See: https://www.virustotal.com/en/url/f158ba70c0ed5845185e60f5f6e49282527654f81be3d0e8235f42f8a7db9e5a/analysis/1378471621/
and https://www.virustotal.com/en/file/bd131aad1242fe39cc2a0136060cbff0f0b003d9c4c959c35de9f6ba7cc39e90/analysis/1378442902/
See: http://anubis.iseclab.org/?action=result&task_id=17ae3576f1a2331b4810d46f45e0b7251
URL update.sppen.com failed to be located in database is suspicious!
Going there I get
Server IP(s):
59.12.180.12
59.12.180.108
59.12.180.127
59.12.180.164
183.99.120.26
=========================
HTTP headers: Then avast! Webshield blocks access to htxp://update.sppen.com/ via Malzilla browser as a URL:Mal detection
Hence we have protection against this backdoor/PUP!
polonus