Erro ao tentar instalar antivirus

[Nego Curioso 0]

Bem gostaria de poder ser ajudado.

 

Estava com virus em meu PC. detectado pelo Northon. Sendo que estou com problemas para realizar instalacão de qualquer antivirus e alguns programas de dectacão e remocão de virus. Pois sempre notificam erros.

 

NOTIFICA,CÃO DE ERRO.

somes files could not be created. please close all applications, reboot windows and restart this installations.

 

LOG DE ERRO DO ANTIVIR

Extracting eula.txt

Extracting readme.txt

Extracting basic\addr_file.html

Extracting filelist.ini

Extracting product.ini

Extracting basic\vista64\avgntflt.inf

Extracting basic\avipbb.inf

Extracting basic\ssmdrv.inf

Extracting basic\avadmin.exe

Cannot create basic\avadmin.exe

Extracting basic\avcenter.exe

Cannot create basic\avcenter.exe

Extracting basic\avconfig.exe

Cannot create basic\avconfig.exe

Extracting basic\avgnt.exe

Cannot create basic\avgnt.exe

Extracting basic\avguard.exe

Cannot create basic\avguard.exe

Extracting basic\avnotify.exe

Cannot create basic\avnotify.exe

Extracting basic\avscan.exe

Cannot create basic\avscan.exe

Extracting basic\guardgui.exe

Cannot create basic\guardgui.exe

Extracting basic\imp64b.exe

Extracting basic\licmgr.exe

Cannot create basic\licmgr.exe

Extracting basic\preupd.exe

Cannot create basic\preupd.exe

Extracting basic\sched.exe

Cannot create basic\sched.exe

Extracting basic\setup.exe

Extracting basic\update.exe

Cannot create basic\update.exe

Extracting basic\wsctool.exe

Cannot create basic\wsctool.exe

Extracting basic\avarkt.dll

Extracting basic\avconfig.dll

Extracting basic\avevtlog.dll

Extracting basic\avewin32.dll

Extracting basic\avgio.dll

Extracting basic\avinet.dll

Extracting basic\avipc.dll

Extracting basic\avnotify.dll

Extracting basic\avpack32.dll

Extracting basic\avpref.dll

Extracting basic\AVReg.dll

Extracting basic\avrep.dll

Extracting basic\avscan.dll

Extracting basic\avwinll.dll

Extracting basic\ccev.dll

Extracting basic\ccevrc.dll

Extracting basic\ccgen.dll

Extracting basic\ccgenrc.dll

Extracting basic\ccgrdrc.dll

Extracting basic\ccguard.dll

Extracting basic\cclib.dll

Extracting basic\cclic.dll

Extracting basic\cclicrc.dll

Extracting basic\ccmainrc.dll

Extracting basic\ccmsg.dll

Extracting basic\ccprofil.dll

Extracting basic\ccquamgr.dll

Extracting basic\ccquarc.dll

Extracting basic\ccreporc.dll

Extracting basic\ccreport.dll

Extracting basic\ccscanrc.dll

Extracting basic\ccsched.dll

Extracting basic\ccscherc.dll

Extracting basic\ccupdate.dll

Extracting basic\ccupdrc.dll

Extracting guardevt.dll

Extracting basic\guardmsg.dll

Extracting basic\licmgr.dll

Extracting basic\luke.dll

Extracting basic\lukeres.dll

Extracting basic\mfc71u.dll

Extracting basic\mgrs.dll

Extracting basic\msgclient.dll

Extracting basic\msvcp71.dll

Extracting basic\msvcr71.dll

Extracting basic\netnt.dll

Extracting basic\psapi.dll

Extracting rchelp.dll

Extracting rcimage.dll

Extracting rctext.dll

Extracting basic\scewxml.dll

Extracting basic\schedr.dll

Extracting basic\setup.dll

Extracting basic\shlext.dll

Extracting basic\shlext64.dll

Extracting basic\smtplib.dll

Extracting basic\sqlite3.dll

Extracting basic\unacev2.dll

Extracting basic\updgui.dll

Extracting basic\updguirc.dll

Extracting basic\updlib.dll

Extracting basic\updlibrc.dll

Extracting wksstats.dll

Extracting basic\avgio.sys

Extracting basic\avgio64.sys

Extracting basic\XP\avgntdd.sys

Extracting basic\NT\avgntdd.sys

Extracting basic\2k\avgntdd.sys

Extracting basic\XP\avgntflt.sys

Extracting basic\2k\avgntflt.sys

Extracting basic\xp64\avgntflt.sys

Extracting basic\vista64\avgntflt.sys

Extracting basic\NT\avgntmgr.sys

Extracting basic\2k\avgntmgr.sys

Extracting basic\XP\avgntmgr.sys

Extracting basic\avipbb.sys

Extracting basic\ssmdrv.sys

Extracting scanjob.avj

Extracting startupd.avj

Extracting updjob.avj

Extracting alldiscs.avp

Extracting alldrives.avp

Extracting folder.avp

Extracting mydocs.avp

Extracting process.avp

Extracting rmdiscs.avp

Extracting rootkit.avp

Extracting sysdir.avp

Extracting sysscan.avp

Extracting basic\common_msg.avr

Extracting basic\update_msg.avr

Extracting basic\vista64\avgntflt.cat

Extracting avwin.chm

Extracting basic\avconfig.cpl

Extracting build.dat

Extracting setupprf.dat

Extracting hbedv.key

Extracting antivir.oem

Extracting weblink.url

Extracting basic\antivir0.vdf

Extracting basic\antivir1.vdf

Extracting basic\antivir2.vdf

Extracting basic\antivir3.vdf

Extracting ccplg.xml

Extracting sweb.zip

Extracting basic\2k

Extracting basic\AMD64

Extracting basic\NT

Extracting basic\vista64

Extracting basic\XP

Extracting basic\xp64

Extracting basic

 

 

LOG DO HIJACKTHIS

Logfile of HijackThis v1.99.1

Scan saved at 15:55:49, on 4/11/2007

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\tp4serv.exe

C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\WINDOWS\System32\svchost.exe

C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE

C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Documents and Settings\Nego\Meus documentos\Programas\Hijackthis\hijackthis\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = &http://home.microsoft.com/intl/br/access/allinone.asp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll

O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32

O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC

O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName

O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe

O4 - HKLM\..\Run: [soundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe

O8 - Extra context menu item: Enviar para &Bluetooth - C:\Arquivos de programas\CVRDPVI\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O17 - HKLM\System\CCS\Services\Tcpip\..\{B189D6CD-B31A-44CA-8881-4E2B8A09BA41}: NameServer = 200.165.132.154 200.149.55.142

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: !SASWinLogon - C:\Arquivos de programas\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll

O23 - Service: Bluetooth Service (btwdins) - Unknown owner - C:\Arquivos de programas\CVRDPVI\ThinkPad\Bluetooth Software\bin\btwdins.exe (file missing)

O23 - Service: Google Updater Service (gusvc) - Google - C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe

 

 

AGRADECO DESDE JÁ E ESTOU NO AGUARDO PELA AJUDA...

[Pablo RD 5]

naum pode instalar dois antivirus, eles entram em conflitos um com o outro por causa do banco de daods de virus..

[Nego Curioso 0]

Certo, quanto a isso com certeza ! Só que esqueci de citar anteriormente que já havia desintalado o NORTHON antes de tentar realizar tal opereção !

 

Outra coisa, creio que esteja dando está notificação de erro devido meu notbook ter sido enfectado pelo KEYLOGGER ARDAMAX, sendo que mesmo depois de muita dificuldade consegui realizar a extração do mesmo, receio que alguma pasta do arquivo de sistema tenha sido danificada. Impossibilitando assim a realização de tais operações sendo que tambem tive notificação de erro ao tentar realizar a instalação de outros programas.

 

Espero por ajudas...

[Nego Curioso 0]

Tem outra coisa....

 

Ainda mais cedo, ao cansar de ficar tentando resolver o problema, constatei que não é possivel realizar a formatação do HD, e nem a desintalação do windows, da um erro ao tentar instalar o wind.XP, alegando que possivelmente existe uma area danificada ou infectada por virus...

 

Ai lembrei a respeito do Ardamax Keylogger, ai pergunto, sera que ele poderia ter causado algum dano nas pastas de registros do win.xp !?

 

Desde já Agradecido...

[Traks 6]

Sugiro que você faça um post com o seu log do hijack this lá na seção de segurança......

lá na seção segurança tem um topico fixo instruindo o uso do hijackthis!

 

t+