Results 1 to 3 of 3

Thread: Trojan continues to come alive and attempts to FTP

  1. #1
    g8rboyorlando Guest

    Default Trojan continues to come alive and attempts to FTP

    I discovered a week ago that my virus definitions were not auto-updating and was directed by Tech Support to get version 9 of Anti-virus. After upgrading, I was able to get currrent definitions, and I started detecting Trojans I hadn't encountered before. Although ZA indicates that it's Quarantining them, the same ones keep showing up again and again. I discovered that one launches FTP and feeds it a script that copies in executable files to my PC. I added a file called FTP.COM to my Windows XP system32 folder so that the Trojan would actually launch it instead of FTP.EXE (since COM's launch first). The trojan has been launching FTP.COM, and I'd really like to determine what its source is. I suspect it has infected some background process, but I don't have a clue which one(s). I haven't identified a clear pattern of any kind yet.

    Does anyone have any suggestions about where to start trapping this problem so I can permanently fix it? I fear that it may actually be sending personal data/files from my PC.

    Thanks very much.

  2. #2
    Join Date
    Nov 2004
    Location
    localhost
    Posts
    17,286

    Default Re: Trojan continues to come alive and attempts to FTP

    Hi!
    please see sticky post to learn how to clean the system.

    Cheers,
    Fax

    Click here for ZA Support
    Monday-Saturday 6am to 10pm Central time
    Closed Sundays and Holidays

  3. #3
    riceorony Guest

    Default Re: Trojan continues to come alive and attempts to FTP

    Personally, I feel a quick reformat is in order to make sure any issues have been removed...

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •