View Full Version : Spyware in FTP Commander v7.33

04-22-2005, 11:58 AM
Hi all,

I thought I would post this by way of inquiry and potential warning!

I have (well, I had, before I removed it!) version 7.33 of FTP Commander - whenever I used it for file transfers, my Norton Antivirus would indicate that it had blocked a whole host of spyware, trojans, etc, coming from FTP Commander and also had blocked FTP Commander from attempting to transfer something to some unknown IP address!

Suffice it to say that I no longer use FTP Commander and I wonder if anyone else has seen the same thing? Or perhaps you're using FTP Commander and you didn't know it was doing this!


04-22-2005, 02:38 PM
I just installed the trial of it to try it out, but didn't get any warnings or anything that it was installing crap on my computer. Anyhoo..I got filezilla and ws_ftp pro so I'm going to stick to it.

BTW, I had never even heard of FTP Commander before you said about it :p


04-22-2005, 07:00 PM
oh ye i just go to ftp.coke-news.com no programs needed :p

04-22-2005, 07:10 PM
oh ye i just go to ftp.coke-news.com no programs needed :p

What via windows explorer? :eek: that's a old way to do it....it might work to a certain extent, but I doubt it is that secure and you can't do stuff like CHMOD on *nix servers.

04-22-2005, 07:57 PM
FTP by definition is not secure. It does not matter if you do it from explorer or a dedicated client. FTP is similar to telnet where all the authentication information is exchanged in clear text. A lot of trojans use FTP as a protocol to upload/download malicious code. When the spyware detection program sees an unknown program using the protocol, it is going to flag it as a spyware. This is not to say that FTP commander does not have spyware, but to say that I have seen trojans use FTP protocol.

04-23-2005, 10:10 AM
Just a thought (an idle musing) - I believe I can set up an S-FTP server on my Linux box - if I do this, I presume I will also need an S-FTP compatible client? If so, do you know where I can get one from? And I'm sure my web host would not be averse to setting up and S-FTP server for me.

A further thought occurs ... one could quickly and easily write a web page (with a whole load of file upload boxes) to transfer files using S-HTTP instead of S-FTP ... presumably more secure over a network than standard FTP.

A penny for your thoughts ...

04-23-2005, 11:43 AM
You should be able to reference this thread http://www.codingforums.com/showthread.php?t=53169

04-23-2005, 12:04 PM
Ta! :D