Solved

ctf loader

Posted on 2006-07-01
6
1,034 Views
Last Modified: 2011-10-03
My ctf loader executable seems to act as spy ware for my web browser. I noticed when I use the hijack this program and remove the cftmon.exe the browser experiences no hesistation. In researching this issue, it seems that the executable is a language application as part of the office suite. Why is it behaving like spyware and how do I permanentely remove it? Also I noticed the driverT file as well and that seems to help. Both reappear again and again in the hijack log. And once I remove them, I'm able to have seemless web surfing.
Thank you,
Brad
0
Comment
Question by:bstagy
  • 2
6 Comments
 
LVL 97

Expert Comment

by:war1
ID: 17024465
Greetings, bstagy !

Cftmon.exe is part of the Microsoft Office suite and handles speech input for this product.  It can also be added by the Troj/Delbot-B TROJAN/IRC backdoor!

To remove this file, you may need Killbox or Unlocker
Use Killbox or Unlocker in Safe Mode to remove hard to remove file.

Killbox to remove stuborn files
http://www.scancomplete.com/download/killbox/
OR
Unlocker
http://www.majorgeeks.com/download4660.html

Best wishes!
0
 
LVL 19

Accepted Solution

by:
simpswr earned 125 total points
ID: 17024575
Go into msconfig startup and uncheck Ctfmon  . . that will keep it from starting and should allow HJT to kill it for good . . Turn off system restore first, so that it does not come back
0
 
LVL 97

Expert Comment

by:war1
ID: 17043561
bstagy,

We have not heard from you. Did any comment help you solve your problem? Do you have any more question? If an Expert helped you, please accept his/her answer above with an excellent or good grade.

Thanks, war1
0
 

Author Comment

by:bstagy
ID: 17043653
Thanks guys for your help. I tried simpswr's suggestion because it was easiest to do. It worked.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are 2 things you must have in order to connect to the internet behind a router, The "Gateway IP" of the router, which is usually something like 192.168.xxx.1, I've seen routers with default values of: 192.168.0.1, 192.168.1.1, 192.168.11.1, …
Ok I have been working on this for some time having learned and gained certification in XenDesktop 4 along came version 5 which was released last month. Since then I have been working to deploy XenDesktop 5 in a small environment with only 2 virt…
This Micro Tutorial will give you a basic overview how to record your screen with Microsoft Expression Encoder. This program is still free and open for the public to download. This will be demonstrated using Microsoft Expression Encoder 4.
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now