Jump to content
IObit Forum
Top Free Driver Updater Tools Best 25 PC Optimization Software Best 22 Antimalware Best 22 Uninstaller Software IObit Coupons & Discount Offers PC Optimizer Mac Boost Advice IObit Coupons A Good Utility Program From IObit IObit Promo Codes IObit Coupon Codes IObit Coupons and Deals FAQs Driver Booster Pro Review

whost.exe and remcmdstub.exe (related to ctfmon ?) identified as threats and quarantined; why?

Bill K

Recommended Posts

These two modules showed up on my pc in the AppData\Roaming\yKVwEB6x subdirectory with a date of 8/22/2020, first detected by Malware Fighter 8/22, finally quarantined 8/28 when I consented to it. The rest of the modules are all dated before 3/22/2018. Why were these detected? How get a good copy of them as I presume ctfmon is actually something that could be useful.

Link to comment
Share on other sites

Hi BillK,

Thanks for your feedback. 

To check whether it is a false positive, please take the steps as follows:
1. Make sure you update to the latest IObit Malware Fighter with the latest database and scan again to see whether the issue repeats. 
2. If it does, please zip the suspicious files with the password "infected", upload it to www.wikisend.com, and then give us the download link

Looking forward to hearing from you.


Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...