Jump to content

Recommended Posts

An important Microsoft Office file "ctfmon.exe" was incofrrectly identified and removed!

This causes problems with Microsoft Office, as the Windows Installer keeps trying to replace this file.

The log file:

__________________________

Malwarebytes' Anti-Malware 1.36

Database version: 2123

Windows 5.1.2600 Service Pack 3

5/13/2009 10:05:38 AM

mbam-log-2009-05-13 (10-05-24).txt

Scan type: Quick Scan

Objects scanned: 94818

Time elapsed: 18 minute(s), 13 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ctfmon.exe (Trojan.Agent) -> No action taken. [3857535134304144385864365451513847536454523851615248395356345138614674688380848

07185615674796980888461368683837079855570838474807961518679936885717880791570897

0

]

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\WINDOWS\system32\ctfmon.exe (Trojan.Agent) -> No action taken. [3857535134304144385864365451513847536454523851615248395356345138614674688380848

07185615674796980888461368683837079855570838474807961518679936885717880791570897

0

]

Link to post
Share on other sites

I think you are correct. The file ctfmon.exe which Malwarebytes identified as a Trojan was in the Windows\System32 folder, and had exactly the same create date as the other windows XP files in the directory. I don't know how easy it is to fake this property.

As a second check, it might help if the expected size of the suspect file is given, so it can be compared with the original, legitimate windows file.

Best wishes,

Chris Holmes

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.