Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 407
  • Last Modified:

how can i determine if ctfmon.exe is running as a trojan or a legitimate Windows process??

hello,

i've noticed in one of our servers that ctfmon.exe is running, and i've read that it can be -beside being a legitimate Windows process - also a trojan that allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data.  but we can Determine whether this process is a virus or a legitimate Windows process depends on the directory location it executes or runs from in WinTasks.

can anyone help me in this so i can find out if it is a trojan or not?

thanks
0
AZZA-KHAMEES
Asked:
AZZA-KHAMEES
1 Solution
 
SheharyaarSaahilCommented:
Download hijackthis and tun it, save its log file, and open it, it will show that what are the processes running on your system and will show their path too, if ctfmon.exe is running from C:\Windows\System32 folder, then its the legitimate windows process, otherwise you can check out that where it is residing and can move furhter from there.

Download Hijackthis from here >> http://www.majorgeeks.com/download3155.html
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now