Just want to thank Glasswire,
I found a hidden FTP malware which you can’t even google! it was continuously uploading, undetected by malwarebytes and panda.
Thanks for helping me destroy it 
3 Likes
Cool story! If you have any screenshots and if you feel comfortable please post them, or email us if you aren’t allowed to.
Thanks!
I Hope This Was Forwarded To Malwarebytes, Etc. What Is The Ftp File Name Or Some Kind Of Identification So Others Can Find It And Zap It.
Yep luckily HitmanPro caught it as suspicious, and Kaspersky Free Removal caught it as “Not a Virus, Serv.FTP” … technically not a virus but more a suspicious backdoor FTP distribution server disguised as WinLogon.exe!.
In the same folder it had a ton of movies all in Rar archives.
Thanks Guys (Y) now to find out how it got on
Think i found out how it got on,
I run a teamspeak 3 server, and noticed there is a critical remote code execution 2 months ago http://seclists.org/fulldisclosure/2016/Aug/61
2 days after the disclosure is published, the files are created on my server!
