I discovered a week ago that my virus definitions were not auto-updating and was directed by Tech Support to get version 9 of Anti-virus. After upgrading, I was able to get currrent definitions, and I started detecting Trojans I hadn't encountered before. Although ZA indicates that it's Quarantining them, the same ones keep showing up again and again. I discovered that one launches FTP and feeds it a script that copies in executable files to my PC. I added a file called FTP.COM to my Windows XP system32 folder so that the Trojan would actually launch it instead of FTP.EXE (since COM's launch first). The trojan has been launching FTP.COM, and I'd really like to determine what its source is. I suspect it has infected some background process, but I don't have a clue which one(s). I haven't identified a clear pattern of any kind yet.
Does anyone have any suggestions about where to start trapping this problem so I can permanently fix it? I fear that it may actually be sending personal data/files from my PC.
Thanks very much.