• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 405
  • Last Modified:

how can i determine if ctfmon.exe is running as a trojan or a legitimate Windows process??

hello,

i've noticed in one of our servers that ctfmon.exe is running, and i've read that it can be -beside being a legitimate Windows process - also a trojan that allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data.  but we can Determine whether this process is a virus or a legitimate Windows process depends on the directory location it executes or runs from in WinTasks.

can anyone help me in this so i can find out if it is a trojan or not?

thanks
0
AZZA-KHAMEES
Asked:
AZZA-KHAMEES
1 Solution
 
SheharyaarSaahilCommented:
Download hijackthis and tun it, save its log file, and open it, it will show that what are the processes running on your system and will show their path too, if ctfmon.exe is running from C:\Windows\System32 folder, then its the legitimate windows process, otherwise you can check out that where it is residing and can move furhter from there.

Download Hijackthis from here >> http://www.majorgeeks.com/download3155.html
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now