A Problem or Not?

I went into Safe Mode and ran winpfind3u according to the directions. I have a report but it's too big to attach. I just formatted my pc so that all the programs/files/folders were created within the past 30 day. If you want to see it, I'll split it in 2 and attach them.

I also ran SUPERAntiSpyware Free Edition and Ad-Aware and they didn't find anything.

When I came out of Safe Mode and rebooted, I ran SpyBot S&D again and Poka-Poka wasn't reported as being there.

 

C:\Documents and Settings\Administrator\Local Settings\Temp\~setuptmp0 doesn't have poka-poka any longer since I rebooted.

I've attached 2 screenshots of the items in the folder. The first one is a screenshot of the top of the folder and the second one is a screenshot for the bottom of the folder. In between, there are only a multitude of the hpz type files.

I don't use Torrent or P2P but I do use another file sharing program, but very infrequently, maybe once or twice a month.

 

In the quote that I mentioned earlier, it said

I'll give you more info if it appears again.

BTW, I just purchased the full running version of SuperAntiSpyware Pro. It's going to be mailed to me and I'm hoping to receive it by the end of the week. It's on sale right now.

 

I don't have a program named Indigo Rose. I just installed the Indeo codec, but I'm betting it's not the same.

Yesterday, I spent time downloading a few codecs that I need to edit and view my video files. It could have been attached to one of them. The only other downloads were Microsoft updates, Debugging Tools for Windows 64-bit (which won't work because I can't find the folder where my pc stores its dump file) and updates to Spybot, and Ad-Aware. I looked through my email and nobody sent me an email that had an attachment. So it must've been attached to one of the codecs. I won't be downloading more codecs for a few months because I got the most recent updates, but the next time I see poka-poka, I'll get the info for you:

 

I did a search for IRSETUP.EXE (in hidden and system folders also). Two results shows up. They're both in my Prefetch folder. IRSETUP.EXE-187B22FA.pf and IRSETUP.EXE-32C09F85.pf. I had Avast scan them and it didn't report a problem.

 

Hi Chaslang,

PokaPoka turned up under a scan by SpyBot this morning. I've attached a screenshot of the folder/path and the file that's in it.

I then double clicked on the setup file and received the message that's in the second attachment.

The third screenshot shows the contents of the folder that ~setupmp0 is in.

When I woke up this morning, I found that my computer had crashed during the night.
.

 

Ok, thanks chaslang . . . when it shows up again, and I know it will, I'll just have SpyBot delete it. I'm happy to know that it's not a virus.
.