I can still remember the date to this day. In early January, I was helping a guy who was once my friend rebuild his brutally and viciously attacked and practically torn-down, server. In the process, I had used the web drive FTp client to help him retrieve some content he needed. There were other things on the accessed fileserver, and I wonder if they could have been the cause of this strange, but never fully understood, phenomenon? A few months later, February 23, 2010, in fact, I bought a subscription to NOD32, and it wasn't until a scan on March 3, 2010, that this happened. I awoke to a list of threats that had been discovered supposedly on my computer. NOD said that it could only delete and quarentine them, which was the option I chose, but the real question is where in the world did this one particular one come from? NOD32 called it TrojanDownloader:Win32/Delf.NZL. I can see that being something since Eset has a few descriptions of the Trojan.Delf family in their encyclopedia. But where the file was located According to NOD makes me wonder if both threats in the list were false positives since one of them had a .txt extension. The trojan downloader was located in my web drive cache folder. Strange, isn't it? Why would a trojan bury itself in my cache since a cache is only meant to be a snapshot, and none of the files inside are ever active? And not to mention, since NOD had scanned prior to then, why hadn't it seen those files before? I know for sure that everything's fine now since I've been getting clean scans like every time now, but I still wonder about this.
Edited by chromebuster, 29 June 2010 - 02:48 PM.