Solved

how can i determine if  ctfmon.exe is running as a trojan or a legitimate Windows process??

Posted on 2006-06-12
1
396 Views
Last Modified: 2013-12-04
hello,

i've noticed in one of our servers that ctfmon.exe is running, and i've read that it can be -beside being a legitimate Windows process - also a trojan that allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data.  but we can Determine whether this process is a virus or a legitimate Windows process depends on the directory location it executes or runs from in WinTasks.

can anyone help me in this so i can find out if it is a trojan or not?

thanks
0
Comment
Question by:AZZA-KHAMEES
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 500 total points
ID: 16891734
Download hijackthis and tun it, save its log file, and open it, it will show that what are the processes running on your system and will show their path too, if ctfmon.exe is running from C:\Windows\System32 folder, then its the legitimate windows process, otherwise you can check out that where it is residing and can move furhter from there.

Download Hijackthis from here >> http://www.majorgeeks.com/download3155.html
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Do you want to know how to make a graph with Microsoft Access? First, create a query with the data for the chart. Then make a blank form and add a chart control. This video also shows how to change what data is displayed on the graph as well as form…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question