The Security Administrator confirmed that the access to the servers was through a compromised FTP password and that others have had success using MalwareBytes and ComboFix to ensure the malware was gone. My hosting provider has removed all injections that we know about. I'm guessing that the System Tool Malware communicated FTP info from my FileZilla program. Within the injected line of code was the URL (maybe you've seen this before). ![]() A line of code had been injected into random files througout the system. Yesterday I found that a couple of my servers had been accessed through and unauthorized FTP. After about 15 minutes of use the System Tools popped up again! I went through the same removal process as before and have not seen the System Tools Malware since. All found viruses were selected for removal. To fix the problem I rebooted in safe mode and ran the program rkill.exe followed by MalwarBytes. ![]() My PC was recently infected with the System Tool Malware.
0 Comments
Leave a Reply. |