Posted 01 June 2011 - 10:16 AM
I have just gone through a war with "BACKDOOR:WIN32/CYCBOT"! I've used "MALWAREBYTES" and "SUPERANTISPYWARE" as well as "DR WEB CUREIT" which seems to have removed the infections. While that was going on McAfee Anti Virus would ask me to ALLOW or BLOCK a prgram. The program name is "7735281.EXE" and it's located in "DOCUMENTS and SETTINGS" If this is a WINDOWS program, I doubt that McAfee would be asking me this question. I've tried to remove it, by DELETING it from where it's located, but I'm DENIED by WINDOWS. Then I stopped the PROCESS and a few minutes later, it starts itself back up. Also, MALWAREBYTES comes up and tells me it has blocked an outgoing request to connect to "18.104.22.168". Not at the same time as to when I get the question to BLOCK or ALLOW the program listed.
I have a small home business where I do tax preperation, so I have financial as well as SS#, bank accounts, etc. Also, I do my personal banking on my computer. I have only one computer and I need to make sure that it's secure, for my own banking as well as my clients personal information. As you can tell, I'm trying to avoid a reformat. I do have CARBONITE as my back up utility and I've had it for a few years.
Could I still be tracked? I ask, becasue SUPERANTISPYWARE detected a KEYLOGGER when I ran a scan last week and has removed it from my computer. Since then, I have run other scans with the anti spyware software and it has not detected any other infections, including the keylogger.
This has never happened to me before and I have no idea as to how I got infected. My wife and I are the only ones who use this computer.
If you need more information, please let me know and I'll send it to you as soon as possible.