Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Need Help Removing FTPSVR.EXE Trojan

Posted on 2004-08-31
5
Medium Priority
?
288 Views
Last Modified: 2013-12-04
I have a machine that has the ftpsvr.exe trojan. I deleted the file off the hard drive and removed the registry entry from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run that started up the program. However, when I rebooted the file came back and continues to hang up the machine. I cannot end the process in Task Manager . I restarted in Safe Mode and cannot find the file on the hard drive and the registry entry is still deleted yet the ftpsvr file still runs. I swapped out the machine so I know the problem is not profile related. We are using McAfee VirusScan 7.1.0 with the latest updates. Thanks for your help.
0
Comment
Question by:glehrer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 
LVL 65

Expert Comment

by:SheharyaarSaahil
ID: 11943814
Hello glehrer =)

Download HijackThis v1.98.2, run it, Save the LOG file and Post it here:
http://tools.radiosplace.com/HijackThis.exe
0
 
LVL 29

Accepted Solution

by:
blue_zee earned 1000 total points
ID: 11944604

Have you tried the manual method described by PestPatrol?

http://www.pestpatrol.com/pestinfo/f/ftppw_0_1.asp

Seems quite simple.

Zee
0
 

Author Comment

by:glehrer
ID: 11959336
I ran Spybot and BHODaemon on the machine and after that the computer was fine. I think points ought to go to blue_zee for finding a good solution even though it was not the one I actually used. Any problem with that?
0
 
LVL 29

Expert Comment

by:blue_zee
ID: 11961017

Glad you're out of trouble.

If you feel I helped in any way, assigning points is OK.

If not, you can ask for a refund posting a 0 points question here:

http://www.experts-exchange.com/Community_Support/

Including a link to this question.

Thanks.

Zee
0
 
LVL 29

Expert Comment

by:blue_zee
ID: 11973535

Thank you.

Zee
0

Featured Post

Looking for the Wi-Fi vendor that's right for you?

We know how difficult it can be to evaluate Wi-Fi vendors, so we created this helpful Wi-Fi Buyer's Guide to help you find the Wi-Fi vendor that's right for your business! Download the guide and get started on our checklist today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
Suggested Courses

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question