Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Strange program / IP address


  • Please log in to reply
No replies to this topic

#1 malwarewar

malwarewar

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:04:54 AM

Posted 01 June 2011 - 10:16 AM

I have just gone through a war with "BACKDOOR:WIN32/CYCBOT"! I've used "MALWAREBYTES" and "SUPERANTISPYWARE" as well as "DR WEB CUREIT" which seems to have removed the infections. While that was going on McAfee Anti Virus would ask me to ALLOW or BLOCK a prgram. The program name is "7735281.EXE" and it's located in "DOCUMENTS and SETTINGS" If this is a WINDOWS program, I doubt that McAfee would be asking me this question. I've tried to remove it, by DELETING it from where it's located, but I'm DENIED by WINDOWS. Then I stopped the PROCESS and a few minutes later, it starts itself back up. Also, MALWAREBYTES comes up and tells me it has blocked an outgoing request to connect to "89.149.223.232". Not at the same time as to when I get the question to BLOCK or ALLOW the program listed.

I have a small home business where I do tax preperation, so I have financial as well as SS#, bank accounts, etc. Also, I do my personal banking on my computer. I have only one computer and I need to make sure that it's secure, for my own banking as well as my clients personal information. As you can tell, I'm trying to avoid a reformat. I do have CARBONITE as my back up utility and I've had it for a few years.

Could I still be tracked? I ask, becasue SUPERANTISPYWARE detected a KEYLOGGER when I ran a scan last week and has removed it from my computer. Since then, I have run other scans with the anti spyware software and it has not detected any other infections, including the keylogger.

This has never happened to me before and I have no idea as to how I got infected. My wife and I are the only ones who use this computer.

If you need more information, please let me know and I'll send it to you as soon as possible.

Thank you.

BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users