Solved

ctf loader

Posted on 2006-07-01
6
1,078 Views
Last Modified: 2011-10-03
My ctf loader executable seems to act as spy ware for my web browser. I noticed when I use the hijack this program and remove the cftmon.exe the browser experiences no hesistation. In researching this issue, it seems that the executable is a language application as part of the office suite. Why is it behaving like spyware and how do I permanentely remove it? Also I noticed the driverT file as well and that seems to help. Both reappear again and again in the hijack log. And once I remove them, I'm able to have seemless web surfing.
Thank you,
Brad
0
Comment
Question by:bstagy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 97

Expert Comment

by:war1
ID: 17024465
Greetings, bstagy !

Cftmon.exe is part of the Microsoft Office suite and handles speech input for this product.  It can also be added by the Troj/Delbot-B TROJAN/IRC backdoor!

To remove this file, you may need Killbox or Unlocker
Use Killbox or Unlocker in Safe Mode to remove hard to remove file.

Killbox to remove stuborn files
http://www.scancomplete.com/download/killbox/
OR
Unlocker
http://www.majorgeeks.com/download4660.html

Best wishes!
0
 
LVL 19

Accepted Solution

by:
simpswr earned 125 total points
ID: 17024575
Go into msconfig startup and uncheck Ctfmon  . . that will keep it from starting and should allow HJT to kill it for good . . Turn off system restore first, so that it does not come back
0
 
LVL 97

Expert Comment

by:war1
ID: 17043561
bstagy,

We have not heard from you. Did any comment help you solve your problem? Do you have any more question? If an Expert helped you, please accept his/her answer above with an excellent or good grade.

Thanks, war1
0
 

Author Comment

by:bstagy
ID: 17043653
Thanks guys for your help. I tried simpswr's suggestion because it was easiest to do. It worked.
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

For both online and offline retail, the cross-channel business is the most recent pattern in the B2C trade space.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question