with another developer on a Web site that was hosting on a Windows server. There were frequent code injections. I contacted the host's tech support and they sent me the FTP logs. Turns out that the other developer's FTP account was hijacked. This may or may not have been due to a virus/malware infection on his computer. I suggest you change the password and then try it again. If it continues, then you have something on your computer. If it stops, all is good. If it does indeed continue trying using another computer and see if it happens again.
I doubt it happens because you store your passwords. You can clear all the private data every time your done, however if something is on your computer, it will capture the login information the second you use it, whether you keep a history of it or not.
My website get efected by trojans very often .when i spoke to my webhost they says that it comes from the ftp as it sores the passwords of the website .
Is there any ftp client which does not stores the passwords in the history or is there any setting were by the history get deleted automatically once i close the ftp client .
i am using firezilla now .