The key words here are SAFE MODE!!!



As some malware reside in restore points, turn System Restore off. This will delete all your restore points and any virus.

Click Start, right-click Computer, and then click Properties.

Click System Protection, click Configure, turn off system protection.



Download, (if you can't get on-line, have a friend download and copy to disc/flash for transfer) install, update and then in SAFE MODE* run full scans with these programs...



** http://www.malwarebytes.org

http://www.superantispyware.com

http://download.cnet.com/Ad-Aware-Free-Internet-Security/3000-8022_4-10045910.html?tag=mncol;1 Ad-Aware free



**Note: Malwarebytes should be run in 'Normal Mode' unless that isn't possible!



*** Important, when downloaded/installed/updated disconnect from the internet ***



Then re-start.



(turn System Restore on)





If you can't run a scan, go into the scanner's folder and re-name the .exe file to something like 'MyFile.exe' and try in safe mode again. Some malware prevent the execution of anti spy/mal/virus scans by blocking them by name.



You should consider getting a good Anti-Virus program.

Try one of these free ones...



http://www.avast.com/eng/download-avast-home.html



http://www.free-av.com/en/download/1/avira_antivir_personal__free_antivirus.html (Avria)



http://download.cnet.com/AVG-Anti-Virus-Free-Edition-2011/3000-2239_4-10320142.html



***Never use more than one, active, anti-virus program at any one time***



*Note: On start up (before Windows loads) keep tapping either F5 or F8 (be aware that some manufacturers use F8 for system recovery!) then use arrow keys to highlight 'Safe Mode with networking' and hit Enter/Return, click on a user account, enter the Administrator password (if you don't know it, there probably isn't one so leave it blank) and hit Enter/Return.





© arou42

It is a virus or malware, there should be no programs that run out of the AppData folder or any of it's subfolders, those folders are for storing program settings and program data specific to an individual user.



Run a quick scan with Malwarebytes, it should have no problem finding and removing this type of malware.



http://www.malwarebytes.org/products/malwarebytes_free

Upload that file to VirusTotal and see what they report back



http://www.virustotal.com



Google and Yahoo do not give any results for that filename so it's probably malware that has given itself a random name. It might be a "custom" hacker program recently written and thus not on the anti-malware scanner lists yet.



Google and Yahoo also do not give much of a result for the word "Cazza" either.



They did give a website called hxxp://cazzaserver.com

run by a teenager who claims to write gaming software and hosts games



But I don't know if that website has anything to do with the program you found.



I changed the http to hxxp to ensure no one on Answers could just click that URL.

You will have to copy-and-paste and change the hxxp back to http if you intend to visit that website.



The "roaming" in the directory path makes me wonder if it is tied to a cell phone, do you have software on your PC that can access your cell phone ?

Install Security Essential, and PC Tools free firewall, for permanent protection. The install Malwarebytes for malware removal. Free.

It's a virus.