kxvo.exe PLEASE HELP [RESOLVED]
Started by
amm007
, Mar 05 2008 08:19 AM
#286
Posted 10 August 2008 - 09:50 AM
#287
Posted 10 August 2008 - 09:52 AM
On what computers is the redirection present?
#288
Posted 13 August 2008 - 09:48 AM
1 and 2
#289
Posted 13 August 2008 - 09:58 AM
Only stick to computer one with this tool then we will move on to the rest.
Please download Navilog1 by IL-MAFIOSO:
http://pagesperso-or...ix/Navilog1.exe
(*Alternate download location Here)
* Save it to your Desktop.
* Double-click on Navilog1.exe to install the program.
* When the installation is complete, the tool will start automatically.
* If it doesn't start automatically, please double-click on the Navilog1 shortcut on your Desktop to run it.
* Press E for English from the language Menu.
* Type 1 in the next Menu to select Search and press Enter.
* Wait for the Scan to finish (It may take a reasonable amount of time).
* Press any key as requested .
* A new document will be produced: fixnavi.txt.
* Please copy/paste the contents of this report in your next reply.
The report is also saved in the root of the directory, "%SystemDrive%\fixnavi.txt". (usually C:\fixnavi.txt)
Please download Navilog1 by IL-MAFIOSO:
http://pagesperso-or...ix/Navilog1.exe
(*Alternate download location Here)
* Save it to your Desktop.
* Double-click on Navilog1.exe to install the program.
* When the installation is complete, the tool will start automatically.
* If it doesn't start automatically, please double-click on the Navilog1 shortcut on your Desktop to run it.
* Press E for English from the language Menu.
* Type 1 in the next Menu to select Search and press Enter.
* Wait for the Scan to finish (It may take a reasonable amount of time).
* Press any key as requested .
* A new document will be produced: fixnavi.txt.
* Please copy/paste the contents of this report in your next reply.
The report is also saved in the root of the directory, "%SystemDrive%\fixnavi.txt". (usually C:\fixnavi.txt)
#290
Posted 15 August 2008 - 04:53 AM
Search Navipromo version 3.6.3 began on Fri 08/15/2008 at 18:34:43.50
!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!
Fix running from C:\Program Files\navilog1
Actual User Account : "Adrian"
Updated on 09.08.2008 at 18h00 by IL-MAFIOSO
Microsoft Windows XP [Version 5.1.2600]
Version Internet Explorer : 7.0.5730.13
Filesystem type : NTFS
Search done in normal mode
*** Searching for installed Software ***
*** Search folders in "C:\WINDOWS" ***
*** Search folders in "C:\Program Files" ***
*** Search folders in "C:\Documents and Settings\All Users\startm~1\programs" ***
*** Search folders in "C:\Documents and Settings\All Users\startm~1" ***
*** Search folders in "c:\docume~1\alluse~1\applic~1" ***
*** Search folders in "C:\Documents and Settings\Adrian\applic~1" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Search folders in "C:\Documents and Settings\Adrian\locals~1\applic~1" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Search folders in "C:\Documents and Settings\Adrian\startm~1\programs" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1\startm~1\programs" ***
*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net
*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!
* Scan in "C:\WINDOWS\system32" *
* Scan in "C:\Documents and Settings\Adrian\locals~1\applic~1" *
* Scan in "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
*** Search files ***
*** Search specific Registry keys ***
*** Complementary Search ***
(Search specific files)
1)Search new Instant Access files :
2)Heuristic Search :
* In "C:\WINDOWS\system32" :
* In "C:\Documents and Settings\Adrian\locals~1\applic~1" :
* In "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
3)Certificates Search :
Egroup certificate not found !
Electronic-Group certificate not found !
Montorgueil certificate not found !
OOO-Favorit certificate not found !
Sunny-Day-Design-Ltd certificate not found !
4)Search known files :
*** Search completed on Fri 08/15/2008 at 18:41:13.87 ***
!!! Warning, this report may include legitimate files/programs !!!
!!! Post this report on the forum you are being helped !!!
!!! Don't continue with removal unless instructed by an authorized helper !!!
Fix running from C:\Program Files\navilog1
Actual User Account : "Adrian"
Updated on 09.08.2008 at 18h00 by IL-MAFIOSO
Microsoft Windows XP [Version 5.1.2600]
Version Internet Explorer : 7.0.5730.13
Filesystem type : NTFS
Search done in normal mode
*** Searching for installed Software ***
*** Search folders in "C:\WINDOWS" ***
*** Search folders in "C:\Program Files" ***
*** Search folders in "C:\Documents and Settings\All Users\startm~1\programs" ***
*** Search folders in "C:\Documents and Settings\All Users\startm~1" ***
*** Search folders in "c:\docume~1\alluse~1\applic~1" ***
*** Search folders in "C:\Documents and Settings\Adrian\applic~1" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1\applic~1" ***
*** Search folders in "C:\Documents and Settings\Adrian\locals~1\applic~1" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***
*** Search folders in "C:\Documents and Settings\Adrian\startm~1\programs" ***
*** Search folders in "C:\DOCUME~1\ADMINI~1\startm~1\programs" ***
*** Search with Catchme-rootkit/stealth malware detector by gmer ***
for more info : http://www.gmer.net
*** Search with GenericNaviSearch ***
!!! Possibility of legitimate files in the result !!!
!!! Must always be checked before manually deleting !!!
* Scan in "C:\WINDOWS\system32" *
* Scan in "C:\Documents and Settings\Adrian\locals~1\applic~1" *
* Scan in "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *
*** Search files ***
*** Search specific Registry keys ***
*** Complementary Search ***
(Search specific files)
1)Search new Instant Access files :
2)Heuristic Search :
* In "C:\WINDOWS\system32" :
* In "C:\Documents and Settings\Adrian\locals~1\applic~1" :
* In "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" :
3)Certificates Search :
Egroup certificate not found !
Electronic-Group certificate not found !
Montorgueil certificate not found !
OOO-Favorit certificate not found !
Sunny-Day-Design-Ltd certificate not found !
4)Search known files :
*** Search completed on Fri 08/15/2008 at 18:41:13.87 ***
#291
Posted 15 August 2008 - 11:18 AM
Hmm still nothing.
Let's try this.
Go to Start > Run type in Cmd then hit ok
At the command prompt which will be this C:|WIndows\system32 type in this > ipconfig /flushdns then hit enter.
You should get this message > Successfully flushed the DNS Resolver Cache.
AFter thta reboot and tell me if the redirects are still present?
Let's try this.
Go to Start > Run type in Cmd then hit ok
At the command prompt which will be this C:|WIndows\system32 type in this > ipconfig /flushdns then hit enter.
You should get this message > Successfully flushed the DNS Resolver Cache.
AFter thta reboot and tell me if the redirects are still present?
#292
Posted 17 August 2008 - 05:40 PM
Its still present. Ill just try to back-up format the disk and then i will get back here to repost logs. Let me know if there is still traces of virus from my backup scheme. Thanks!
#293
Posted 17 August 2008 - 06:32 PM
Ok.
#294
Posted 18 August 2008 - 06:48 AM
I have just finished reformatting my PC. What scanner log do I post? site redirection became present in my browser. i suspect its because of my removable hard drive. i havent plugged any usb disk other than that. i plan to format that drive too after some back-ups and use it on computer 2 to format and back up again. thanks!
#295
Posted 18 August 2008 - 05:56 PM
You didn't do a repair install did you?
#296
Posted 19 August 2008 - 07:06 AM
what do you mean by repair install?
#297
Posted 19 August 2008 - 08:39 AM
That means that you did not format the drive just put in the disk and chose R for repair to repair the files.
You should not have redirects if you did it as format (Wiping the drive clean then re-installing Windows.)
You should not have redirects if you did it as format (Wiping the drive clean then re-installing Windows.)
#298
Posted 19 August 2008 - 09:48 AM
No i did not. i formatted the whole drive c. But I cant let go of my files so i backed it up in the removable hard disk (which seems infected). I opened it using the run prompt for security purposes but still it infected my computer with the link redirection...looks like we just have to wipe clean this thing..
#299
Posted 19 August 2008 - 09:52 AM
Yes if you don't you will end up in the same place as before.
#300
Posted 19 August 2008 - 09:56 PM
Okay. But i guess this minimized the rate of resiliency. Shall we proceed to completely cleaning the newly formatted computer 1? afterwards, i'll format computer 2 and use the removable hard disk to back up files at the same time cleaning all other flash disks i have. then lastly, format my removable hard disk. then, we reinspect logs and check if virus symptoms are now gone and is not resilient. is this scheme practical? thanks again for helping this far.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users