Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

how can i determine if  ctfmon.exe is running as a trojan or a legitimate Windows process??

Posted on 2006-06-12
1
Medium Priority
?
399 Views
Last Modified: 2013-12-04
hello,

i've noticed in one of our servers that ctfmon.exe is running, and i've read that it can be -beside being a legitimate Windows process - also a trojan that allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data.  but we can Determine whether this process is a virus or a legitimate Windows process depends on the directory location it executes or runs from in WinTasks.

can anyone help me in this so i can find out if it is a trojan or not?

thanks
0
Comment
Question by:AZZA-KHAMEES
1 Comment
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 2000 total points
ID: 16891734
Download hijackthis and tun it, save its log file, and open it, it will show that what are the processes running on your system and will show their path too, if ctfmon.exe is running from C:\Windows\System32 folder, then its the legitimate windows process, otherwise you can check out that where it is residing and can move furhter from there.

Download Hijackthis from here >> http://www.majorgeeks.com/download3155.html
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
Whether it be Exchange Server Crash Issues, Dirty Shutdown Errors or Failed to mount error, Stellar Phoenix Mailbox Exchange Recovery has always got your back. With the help of its easy to understand user interface and 3 simple steps recovery proced…

782 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question