Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
NAV finds trojan in Serv-U ini file ?
- Thread starter LeBlatt
- Start date
- Thread starter
- #2
- Thread starter
- #4
You really don't want to ignore any virus warning... What virus is being reported?
For example, the old opaserv virus overwrites the win.ini file on any computer system and unless the win.ini file is deleted, the virus will reinfect immediately.
~ K.I.S.S - Don't make it any more complex than it has to be ~
For example, the old opaserv virus overwrites the win.ini file on any computer system and unless the win.ini file is deleted, the virus will reinfect immediately.
~ K.I.S.S - Don't make it any more complex than it has to be ~
- Thread starter
- #6
Just out of curiosity...
~ K.I.S.S - Don't make it any more complex than it has to be ~
~ K.I.S.S - Don't make it any more complex than it has to be ~
- Thread starter
- #9
not a reinstall, it happened just after an update.
If you want to try for yourself, paste this in notepad and save to disk :
[GLOBAL]
Version=4.0.0.4
RegistrationKey=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASgAAA0XVDzwQJwIQCFJlYUxJc1R5BFJlYUw=
BlockAntiTimeOut=1
PacketTimeOut=120
AntiHammer=1
AntiHammerBlock=1800
MaxNrUsers=16
AntiHammerWindow=60
BlockFTPBounceAttack=1
OpenFilesDownloadMode=Exclusive
AntiHammerTries=6
LocalSetupPassword=50284C46
ProcessID=1444
[DOMAINS]
Domain1=0.0.0.0|193.252.48.65|21|thor|1|0
[Domain1]
User1=admin|1|0
User2=kireli|1|0
Logfile=C:\serv-u.ftp\log\%Y-%N.log
LogFileRotation=Monthly
Logging=1
SignOn=C:\serv-u.ftp\setup\signon.txt
SignOff=C:\serv-u.ftp\setup\signoff.txt
User3=polaroid|1|0
User4=sages|1|0
LogIPNames=1
LogFileIPNames=1
User5=spindal|1|0
User6=lexel|1|0
User7=KL01|1|0
LogFTPCommands=1
LogFileFTPCommands=1
LogFTPReplies=1
User8=sirus|1|0
Password=hsDD16E1298D7B0BAC61FAD1B51CB23092
HomeDir=c:\serv-u.ftp\kireli
RelPaths=1
HideHidden=1
AlwaysAllowLogin=1
TimeOut=600
MaxNrUsers=5
Note1="Wizard generated account"
Access1=c:\serv-u.ftp\kireli|RWAMLCDP
[USER=sages|1]
Password=kk76EF9DABE69E183DA5B09BF9A95BBE85
HomeDir=c:\serv-u.ftp\sages
RelPaths=1
TimeOut=600
Access1=c:\serv-u.ftp\sages|RWAMLCDP
[USER=polaroid|1]
Password=ty870F20714CE0DACE3EEA17AAC95077BA
HomeDir=c:\serv-u.ftp\polaroid
RelPaths=1
HideHidden=1
AlwaysAllowLogin=1
ChangePassword=1
TimeOut=600
Access1=C:\serv-u.ftp\polaroid|RWAMLCDP
[USER=spindal|1]
Password=nc72A5F5CC0B464794CCAA73254FDD3AE1
HomeDir=c:\serv-u.ftp\spindal
RelPaths=1
TimeOut=600
Access1=c:\serv-u.ftp\spindal|RWAMLP
[USER=admin|1]
Password=hgA6DD38C9A2521051E18F3B61A180E929
HomeDir=c:TimeOut=600
Maintenance=System
Access1=C:\|RWAMLCDP
Access2=F:\ftp|RWAMLCDP
[USER=lexel|1]
Password=hp9F1748EE1359CC83F2287ED50432D747
HomeDir=c:\serv-u.ftp\lexel
RelPaths=1
AlwaysAllowLogin=1
ChangePassword=1
TimeOut=600
Access1=c:\serv-u.ftp\lexel|RWAMLP
[USER=KL01|1]
Password=hi9E83858DF661F5573541BEC60905AE38
HomeDir=c:\serv-u.ftp\kwiklink
RelPaths=1
TimeOut=600
Access1=c:\serv-u.ftp\kwiklink|WP
[USER=sirus|1]
Password=yo46C44897085135B6C9DFC04E625312D5
HomeDir=c:\serv-u.ftp\sirus
RelPaths=1
TimeOut=600
Access1=c:\serv-u.ftp\sirus|RWAMLCDP
If you want to try for yourself, paste this in notepad and save to disk :
[GLOBAL]
Version=4.0.0.4
RegistrationKey=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASgAAA0XVDzwQJwIQCFJlYUxJc1R5BFJlYUw=
BlockAntiTimeOut=1
PacketTimeOut=120
AntiHammer=1
AntiHammerBlock=1800
MaxNrUsers=16
AntiHammerWindow=60
BlockFTPBounceAttack=1
OpenFilesDownloadMode=Exclusive
AntiHammerTries=6
LocalSetupPassword=50284C46
ProcessID=1444
[DOMAINS]
Domain1=0.0.0.0|193.252.48.65|21|thor|1|0
[Domain1]
User1=admin|1|0
User2=kireli|1|0
Logfile=C:\serv-u.ftp\log\%Y-%N.log
LogFileRotation=Monthly
Logging=1
SignOn=C:\serv-u.ftp\setup\signon.txt
SignOff=C:\serv-u.ftp\setup\signoff.txt
User3=polaroid|1|0
User4=sages|1|0
LogIPNames=1
LogFileIPNames=1
User5=spindal|1|0
User6=lexel|1|0
User7=KL01|1|0
LogFTPCommands=1
LogFileFTPCommands=1
LogFTPReplies=1
User8=sirus|1|0
Password=hsDD16E1298D7B0BAC61FAD1B51CB23092
HomeDir=c:\serv-u.ftp\kireli
RelPaths=1
HideHidden=1
AlwaysAllowLogin=1
TimeOut=600
MaxNrUsers=5
Note1="Wizard generated account"
Access1=c:\serv-u.ftp\kireli|RWAMLCDP
[USER=sages|1]
Password=kk76EF9DABE69E183DA5B09BF9A95BBE85
HomeDir=c:\serv-u.ftp\sages
RelPaths=1
TimeOut=600
Access1=c:\serv-u.ftp\sages|RWAMLCDP
[USER=polaroid|1]
Password=ty870F20714CE0DACE3EEA17AAC95077BA
HomeDir=c:\serv-u.ftp\polaroid
RelPaths=1
HideHidden=1
AlwaysAllowLogin=1
ChangePassword=1
TimeOut=600
Access1=C:\serv-u.ftp\polaroid|RWAMLCDP
[USER=spindal|1]
Password=nc72A5F5CC0B464794CCAA73254FDD3AE1
HomeDir=c:\serv-u.ftp\spindal
RelPaths=1
TimeOut=600
Access1=c:\serv-u.ftp\spindal|RWAMLP
[USER=admin|1]
Password=hgA6DD38C9A2521051E18F3B61A180E929
HomeDir=c:TimeOut=600
Maintenance=System
Access1=C:\|RWAMLCDP
Access2=F:\ftp|RWAMLCDP
[USER=lexel|1]
Password=hp9F1748EE1359CC83F2287ED50432D747
HomeDir=c:\serv-u.ftp\lexel
RelPaths=1
AlwaysAllowLogin=1
ChangePassword=1
TimeOut=600
Access1=c:\serv-u.ftp\lexel|RWAMLP
[USER=KL01|1]
Password=hi9E83858DF661F5573541BEC60905AE38
HomeDir=c:\serv-u.ftp\kwiklink
RelPaths=1
TimeOut=600
Access1=c:\serv-u.ftp\kwiklink|WP
[USER=sirus|1]
Password=yo46C44897085135B6C9DFC04E625312D5
HomeDir=c:\serv-u.ftp\sirus
RelPaths=1
TimeOut=600
Access1=c:\serv-u.ftp\sirus|RWAMLCDP
- Status
Similar threads
- Locked
- Question
- Locked
- Question