Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Under Heavy Attack By All Sorts Of Things: Viruses, Trojans, Worms. I Find One Of Them Every Day!


  • Please log in to reply
2 replies to this topic

#1 fxkingg

fxkingg

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 17 September 2006 - 04:11 AM

Hi I posted this in the startup forum cause I think the 2 topics may be related, maybe the hacker is using this ctfmon.exe file as a back door to attack me! Recently I've come under heavy attack by all sorts of things: viruses, trojans, worms. I seem to find one of them every day, literally!

Question 1:

Here the problem. I have 2 ctfmon.exe files in startup!!!

But on MSCONFIG I can only see one of them! I use ewido spyware free edition and in it there's a tool that detects startup programs. In ewido I can see that there are 2 programs with the same name at stratup!

The first one has a file name CTFMON.EXE and it's path is C:\WINDOWS\System32\ctfmon.exe and it's location is Registry\HKCU\RUN

The second one has the same name CTFMON.EXE and it's path is C:\WINDOWS\System32\CTFMON.EXE (all capital letters see) and it's location is Registry\HKU\.Default\...

Sorry I can post the whole location as ewido doesn't show it all.

On MSCONFIG the location for the one and only ctfmon file is HKCU\SOFTWARE\Microsoft\Windows\CurrentVer...

Why do I have 2 ctfmon.exe files in startup? I've read the explanation on this forum and I know that ctfmon.exe can be a worm or malware too.

Is it normal to have 2 ctfmon.exe files or one of them has to be a worm or malware?

Question 2:

Also I've recently come under heavy attack by all sorts of things: viruses, trojans, worms. I seem to find one of them every day!

I use evido spyware free edition ( it has no shield ) and AVG free edition for viruses. But I still use XP service pack one. They say that one is full of holes.

Any suggestions how to increase my security and stop this daily attacks? My opinion is there must be some back door or smth that this hacker is using to constantly attack me. Being attack every day simply defies the odds! Someone is doing this on purpose! There must be smth I can do to stop this!

BC AdBot (Login to Remove)

 


#2 TMacK

TMacK

  • Members
  • 4,672 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:B.C. Canada
  • Local time:01:54 AM

Posted 17 September 2006 - 10:44 AM

For the issues directly related to Ewido,like a missing Shield for instance,you can contact them directly at Wilders Security Forums.
Chaos reigns within.
Reflect, repent, and reboot.
Order shall return.

aaaaaaaa a~Suzie Wagner

#3 fxkingg

fxkingg
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:10:54 AM

Posted 19 September 2006 - 11:07 AM

For the issues directly related to Ewido,like a missing Shield for instance,you can contact them directly at Wilders Security Forums.


That's not the problem, I use the free version, so no shield for free version. Can you recommend a free sotfware that would do the same job as ewido?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users