I did a fresh install, had loads of viruses and then did a reinstall!!

now my problem is only a few trojans, wich I cant seem to get rid off...

fx I have ftp.exe running tho I have shut it off the net, I did adaware, spybuster, norton and one more... noone removes em!!!

well the worse one is that when I use the computer then after a little while it logs of the internet by itself... I had it once before but it went away by itself, now I want it sorted so if u could help me plz... HEEEEELP!!!

the system is Windows XP SP2

you need to check what processes are running on your machine. Download ProcessExplorer from systeminternals and trace the directory and then kill the process tree, and delete the offending folder/files.

Once that is done, then you will need to clear out the registy keys, this can be done from the advanced section of SpyBot- Search and Destroy.

killing the "process tree" will stop ftp.exe running, but I think that it is a protected system file name, so if it is running from %root%\system32 then it may be tricky, look up what service it is running from (via process explorer again) and disable it.

Also checkout HiJackThis to clean up nasty files.

Then grab a good antivirus program, run a full system clean up, and set it to real time mode to check files as they are downloaded / opened.

Also consider installing a firewall.

this is because it is a program that you installed .. so the spyware and antiviruse programs think it is a legit program .

to stop it type " msconfig " in the start then run menu
then click startup and untick the programs you do not want to start as windows starts .. most of the programs you see here can be unticked.
if any problems start after unticking something just go back in and tick them again.

Ewan ( Baldy )

Whats a good trojan finding program (free pref)?

Whats a good trojan finding program (free pref)?


HiJackThis - is The best

http://www.majorgeeks.com/download3155.html

HijackThis doesnt exactly find trojans right? Its more of a registry editor, hijacked browser thingy and spyware/adware remover isn't it?

GG, do you have more than 1 drive? If you do, try removing them and then doing a fresh install.... sounds like something else on another drive is actually infected with the virus....

http://auditmypc.com/

Thats a good place to look for stuff too.

HijackThis doesnt exactly find trojans right? Its more of a registry editor, hijacked browser thingy and spyware/adware remover isn't it?

GG, do you have more than 1 drive? If you do, try removing them and then doing a fresh install.... sounds like something else on another drive is actually infected with the virus....

http://auditmypc.com/

Thats a good place to look for stuff too.

well, a trojan is usually an unwanted process that has set itself up as a service, so HijackThis is great at detecting these, and will identify unwanted programs / trojans where other packages dont spot them.

Baldy, what you suggest doesn't necessarily work. Some of these buggers will replicate and they will just keep ap[earing in the startup, no matter what u do. I've been there, lol...
I use HitmanPro, which is a compiled executable of 16 megs that has everything in it (adware, spyblaster, Merling, Stinger etc etc.) and is completely free, scriptdriven (you need to do nowt , and will auto-update. Run it once a week and Bob's your uncle...
http://www.hitmanpro.nl
I don't even have a virusscanner running anymore...

if you know the name of the trojan or virus then maybe this can help you out .

http://www.bitdefender.com/html/free_tools.php

Baldy, what you suggest doesn't necessarily work. Some of these buggers will replicate and they will just keep ap[earing in the startup, no matter what u do. I've been there, lol...
I use HitmanPro, which is a compiled executable of 16 megs that has everything in it (adware, spyblaster, Merling, Stinger etc etc.) and is completely free, scriptdriven (you need to do nowt , and will auto-update. Run it once a week and Bob's your uncle...
http://www.hitmanpro.nl
I don't even have a virusscanner running anymore...
It's in nederlands..gotta figure out what everything means......

/me slaps bullet. Its in DUTCH you gimp!!

lol ok guys... this really is alot of good advises but nothing helps.. Im trying that dutch/nederlandish one now tho!!

Just press OK OK???

ftp.exe (ftp://ftp.exe) is a standard windows program to ftp in a dos box it is standard located in c:\windows\system32 folder and also in sys32\dllcache. I use webrootspysweeper finds more and better where adaware not always can remove some things. 30 day trial @www.webroot.com but is not spyware i think, when you install a firewall you wil not see ftrp.exe trying to connect but with a firewall is always a bit safer

yaay the dutch one worked... my computer seems to be working so now Im down to casemodding before the LAN!!

yaay the dutch one worked... my computer seems to be working so now Im down to casemodding before the LAN!!
Hey GG when I see you on CSS ???

Only goes to show GG --->>>> It ain't much if it ain't Dutch....
Everyone shd use this and nothing else, cause it's simply the best all in one solution and it gets upgraded and it costs diddly. Theres many companies that already use it.
Above everything else, it gets the job done...
Nice that you are up and running again, glad to be of service....

u wont see me on css... I cant afford a new comp m8