1. Este site usa cookies. Ao continuar a usar este site está a concordar com o nosso uso de cookies. Saber Mais.

ajuda: CTFOMON.OXE

Discussão em 'Dúvidas e Suporte Técnico PC' iniciada por kalimma, 14 de Agosto de 2007. (Respostas: 6; Visualizações: 870)

  1. Oi!
    Se me poderem ajudar com o seguinte, agradeço imenso!

    depois de rolar o "Fsecure anti-virus on-line" foram detetados alguns virus no meu pc. Daí que ao iniciar o windows apareçe uma mensagem: "o windows nao consegue abrir este ficheiro CTFMON.OXE".

    Baixei o Haijackthis e o relatório é o seguinte:

    Logfile of HijackThis v1.99.1
    Scan saved at 19:45:46, on 14-08-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
    C:\Program Files\Apoint\Apoint.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\ICO.EXE
    C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    C:\Program Files\Sony\ISB Utility\ISBMgr.exe
    C:\Program Files\Apoint\Apntex.exe
    C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
    C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\ClamWin\bin\ClamTray.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\sergio\Desktop\Nova pasta\HijackThis.exe
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.club-vaio.com/en/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE
    O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program Files\Sony\VAIO Camera Utility\VCUServe.exe"
    O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
    O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe
    O4 - HKLM\..\Run: [Switcher.exe] C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe
    O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
    O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [RavAV] C:\WINDOWS\AdobeR.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [road draw] C:\DOCUME~1\sergio\APPLIC~1\FORDER~1\DVD OPTION START.exe
    O4 - Startup: CTFMON.0XE
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Gerenciador de serviços.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O8 - Extra context menu item: Download &Flash Movies - C:\Program Files\Flash2X\Flash Hunter\save.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: SWF Capture tool - C:\Program Files\Eltima Software\Flash Decompiler\iebt.html
    O8 - Extra context menu item: Transfer by Image Converter 2 Plus - C:\Program Files\Sony\Image Converter 2\menu.htm
    O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Flash2X Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: &Launch Flash Hunter - {77B563A5-2A35-4E6B-BFC8-F4B6BB65D5DF} - C:\Program Files\Flash2X\Flash Hunter\save.htm (file missing) (HKCU)
    O9 - Extra button: Flash Decompiler SWF Capture tool - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\Program Files\Eltima Software\Flash Decompiler\iebt.dll (HKCU)
    O9 - Extra 'Tools' menuitem: Flash Decompiler SWF Capture tool menu - {86B4FC19-8FA4-4FD3-B243-9AEDB42FA2D5} - C:\Program Files\Eltima Software\Flash Decompiler\iebt.dll (HKCU)
    O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
    O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/
    O15 - Trusted Zone: *.sony-europe.com
    O15 - Trusted Zone: *.sonystyle-europe.com
    O15 - Trusted Zone: *.vaio-link.com
    O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {637BB540-6ABA-11D4-901D-00D0090CB3BC} (FMClass Class) - http://www.flashants.com/codebase/fmplayer.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{06950F26-FF21-4FC6-B85A-9CEA23A460BC}: NameServer = 85.255.114.78,85.255.112.101
    O17 - HKLM\System\CCS\Services\Tcpip\..\{0E8876DF-8A34-42E8-93D4-8D1883A1DBE8}: NameServer = 85.255.114.78,85.255.112.101
    O17 - HKLM\System\CCS\Services\Tcpip\..\{2BDF444A-E544-4CC4-BE03-88E3A986A731}: NameServer = 85.255.114.78,85.255.112.101
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5DB03BB3-893C-4C74-8AE3-206D302743CA}: NameServer = 85.255.114.78,85.255.112.101
    O17 - HKLM\System\CCS\Services\Tcpip\..\{ACF68A4C-F4F0-4D39-A1E7-FF935D98F8D4}: NameServer = 85.255.114.78,85.255.112.101
    O17 - HKLM\System\CCS\Services\Tcpip\..\{AE4E95C8-00B1-44CD-B4ED-DD9B31CC9367}: NameServer = 85.255.114.78,85.255.112.101
    O17 - HKLM\System\CCS\Services\Tcpip\..\{C5A01512-CFC5-4ABF-B598-00ADFC91DA56}: NameServer = 85.255.114.78,85.255.112.101
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.78 85.255.112.101
    O17 - HKLM\System\CS1\Services\Tcpip\..\{06950F26-FF21-4FC6-B85A-9CEA23A460BC}: NameServer = 85.255.114.78,85.255.112.101
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.78 85.255.112.101
    O17 - HKLM\System\CS2\Services\Tcpip\..\{06950F26-FF21-4FC6-B85A-9CEA23A460BC}: NameServer = 85.255.114.78,85.255.112.101
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.78 85.255.112.101
    O20 - Winlogon Notify: VESWinlogon - C:\WINDOWS\SYSTEM32\VESWinlogon.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
    O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
    O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
    O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
    O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
    O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP (file missing)
    O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
    O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Unknown owner - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server (file missing)
    O23 - Service: VAIO Cooporated Initialisation (VCI) - Sony Corporation - C:\Program Files\Sony\VAIO Cooperated Initialisation\VCI_SVC.exe
    O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
    O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
    O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe


    muito obrigado.
     
  2. luikki

    luikki Power Member

    em primeiro lugar, se tivesse lido as instruções do hjt, nõ o tinhas instalado no ambiente de trabalho....
    em segundo lugar, já vi muita coisa mas ainda não tinha visto um computador com tanta tralha como o teu....
    em terceiro lugar, ou eu estou a ver muito mal, ou não tens antivírus instalado....

    por isso, instala um antivírus - recomendo o avast - que para além de dectectar os "bichos", também os limpa...
    depois livra-te dessa tralha toda, desactiva o restauro de sistema, e instala, actualiza e activa a ferramenta de imunização do spybot. corre-o e limpa o que ele encontrar....
     
  3. the_killer

    the_killer Power Member

    o ctfmon.exe é um componente do office
     
  4. WhizzZ

    WhizzZ Power Member

    LOLOL mai nada ... nunca vi nada assim e ja mexi em computadores BEM carregados LOL nem sei como isso ainda se mexe ^^

    yup é isso mm :)
     
  5. Muito obrigado. Fiz como disseste e parece que resolvi os problemas todos, excepto não conseguir aceder á partição "D:" do meu disco rigido atraves do atalho no ambiente de trabalho. Só consigo aceder atraves do explorador.
    Alguma sugestão?
     
  6. Vorador

    Vorador Power Member

    Dependendo do sitio onde esteja a correr. Existe um vírus que carrega um ctfmon.exe e que por acaso também escreve um ficheiro "autorun.inf" para todas as partições do sistema. É dai que vem este erro:

    Isso acontece porque alguns anti-virus eliminam o .exe e todos os outros ficheiros referentes ao virus excepto os autorun.inf. Assim que apagares o "autorun.inf" que está na raiz do D: e fizeres reboot esse erro desaparece.
     
    Última edição: 15 de Agosto de 2007
  7. nao encontro nenhum ficheiro inf em d:
     

Partilhar esta Página