0

I am currently dealing with this on my daughters laptop. I have run MBAM a few times and while it appears to find and remove all the dodgy files the problem remains.

I did notice an icon in the tray (shield with yellow black lines) and discovered it was linked to a programme called 1275054603.exe. I tried a websearch for this file with no results. Suspicious!
A process with this name was seen running in Task Manager which I stopped.
I disabled this process in STARTUP with msconfig, restarted and it was removed from the tray.
I also found this file was Allowed through my Firewall which I set to Deny.
The spyware did not appear after another restart.

The full address is c:\Documents and Settings\All Users\Application Data\961565551\1275054603.exe . When I go looking in that address, nothing. So I did a search and found it in c:\windows\Prefetch as 1275054603.exe-357fdee2b.pf . I deleted this file and restarted the pc. Again no problem. No spyware launch.

I then re-ticked the entry in STARTUP and the spyware reappeared. Stupid or what but I wanted to know for sure.
My plan is to stop the process, run MBAB, remove files, stop process in Startup and hope it stays that way.

Any ideas for getting rid of it permanently?

1
Contributor
1
Reply
2
Views
8 Years
Discussion Span
Last Post by double20
0

OK I think it's gone.
In the end I did a search for "1275054603" in the registry files using regedit and deleted any entry with this file name including one encrypted Count Key. There was also a folder with this name in the registry which I deleted.
It no longer appears in the Startup list.
MBAM runs clear.
No tray icons and no pop-ups.

Time for bed as it's 4am here.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.