Hi,
I recently noticed that whenever I dial up, pretty soon by checking my firewall traffic log ( Sygate Pro 4.0 ), there's an outbound tcp connection made to a ftp site via the Internet Explorer program using various ports, even though I don't visit the site ( which is ftp.ox.ac.uk 163.1.2.79 ).
Almost instantly an incoming tcp connection is allowed, nearly always on port 21, sometimes port 20 from the same source. Also, every imcp probe from this same source, again on various ports, is allowed.
I've run two top notch anti trojan suites and Kaspersky antivirus 4.0 with full system scans and none report any infection.
I also continually run command prompts ( netstat -n ) and there never seems to be an active connection. So, I'm more than a little bemused.
If I use Opera ( which I find very slow ) as my browser, none of the above occurs.
I understand that some trojans once executed can attach themselves to a trusted program, usually Internet Explorer, to ' bypass ' firewalls. If I have one, then it's escaped detection.
Which begs the question, have I a virus or not? And if so, how to get rid of the pest?
Any advice will be gratefully received.
