Mystery .exe

Capt_Blackbeard · Sep 8, 2011

I'm dealing with a file that loads into upper memory. It shows up in Task Manager as a System run file. It deletes HiJack This 1.99.1 each time I try to run it. Spybot Search and Destroy failed to kill it. The file is named:

1274738523:2751989172.exe

Any suggestions? It seems to be HiJacking my browser at various times. Have cleared out cache files and rebooted many times. Still present and loading each time. I deleted the Prefetch folder in my Windows XP, as well.

TimW · Sep 8, 2011

Go to the below link and follow the instructions for running TDSSKiller from Kaspersky

TDSSkiller - How to run

Be sure to attach your log from TDSSKiller

Please also download MBRCheck to your desktop.

See the download links under this icon http://forums.majorgeeks.com/chaslang/images/MGDownloadLoc.gif

Double click MBRCheck.exe to run (vista and Win 7 right click and select Run as Administrator)

It will show a Black screen with some information that will contain either the below line if no problem is found:

Done! Press ENTER to exit...

Or you will see more information like below if a problem is found:

Found non-standard or infected MBR.

Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Either way, just choose to exit the program at this point since we want to see only the scan results to begin with.

MBRCheck will create a log named similar to MBRCheck_07.16.10_00.32.33.txt which is random based on date and time.

Attach this log to your next message. (See: HOW TO: Attach Items To Your Post )

Log in or Sign up

Mystery .exe

Capt_Blackbeard Private E-2

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member