Resource hog, ctfmon.exe or SpyBot'?
Sent basically these exact complaints to SpyBot’ 1-30-06...
Using SpyBot's tools>system startup, SpyBot' lists the ticked key "HK_CU_Run" with a value of "ctfmon.exe", command line "C:\WINDOWS\system32\ctfmon.exe". Added info also shown on this states current file name "C:\WINDOWS\system32\ctfmon.exe", database status "not required - virus, spyware, malware or other resource hog", value "ctfmon.exe", filename "ctfmon32.exe", description "CoolWebSearch parasite related - hijacking to Slawsearch.com", and Source "Paul Collins Startup list".
This led me to examining SpyBot's settings because certainly ctfmon.exe and Ctfmon32 should have been caught in scans.
In SpyBot's settings>ignore products>all products, the default settings (all boxes ticked, ctfmon.exe included) indicating somewhat falsely that SpyBot’ scans will detect and report finding ctfmon.exe, and yet such does not occur in neither the scans results nor the ticking of the system startup items found in SpyBot's tools>system startup list.
Instead when the user become aware of the existence of the so called threat and the user acts on the system startup entry for ctfmon.exe (by un-ticking it and clicking “delete”, not only does MS Antispyware (Beta) immediately report its restoring of ctfmon.exe (back into the windows registry), and upon additional SpyBot’ scans, SpyBot’ consistently fails both in reporting ctfmon.exe and neither does the program re-tick it in the program's tools>system startup items page (as would be expected if the program was actually reporting and listing system startup items and the user has unticked it previously).
In that such ticked items assumedly represent system startup items identified by SpyBot' scasnning, why do SpyBot’ scans consistently fail to prompt the user to act on ctfmon.exe's existence (reportedly in the system startup items)? Even rebooting and after another SpyBot' scan, the system startup item box for ctfmon.exe remains unticked and either still listed or re-listed. If re-listed (which it doesn't appear to be because it is still unticked), it appears that SpyBot' scans both fail to notofy the user nor update the system startup item's page listing.
Even more odd is that SB's settings>ignore products>Hijackers.sbi is also default set with all boxes unticked (which includes CoolWWWSearch Ctfmon32) and despite such being installed on the os, repeatedly SB' scans here again, consistently fails to prompt for the user of the find!
If all that that wasn't enough, surpassing oddities and entering the queer realm, SB's settings>ignore products>PUPS.sbi which should have been default set with all entries unticked, and yet strangely my os had CDilla ticked!!! (incidentally, I unticked it immediately).
To add insult to injury here, added to these revelations, despite numerous requests for teamspybot to provide support (i.e.; repeated submittals of bug reports and scan results), neither teamspybot support or anyone else from SpyBot’ ever provided me any notice of why numerous SpyBot’ scans on my os identified a so called SpyBot’ "common" threat named FCI. And has done so ever since September of 2005, when I first submitted both bugreports and e-mails asking for SpyBot's so called 'common' threat to be identified further than "FCI".
And to little surprise, after so many times asking about what FCI, is, SpyBot’ and/or teamspybot support continues to (at this point) completely ignore my question about FCI as well as even my latest complaint questioning all these issues.
I'm understandably greatly disappointed in SpyBot’ and its associates as there can be little to no excuse for failures and/or misconbooberations in both their product and its wavering technical support.
So, as for part of the ctfmon.exe issues, SpyBot’ has apparently determined a legitimate MS program as being a resource hog?
Otherwise, what with all the other breakdowns in the SpyBot’ program (currently only surrounding the ctfmon.exe issues), is this not a clear case of a false positive by SpyBot', not to mention gross ignorance by SpyBot’ tech support (i.e.; in addition to never yet defining what a 'common threat' named (by SpyBot's scan results) as whatever "FCI" might be, asking about that ever since Sept. of 2005 and still SpyBot’ is mum about this as well, tell you what?
Lastly, I know the tone of my post could be considered a rant, but under the circumstances, I think it is wholly justified as deserving one, regardless that it is not intended as such.
I would hope that this at the very least embarrasses SpyBot' into doing more than perhaps refusing to post this and/or banning me from the site, because the truth often hurts and often woe be to those that tell it.
urrguru
how does one reinstall ctfmon.exe?
I read the stuff on ctfmon.exe.
http://forums.spybot.info/showthread.php?t=324
http://support.microsoft.com/default...b;en-us;282599
Enlightening.
I am running windows 200 pro on one computer and xp on another.
Previously I deleted ctfmon.exe on my win2k machine. Maybe on the xp machine also.
Now I am going to install dragon naturally speaking Can I reinstall ctfmon.exe if I need to, and should I?
And how would I do that?
Does anyone know that?
Thanks, Rich (otter357)
ps thanks for the tea timer fix instructions on "new posts"