I can't read the buttons. And the warning box is not re-sizable. IE7 and XP SP2.

Screenshot below:
http://users.aol.com/bikedave1/ctfmonexe.gif

What are the buttons supposed to display?

For This:

http://users.aol.com/bikedave1/ctfmonexe.gif

Go to this link:Solution to fix the pop-ups in TeaTimer (http://forums.spybot.info/showthread.php?t=122)
This is a bug in TeaTimer 1.4 on which you can`t see buttons:"Deny Change"
and "Allow Change".

yea i had that problem i incidentally allowed the virus to change a few registry before figuring out wtf was happening lol:laugh:

Thanks Tom. :bigthumb: I'll try to alter the program to display properly. Wow, what a bad situation. This bug has existed for over a year and nobody has taken the small bit of time to fix this in the latest download???

Next step is the abolishment of ctfmon.exe. I don't have Office, so the legitimate ctfmon shouldn't be present. That file pops up every time I open a new browser or tab. For now, I have it sort of controlled, but would sure appreciate a low-tech trick to remove the file. Deleting it out of the windows/system32 folder doesn't work. I'm wondering why Spybot can't identify this process and remove it. Sooo many reports of this one over the years.

whoa wait i have ctfmon.exe that runs in my registry and i never installed office tools or anything i dont even have microsoft word.

Yes, but do instances of ctfmon.exe load every time you start a browsing process? Monitor your Spybot Process List and your Windows Task Manager list. This began when a rogue website autoloaded something that replaced my homepage entry to google (or something that looked like google) the other day. The sad thing was that I was attempting to determine if a new prospective user to another vBulletin board was a spammer or not and I checked to see if their home website they listed was real. It was very real, and they were much worse than just a spammer. :mad:

And speaking of Google™, try googling ctfmon.exe. There are as many opinions of what that file can become as there is malware out there. A real puzzle, to be sure.

Yes,an instance of ctfmon.exe does start when I first start Internet Explorer.
ctfmon.exe was added to run on startup after I downloaded Internet Explorer 7,and I've seen elsewhere that that is normal.Do you have Internet Explorer 7,and did you notice ctfmon.exe appearing in task manager right around the time you installed IE7?

Yes,an instance of ctfmon.exe does start when I first start Internet Explorer.
ctfmon.exe was added to run on startup after I downloaded Internet Explorer 7,and I've seen elsewhere that that is normal. Do you have Internet Explorer 7,and did you notice ctfmon.exe appearing in task manager right around the time you installed IE7?

Spybot's Paul Collins Startup list identifies ctfmon as "_CoolWebSearch_ parasite related - hijacking to Slawsearch.com," as do many other malware identifiers. That is why it is suspect on my system. I try to disable it, but it is back in seconds.

Yes, IE7, downloaded recently. But MS database identifies this process as a language helper file installed with all versions of Office. I find it strange that it also ships with IE7. It may, and in fact, evidence is mounting that it does.

There is still conflicting info on what its real purpose is, or if it slows down a system, but this page (http://ask-leo.com/ctfmonexe.html)includes some ways to remove it (about a page down) and some other info.

I saved a copy of the file (renamed elsewhere). When I am offline, I'll see if those removal tricks work and hopefully, report back.

yeah the update of IE7 was prolly around the time i noticed it in fact i did the same thing...kept trying to shut it down

Spybot's Paul Collins Startup list identifies ctfmon as "_CoolWebSearch_ parasite related - hijacking to Slawsearch.com," as do many other malware identifiers.
Yes,it does.
http://www.castlecops.com/s797-Ctfmon_exe.html
This page is about the legit one:
http://www.castlecops.com/s795-ctfmon_exe.html

This is a bit of an older page,but there is more about IE7 and ctfmon.exe here:
http://billpstudios.blogspot.com/2006/10/ie-7-click-dont-install.html



This began when a rogue website autoloaded something that replaced my homepage entry to google (or something that looked like google) the other day.
If you are having malware problems,and/or if you think from the description at Castlecops that the ctfmon.exe on your computer may not be legit(there are also some other things on the startup list about ctfmon.exe if you'd like to search,and look at them also.),you could ask for help in the malware removal forum here,if you aren't receiving help elsewhere.If you would like to post in there,just post back,and I'll post a link to some instructions for you.

ctfmon.exe finally dispatched. If not malware in disguise, an annoying and unneccessary reoccuring loaded file and a huge resource hog.

Shame on MS for this stupid confusing & redundant file being associated with their moribund browser (IE7), and all the trouble it causes. FF, here I come. You finally got me.

Here's how to stop it (XP Pro, and probably XP Home too) from loading, without any fancy programs or hacking.

From the desktop...
Start
Control Panel
Date, Time, Language, and Regional Options
Regional and Language Options
Languages TAB
Details Button
Advanced TAB
(x) "Turn off advanced text services" check box
OK, Apply.

This keeps the file in the system32 folder, but keeps it from launching. This way I can always turn the process back on if I ever need it. :rolleyes:

If one ever needs access to asian charachters or rare alternative input devices, then it might come in handy, but for 99% of users, it can safely be put to sleep.