 PM 3812_2657
05/06/2014 03:28 PM 38fdaae5-8e0e-493c-88ec-e05c3be06e42
12/28/2013 08:01 PM 3936_23498
12/28/2013 08:01 PM 3936_8782
12/28/2013 08:01 PM 3972_24007
12/28/2013 08:01 PM 3972_29704
12/28/2013 08:01 PM 3972_9702
01/17/2014 01:37 AM 3996_28966
12/28/2013 08:01 PM 4068_11029
12/28/2013 08:01 PM 4068_13196
01/17/2014 01:37 AM 4068_14070
12/28/2013 08:01 PM 4068_23586
01/17/2014 01:37 AM 4068_272
12/28/2013 08:01 PM 4068_32045
01/17/2014 01:37 AM 4068_8523
05/06/2014 03:28 PM 4104_1971
01/17/2014 01:37 AM 4140_1148
11/17/2013 01:27 AM 4144_22576
11/17/2013 01:27 AM 4144_7634
12/28/2013 08:01 PM 4220_30510
05/06/2014 03:28 PM 4228_13278
01/17/2014 01:37 AM 4228_18011
12/28/2013 08:01 PM 4236_27300
05/06/2014 03:28 PM 4256_7607
05/06/2014 03:28 PM 4284_19388
05/06/2014 03:28 PM 4284_31503
05/06/2014 03:28 PM 4284_3293
12/28/2013 08:01 PM 4348_14634
12/28/2013 08:01 PM 4348_22521
12/28/2013 08:01 PM 4348_29428
12/28/2013 08:01 PM 4348_795
10/26/2013 08:07 AM 4392_25492
05/06/2014 03:28 PM 4400_19143
05/06/2014 03:28 PM 4400_6176
05/06/2014 03:28 PM 4404_23970
12/28/2013 08:01 PM 4416_24532
12/28/2013 08:01 PM 4420_8723
12/28/2013 08:01 PM 4460_1118
12/28/2013 08:01 PM 4460_24188
12/28/2013 08:01 PM 4460_29692
10/26/2013 08:07 AM 4472_15959
12/28/2013 08:01 PM 4472_1845
10/26/2013 08:07 AM 4472_3192
12/28/2013 08:01 PM 4472_8036
05/06/2014 03:28 PM 4488_13406
12/28/2013 08:01 PM 4512_12100
12/28/2013 08:01 PM 4520_10399
01/17/2014 01:37 AM 4536_19363
01/17/2014 01:37 AM 4536_32227
12/28/2013 08:01 PM 4544_2053
12/28/2013 08:01 PM 4544_4627
01/17/2014 01:37 AM 4560_25022
10/26/2013 08:07 AM 4580_10308
10/26/2013 08:07 AM 4580_13044
10/26/2013 08:07 AM 4580_8388
05/06/2014 03:28 PM 4592_13168
05/06/2014 03:28 PM 4600_12156
05/06/2014 03:28 PM 4600_3148
05/06/2014 03:28 PM 4600_6457
05/06/2014 03:28 PM 4600_6735
10/26/2013 08:07 AM 4604_29313
10/26/2013 08:07 AM 4604_6460
05/06/2014 03:28 PM 4616_11088
01/17/2014 01:37 AM 4628_4093
01/17/2014 01:37 AM 4636_3051
12/28/2013 08:01 PM 4640_7903
05/06/2014 03:28 PM 4652_19823
12/28/2013 08:01 PM 4676_22100
05/06/2014 03:28 PM 4688_17554
05/06/2014 03:28 PM 4688_20541
05/06/2014 03:28 PM 4688_24797
01/17/2014 01:37 AM 4724_18595
01/17/2014 01:37 AM 4724_19750
12/28/2013 08:01 PM 4732_23761
12/28/2013 08:01 PM 4732_4695
12/28/2013 08:01 PM 4744_15009
12/28/2013 08:01 PM 4744_22376
12/28/2013 08:01 PM 4792_13737
12/28/2013 08:01 PM 4792_31121
10/26/2013 08:07 AM 4824_30855
10/26/2013 08:07 AM 4824_8579
12/28/2013 08:01 PM 4876_16154
12/28/2013 08:01 PM 4876_5077
11/17/2013 01:27 AM 4928_10149
11/17/2013 01:27 AM 4928_14393
11/17/2013 01:27 AM 4928_2828
12/28/2013 08:01 PM 5012_12838
12/28/2013 08:01 PM 5020_16911
12/28/2013 08:01 PM 5028_8638
01/17/2014 01:37 AM 5032_15259
01/17/2014 01:37 AM 5032_5703
05/06/2014 03:28 PM 5080_10543
05/06/2014 03:28 PM 5080_29252
05/06/2014 03:28 PM 5080_4189
12/28/2013 08:01 PM 5084_4799
05/06/2014 03:28 PM 5100_21949
05/06/2014 03:28 PM 5208_11676
05/06/2014 03:28 PM 5244_18333
05/06/2014 03:28 PM 5244_21898
05/06/2014 03:28 PM 5268_22894
05/06/2014 03:28 PM 5372_13365
05/06/2014 03:28 PM 5372_3028
05/06/2014 03:28 PM 5448_11722
05/06/2014 03:28 PM 5516_24705
05/06/2014 03:28 PM 5516_7183
05/06/2014 03:28 PM 5528_21126
05/06/2014 03:28 PM 5528_8523
05/06/2014 03:28 PM 5568_10516
05/06/2014 03:28 PM 5616_18047
05/06/2014 03:28 PM 5664_17554
05/06/2014 03:28 PM 5664_20820
05/06/2014 03:28 PM 5668_11314
12/28/2013 08:01 PM 5784_14906
05/06/2014 03:28 PM 5804_12963
05/06/2014 03:28 PM 5804_27503
12/28/2013 08:01 PM 5808_3022
01/17/2014 01:37 AM 5832_7995
01/26/2014 06:24 PM 5840_13504
01/26/2014 06:24 PM 5840_9540
05/06/2014 03:28 PM 5888_13004
12/28/2013 08:01 PM 5980_18931
01/17/2014 01:37 AM 5984_25550
01/26/2014 06:24 PM 6008_27193
05/06/2014 03:28 PM 6120_27289
11/17/2013 01:27 AM 620_21135
11/17/2013 01:27 AM 620_21953
11/17/2013 01:27 AM 620_24293
11/17/2013 01:27 AM 620_28953
11/17/2013 01:27 AM 620_3548
01/26/2014 06:24 PM 6652_31023
01/26/2014 06:24 PM 6664_3220
04/25/2013 02:29 PM 7ZipSfx.000
05/06/2014 03:28 PM 856_5411
05/07/2013 11:05 PM APN-Stub
05/07/2013 11:05 PM APNLogs
05/07/2013 11:05 PM AskSearch
01/17/2014 01:37 AM AU
05/06/2014 03:24 PM 0 boost569600.tmp
05/06/2014 03:24 PM 0 boost734618.tmp
04/25/2013 02:43 PM Comodo
01/04/2014 10:17 AM Conduit
10/26/2013 08:07 AM CRX_75DAF8CB7768
10/26/2013 08:07 AM CT2383985
01/17/2014 01:37 AM ct3288691
01/17/2014 01:37 AM ct3297861
05/06/2014 03:28 PM D7ADFCCA-EE7E-442C-9999-C4D14FEF360B
01/04/2014 10:30 AM DDMCache
02/27/2014 09:32 AM div1054.tmp
02/06/2014 07:53 PM div1360.tmp
02/21/2014 07:12 PM div141C.tmp
01/18/2014 10:33 PM div1515.tmp
02/09/2014 04:36 PM div157.tmp
03/08/2014 03:56 PM div1969.tmp
03/14/2014 11:05 AM div1C46.tmp
01/17/2014 09:55 AM div21F1.tmp
02/28/2014 08:42 PM div2403.tmp
01/07/2014 10:20 PM div2442.tmp
03/31/2014 02:39 AM div2490.tmp
01/27/2014 06:20 AM div24FD.tmp
03/02/2014 02:35 PM div25D7.tmp
05/04/2014 10:39 PM div27DA.tmp
01/17/2014 01:37 AM div2E06.tmp
01/16/2014 02:37 AM div3255.tmp
01/26/2014 04:17 PM div3D3E.tmp
03/23/2014 03:37 AM div3DAB.tmp
04/03/2014 04:03 AM div46A0.tmp
04/03/2014 09:17 PM div472.tmp
03/10/2014 01:06 AM div4B80.tmp
01/08/2014 04:08 PM div4C0.tmp
01/23/2014 07:05 AM div54D3.tmp
02/22/2014 08:52 PM div5E83.tmp
03/16/2014 03:56 PM div618.tmp
03/12/2014 11:11 AM div62F6.tmp
01/07/2014 06:25 AM div6EF7.tmp
03/06/2014 11:44 PM div7FB.tmp
03/28/2014 02:31 AM div8F72.tmp
01/27/2014 04:23 PM div957B.tmp
02/12/2014 12:25 PM div9655.tmp
03/19/2014 01:37 AM div9710.tmp
02/07/2014 11:44 PM div9A7A.tmp
02/12/2014 04:15 PM div9B35.tmp
04/01/2014 09:00 PM div9B45.tmp
01/07/2014 03:57 PM div9CCB.tmp
01/25/2014 09:23 AM div9FC7.tmp
03/09/2014 05:34 PM divA0D0.tmp
03/07/2014 10:30 PM divA497.tmp
03/15/2014 11:51 AM divA505.tmp
02/19/2014 04:39 PM divA65C.tmp
01/31/2014 03:36 PM divAA04.tmp
02/11/2014 11:47 PM divAAAF.tmp
05/08/2014 02:57 PM divAAB0.tmp
01/31/2014 07:10 PM divACD1.tmp
04/04/2014 06:42 PM divAD00.tmp
02/25/2014 03:55 PM divAE19.tmp
01/23/2014 09:38 AM divB06A.tmp
01/31/2014 12:57 PM divB0F6.tmp
03/20/2014 10:08 PM divB36.tmp
01/10/2014 04:31 PM divB460.tmp
01/25/2014 11:41 AM divB49E.tmp
01/23/2014 02:31 AM divB4EC.tmp
02/17/2014 04:25 PM divB663.tmp
02/16/2014 12:16 PM divB6D0.tmp
02/15/2014 10:08 AM divB6DF.tmp
03/10/2014 07:19 PM divB7F8.tmp
02/01/2014 04:35 PM divB875.tmp
03/13/2014 12:22 AM divB9CC.tmp
04/07/2014 08:49 AM divBB14.tmp
01/31/2014 02:10 AM divBC8A.tmp
01/21/2014 06:46 AM divBD45.tmp
01/09/2014 06:29 AM divBF87.tmp
02/12/2014 11:29 AM divC10D.tmp
02/12/2014 06:30 PM divC225.tmp
01/17/2014 08:19 PM divC5AE.tmp
01/20/2014 04:13 PM divC698.tmp
02/24/2014 12:10 PM divC7EF.tmp
01/21/2014 05:29 AM divCE17.tmp
01/17/2014 12:38 AM divD068.tmp
01/24/2014 07:24 AM divD1DE.tmp
01/12/2014 11:39 PM divD374.tmp
01/20/2014 12:58 AM divD3E1.tmp
02/26/2014 01:00 PM divD71C.tmp
01/24/2014 11:44 PM divD7B8.tmp
05/10/2014 09:58 PM divD90F.tmp
02/22/2014 04:27 AM divD91F.tmp
02/14/2014 06:52 PM divDAE3.tmp
03/14/2014 07:20 PM divDAF3.tmp
01/30/2014 05:37 PM divDBEC.tmp
02/10/2014 04:40 PM divDDB1.tmp
01/09/2014 03:49 PM divDE0E.tmp
01/17/2014 12:04 AM divE243.tmp
02/20/2014 08:23 PM divE2BF.tmp
03/20/2014 01:18 AM divE33C.tmp
01/29/2014 04:32 PM divE493.tmp
02/02/2014 06:25 PM divE52.tmp
03/31/2014 11:36 AM divE696.tmp
03/25/2014 02:23 AM divE6F4.tmp
05/06/2014 03:19 PM divE761.tmp
01/21/2014 11:29 AM divE80D.tmp
03/16/2014 01:14 AM divE983.tmp
02/18/2014 05:09 PM divEA0F.tmp
05/06/2014 03:28 PM divEC9F.tmp
05/07/2014 09:43 PM divF.tmp
01/13/2014 04:31 PM divF2A7.tmp
02/23/2014 06:48 PM divF43D.tmp
02/03/2014 12:34 PM divF7A.tmp
01/04/2014 10:59 AM divF847.tmp
02/08/2014 11:45 PM divF8CF.tmp
03/04/2014 12:30 AM divF93C.tmp
01/27/2014 04:20 AM divFAF1.tmp
01/24/2014 01:43 AM divFDCE.tmp
03/11/2014 04:25 PM divFE4B.tmp
02/05/2014 09:37 PM divFF06.tmp
04/25/2013 02:12 PM drp
05/07/2013 11:05 PM drpLog
02/12/2014 05:24 PM 0 FXSAPIDebugLogFile.txt
01/22/2014 05:45 AM hsperfdata_toshiba
04/25/2013 02:26 PM is-SNAQG.tmp
09/10/2013 05:09 PM KB2468871v2_10.0.30319
09/10/2013 04:56 PM KB2487367_10.0.30319
09/10/2013 05:02 PM KB2533523_10.0.30319
09/10/2013 05:28 PM KB2600217_10.0.30319
09/10/2013 05:31 PM KB2604121_10.0.30319
09/10/2013 05:12 PM KB2656351_10.0.30319
09/10/2013 05:37 PM KB2729449_10.0.30319
09/10/2013 05:43 PM KB2736428_10.0.30319
09/10/2013 05:35 PM KB2737019_10.0.30319
09/10/2013 05:39 PM KB2742595_10.0.30319
09/10/2013 05:46 PM KB2789642_10.0.30319
09/10/2013 05:48 PM KB2804576_10.0.30319
09/10/2013 05:52 PM KB2835393_10.0.30319
09/10/2013 05:49 PM KB2836939_10.0.30319
09/10/2013 05:55 PM KB2840628v2_10.0.30319
02/12/2014 04:39 PM KB2858302v2_10.0.30319
04/25/2013 02:03 PM Low
08/23/2013 07:46 PM Microsoft .NET Framework 4 Setup_4.0.30319
02/15/2014 06:09 PM mozilla-temp-files
05/09/2014 09:03 PM msdt
12/18/2013 10:52 PM msdtadmin
05/22/2013 01:28 AM msohtmlclip
04/24/2014 03:30 AM msohtmlclip1
01/17/2014 01:37 AM NativeMessaging
01/17/2014 01:37 AM nsx2428.tmp
09/02/2013 10:52 PM OIS
05/07/2013 11:05 PM outlook logging
04/28/2013 10:15 PM plugtmp
01/17/2014 01:37 AM swlfiles
04/25/2013 03:15 PM TCA0079300B.temp
01/04/2014 10:16 AM TestIfExeExist
05/06/2014 03:28 PM tmp02167.WMC
05/06/2014 03:28 PM tmp31303.WMC
09/13/2013 08:35 PM UnityWebPlayer
02/16/2014 10:18 PM VBE
05/10/2014 12:14 AM 1,298 wmplog00.sqm
05/09/2014 03:06 AM WPDNSE
05/30/2013 04:36 PM {33598AD8-1490-4865-B129-CB5D45501AEB}
05/17/2013 11:32 AM {923E652C-E0DC-4291-B2DE-A1CD904477D3}
4 File(s) 1,298 bytes
375 Dir(s) 37,960,048,640 bytes free

ReviewsAntivirus · May 10, 2014, 4:51pm

Yes.
I don’t see the file you mentioned (SPSetup.exe), are you sure that Comodo still detects it?

Pau · May 10, 2014, 4:57pm

I’ll just wait within 24 hours if comodo still detects this ApplicUnwnt, till then. Thank you very much malware1 you really helped me If comodo still detects it, I’ll be needing your help again. Thank you very much, you have my most sincere gratitude.

ReviewsAntivirus · May 10, 2014, 5:01pm

I suspect that some program on your computer creates this file so Comodo detects it.

Can you try this? https://www.piriform.com/docs/ccleaner/ccleaner-how-tos/listing-installed-programs

I would like to take a look at the list of installed programs.

You can do the following but that’s not the recommended way (comodo simply won’t alert for the file anymore)

Run the command prompt again.

echo >> C:\Users\toshiba\AppData\Local\Temp\SPSetup.exe

Open Comodo and add the file C:\Users\toshiba\AppData\Local\Temp\SPSetup.exe to the exclusion list.
Then run command prompt again: del C:\Users\toshiba\AppData\Local\Temp\SPSetup.exe
Comodo shouldn’t detect it anymore.

Pau · May 10, 2014, 6:50pm

sorry, i had to go out for a bit. Here’s the list

Adobe Flash Player 11 ActiveX & Plugin 64-bit Adobe Systems Incorporated 4/25/2013 11.6.602.180
Adobe Shockwave Player + Authorware Web Player Adobe Systems, Inc. 4/25/2013 v12.0.0.112
Advanced SystemCare 6 IObit 4/25/2013 67.1 MB 6.1
Aeria Ignite Aeria Games & Entertainment 1/15/2014 1.13.3296
Akamai NetSession Interface Akamai Technologies, Inc 1/14/2014
Apple Application Support Apple Inc. 4/25/2013 62.7 MB 2.3.3
Apple Mobile Device Support Apple Inc. 4/25/2013 25.2 MB 6.1.0.13
Apple Software Update Apple Inc. 4/25/2013 2.38 MB 2.1.3.127
Ashampoo Burning Studio 6 FREE v.6.80 ashampoo GmbH & Co. KG 4/25/2013 39.3 MB 6.8.0
Aura Kingdom 1/15/2014
Bonjour Apple Inc. 4/25/2013 2.00 MB 3.0.0.10
CCleaner Piriform 5/11/2014 4.13
COMODO Internet Security COMODO Security Solutions Inc. 4/25/2013 162 MB 5.10.31649.2253
COMODO Internet Security COMODO Security Solutions Inc. 4/25/2013 5.10.31649.2253
DivX Browser Bar Toolbar for IE DivX Browser Bar 1/4/2014 8.14 MB 6.17.2.8
DivX Setup DivX, LLC 1/4/2014 2.6.1.90
Facebook Video Calling 2.0.0.447 Skype Limited 1/15/2014 12.0 MB 2.0.447
FastStone Photo Resizer 3.2 FastStone Soft. 1/28/2014 3.2
Foxit Reader 5.4.5.124 oszone.net 4/25/2013 v 5.4.5.124
FrostWire 5.6.9 FrostWire LLC 1/3/2014 5.6.9.2
GeekBuddy Comodo Security Solutions Inc 3/13/2014 4.11.91
Google Chrome Google Inc. 4/25/2013 34.0.1847.131
Intel(R) Processor Graphics Intel Corporation 4/25/2013 9.17.10.3062
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 4/25/2013 1.0.1.209
iTunes Apple Inc. 4/25/2013 187 MB 11.0.2.26
Lagarith Lossless Codec (1.3.27) 4/25/2013 1.02 MB
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 8/18/2013 38.8 MB 4.0.30319
Microsoft .NET Framework 4 Extended Microsoft Corporation 8/18/2013 51.9 MB 4.0.30319
Microsoft Office Enterprise 2007 Microsoft Corporation 1/17/2014 12.0.4518.1014
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 8/18/2013 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 Microsoft Corporation 4/25/2013 572 KB 8.0.61000
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 Microsoft Corporation 4/25/2013 300 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 4/25/2013 612 KB 9.0.30729.6161
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 Microsoft Corporation 4/25/2013 11.1 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 Корпорация Майкрософт 4/25/2013 17.4 MB 11.0.51106.1
Mozilla Firefox 24.0 (x86 en-US) Mozilla 10/11/2013 48.4 MB 24.0
Mozilla Maintenance Service Mozilla 10/11/2013 336 KB 24.0
ooVoo ooVoo LLC. 9/3/2013 3.5.9056
ooVoo toolbar, powered by Ask.com Ask.com 4/26/2013 4.66 MB 1.17.6.0
ooVoo toolbar, powered by Ask.com Updater Ask.com 4/26/2013 1.4.3.42067
Pando Media Booster Pando Networks Inc. 5/2/2013 5.46 MB 2.6.0.9
PLDT Weroam PLUS ZTE 5/17/2013 1.0.0.0
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 4/25/2013 6.0.1.6844
SAM CoDeC Pack www.SamLab.ws 4/25/2013 5.05
Search Protect Conduit 1/15/2014 2.9.40.12
Skype™ 5.9 Skype Technologies S.A. 4/25/2013 19.0 MB 5.9.114
Unity Web Player Unity Technologies ApS 5/23/2013 12.0 MB
UpdateChecker SqueakyChocolate, LLC 1/3/2014
Ut Video Codec Suite UMEZAWA Takeshi 4/25/2013 1.83 MB 12.0.1
VLC media player 2.0.1 VideoLAN 4/25/2013 2.0.1
Windows Live Essentials Microsoft Corporation 8/18/2013 16.4.3508.0205
WinRAR 4.20 (64-bit) win.rar GmbH 4/25/2013 4.20.0
x264vfw - H.264/MPEG-4 AVC codec (remove only) 4/25/2013
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) 4/25/2013
Xvid MPEG-4 Video Codec 4/25/2013 2.30 MB
Xvid MPEG-4 Video Codec 4/25/2013
Yahoo! Messenger Yahoo! Inc. 4/25/2013
YTD Video Downloader 4.5.1 GreenTree Applications SRL 10/7/2013 4.5.1

ReviewsAntivirus · May 10, 2014, 6:56pm

Please uninstall:

DivX Browser Bar Toolbar for IE
Search Protect
ooVoo toolbar, powered by Ask.com
ooVoo toolbar, powered by Ask.com Updater

After uninstalling them, please use AdwCleaner: http://general-changelog-team.fr/fr/downloads/finish/20-outils-de-xplode/2-adwcleaner

Don’t remove anything it detects, just give me the scan log.

Pau · May 10, 2014, 7:31pm

These are the results. There was nothing on the shortcuts, so I didn’t include it

[attachment deleted by admin]

ReviewsAntivirus · May 10, 2014, 7:33pm

I forgot to tell you that AdwCleaner creates a log in C:, but screenshots are ok too.

Close all browsers and click “Clean”. Please let me know if Comodo still alerts about the file.

Pau · May 10, 2014, 7:39pm

Just clean everything? no items to unselect? btw, I did not do the command prompt, is that okay?

ReviewsAntivirus · May 10, 2014, 7:45pm

Yes.

That’s okay, this is just in case Comodo still detects it.

Pau · May 10, 2014, 8:08pm

Alright, I finished the cleaning process. If comodo detects it again, I’ll return here. Until then, thank you for you time malware1 you really helped me there haha. Any advice or tips? Just to prevent this from happening again?

ReviewsAntivirus · May 10, 2014, 8:13pm

I suggest you to be sure that you don’t select any “recommended” sponsored toolbar when installing applications. Many sites offer download managers that contain PUPs too - I don’t recommend you to use them, but if you really want to, then please make sure that you uncheck all unwanted junk.

You can try Unchecky http://unchecky.com/

Pau · May 10, 2014, 8:19pm

Ok got it, I’ll be careful when downloading apps. Thanks again.