I am currently dealing with this on my daughters laptop. I have run MBAM a few times and while it appears to find and remove all the dodgy files the problem remains.
I did notice an icon in the tray (shield with yellow black lines) and discovered it was linked to a programme called 1275054603.exe. I tried a websearch for this file with no results. Suspicious!
A process with this name was seen running in Task Manager which I stopped.
I disabled this process in STARTUP with msconfig, restarted and it was removed from the tray.
I also found this file was Allowed through my Firewall which I set to Deny.
The spyware did not appear after another restart.
The full address is c:\Documents and Settings\All Users\Application Data\961565551\1275054603.exe . When I go looking in that address, nothing. So I did a search and found it in c:\windows\Prefetch as 1275054603.exe-357fdee2b.pf . I deleted this file and restarted the pc. Again no problem. No spyware launch.
I then re-ticked the entry in STARTUP and the spyware reappeared. Stupid or what but I wanted to know for sure.
My plan is to stop the process, run MBAB, remove files, stop process in Startup and hope it stays that way.
Any ideas for getting rid of it permanently?