[emeraldnzl]

Hello again Chanelo5,

Please try in Safe Mode.

Boot into Safe Mode:

1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

Once in Safe Mode attempt to run as instructed i.e. follow the instructions at Post 12.

If that doesn't work try the double click approach.

Let me know how you get on.

[Advertisements]

When I right click, I have all the options listed below:

Open
Edit
Print
Scan with Norton Antivirus
Scan with Malwarebytes AntiMalware
Send to
Cut Copy
Create Shortcut
Delete
Rename
Properties

Even in Safemode, it gives the same options. When you say double click, are you talking about double click with right click? I double click, right click and I get the same options. When I right click the normal way, the program comes up.

[Chanel05]

When I right click, I have all the options listed below:

Open
Edit
Print
Scan with Norton Antivirus
Scan with Malwarebytes AntiMalware
Send to
Cut Copy
Create Shortcut
Delete
Rename
Properties

Even in Safemode, it gives the same options. When you say double click, are you talking about double click with right click? I double click, right click and I get the same options. When I right click the normal way, the program comes up.

[emeraldnzl]

Hello Chanelo5,

Have you tried double clicking on the program Icon to see whether it will open... just in the normal way i.e. left clicking?

Here are some thoughts I have had about this that may help you.

If we can get Navlog1 open and run the clean up, hopefully we will rid your computer of enough of the infection to enable us to take other measures to make sure your machine is free of malware.

What we are doing trying in Safe Mode is endeavouring to circumvent the possibility of another program stoping you open Navlog1.

Another possibility might be an Anti-Virus, Firewall or AntiSpyware program getting in the way. Equally if you don't have the right permissions it might prevent you running the program. Hence the request to run as an administrator.

I hope the foregoing is of help. In the meantime I am consulting with a moderator about this so you can be sure you have not been forgotten.

[Chanel05]

I can left (double) click and the program will open, the only thing is, it only opens the normal way. In safemode it's doing the same thing whether right or left clicking.

I do have Nortin Anti-Virus running on my computer. I don't know...hmmmm...

In the meantime, I'll be here.....all alone....right clicking *sniff*.....and left clicking *sniff*, waiting to get my baby fixed. WAAAAAAAAAAAA!!!!!

[emeraldnzl]

Hello Chanel05,

In the meantime, I'll be here.....all alone....right clicking *sniff*.....and left clicking *sniff*, waiting to get my baby fixed. WAAAAAAAAAAAA!!!!!

I know the feeling, life sure is hard when your computer won't work. We are with you though and will work it through even though it might take a little time.

Let's see now. I think we may have been using the Vista instructions with the right click instruction.

You are saying you can open the program in the normal way with a double left click. That should be all you need.

Try this:

* Double-click on the Navilog1 shortcut icon from your Desktop to run it.
* Press E for English from the language Menu.
* Type 2 in the next Menu and press Enter.
* The tool will then advise you that it will restart your computer.
* Close all open windows and save personnal documents, if any are open.
* If your computer doesn't restart automatically, restart it manually.
* Choose your usual session.
* Wait for the *** Clean finished the ... *** message (It may take a reasonable amount of time)
* A new document will be produced.
* Please copy/paste the contents of this report in your next reply.
* Your Desktop will now appear.

Note : In the event you lose your Desktop, press CTRL+ALT+Delete and run Explorer.exe as a new task.

The report is also saved in the root directory, %SystemDrive%\cleannavi.txt.. (usually C:\cleannavi.txt)

[Chanel05]

Thank you for the reassurance. You sure know how to make a person feel special. Now for the big moment....Drum roll please *in my best opera voice* I HAVE RESUUUUUUUULLLLTTTTSSSSSSSS!!!!!


Navipromo Removal version 3.5.7 started on Sun 06/08/2008 at 12:15:54.10

Fix running from C:\Program Files\navilog1
Actual User Account : "Sjandel Hunter"

Updated on 11.05.2008 at 18h00 by IL-MAFIOSO


Microsoft Windows XP [Version 5.1.2600]
Internet Explorer : 7.0.5730.13
Filesystem type : NTFS

Automatic removal
with Catchme and GNS results


Cleanning stage done on Reboot



*** fsbl1.txt not found ***
(Check that Catchme found nothing in Search Mode)


*** Deleting with Backups GenericNaviSearch results ***

* Deletion in "C:\WINDOWS\System32" *


* Deletion in "C:\Documents and Settings\Sjandel Hunter\locals~1\applic~1" *


* Deletion in "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


* Deletion in "C:\DOCUME~1\BRIAHU~1\locals~1\applic~1" *


* Deletion in "C:\DOCUME~1\Guest\locals~1\applic~1" *


* Deletion in "C:\DOCUME~1\KIARAW~1\locals~1\applic~1" *


* Deletion in "C:\DOCUME~1\Savannah\locals~1\applic~1" *


* Deletion in "C:\DOCUME~1\Sjandel\locals~1\applic~1" *


* Deletion in "C:\DOCUME~1\SYLVES~1\locals~1\applic~1" *



*** Deleting folders in "C:\WINDOWS" ***


*** Deleting folders in "C:\Program Files" ***


*** Deleting folders in "c:\docume~1\alluse~1\applic~1" ***


*** Deleting folders in "c:\docume~1\alluse~1\startm~1\programs" ***


*** Deleting folders in "C:\Documents and Settings\Sjandel Hunter\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\BRIAHU~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\Guest\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\KIARAW~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\Savannah\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\Sjandel\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\SYLVES~1\applic~1" ***


*** Deleting folders in "C:\Documents and Settings\Sjandel Hunter\locals~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\BRIAHU~1\locals~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\Guest\locals~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\KIARAW~1\locals~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\Savannah\locals~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\Sjandel\locals~1\applic~1" ***


*** Deleting folders in "C:\DOCUME~1\SYLVES~1\locals~1\applic~1" ***


*** Deleting folders in "C:\Documents and Settings\Sjandel Hunter\startm~1\programs" ***


*** Deleting folders in "C:\DOCUME~1\ADMINI~1\startm~1\programs" ***


*** Deleting folders in "C:\DOCUME~1\BRIAHU~1\startm~1\programs" ***


*** Deleting folders in "C:\DOCUME~1\Guest\startm~1\programs" ***


*** Deleting folders in "C:\DOCUME~1\KIARAW~1\startm~1\programs" ***


*** Deleting folders in "C:\DOCUME~1\Savannah\startm~1\programs" ***


*** Deleting folders in "C:\DOCUME~1\Sjandel\startm~1\programs" ***


*** Deleting folders in "C:\DOCUME~1\SYLVES~1\startm~1\programs" ***



*** Deleting files ***


*** Deleting temporary files ***

Cleaning of C:\WINDOWS\Temp done !
Cleaning of C:\Documents and Settings\Sjandel Hunter\locals~1\Temp done !

*** Complementary Search ***
(Search specific files)

1)Deletion with backups new Instant Access files:

2)Heuristic search and deletion with backups :


* In "C:\WINDOWS\system32" *

kmskkgsos.dat found !
Copy kmskkgsos.dat done !
kmskkgsos.dat deleted !

kmskkgsos_nav.dat found !
Copy kmskkgsos_nav.dat done !
kmskkgsos_nav.dat deleted !

kmskkgsos_navps.dat found !
Copy kmskkgsos_navps.dat done !
kmskkgsos_navps.dat deleted !

kmskkgsos.exe found !
Copy kmskkgsos.exe done !
kmskkgsos.exe deleted !

C:\WINDOWS\prefetch\kmskkgsos*.pf found !
Copy C:\WINDOWS\prefetch\kmskkgsos*.pf done !
C:\WINDOWS\prefetch\kmskkgsos*.pf deleted !


* In "C:\Documents and Settings\Sjandel Hunter\locals~1\applic~1" *

jfacyufa.dat found !
Copy jfacyufa.dat done !
jfacyufa.dat deleted !

jfacyufa_nav.dat found !
Copy jfacyufa_nav.dat done !
jfacyufa_nav.dat deleted !

jfacyufa_navps.dat found !
Copy jfacyufa_navps.dat done !
jfacyufa_navps.dat deleted !


* In "C:\DOCUME~1\ADMINI~1\locals~1\applic~1" *


* In "C:\DOCUME~1\BRIAHU~1\locals~1\applic~1" *


* In "C:\DOCUME~1\Guest\locals~1\applic~1" *


* In "C:\DOCUME~1\KIARAW~1\locals~1\applic~1" *


* In "C:\DOCUME~1\Savannah\locals~1\applic~1" *


* In "C:\DOCUME~1\Sjandel\locals~1\applic~1" *


* In "C:\DOCUME~1\SYLVES~1\locals~1\applic~1" *


*** Copy Registry to Safebackup folder ***

Backing up Registry done !

*** Cleaning Registry ***

Registry cleaned


*** Certificates ***

Egroup Certificate deleted !
Electronic-Group Certificate deleted !
OOO-Favorit Certificate deleted !
Sunny-Day-Design-Ltd Certificate not found !

*** Cleaning stage complete on Sun 06/08/2008 at 12:23:17.70 ***

[emeraldnzl]

Hello Channel05,

Love that Opera Voice!

Good news then. Lets carry out another check now.

Please run the F-Secure Online Scanner

Note: This Scanner is for Internet Explorer Only!

• Click on Start scanning at the foot of the page
• Accept the License Agreement.
• Once the ActiveX installs,Click Full System Scan
• Once the download completes,the scan will begin automatically.
• The scan will take some time to finish,so please be patient.
• When the scan completes, click the Automatic cleaning (recommended) button.
• Click the Show Report button and Copy&Paste the entire report in your next reply.

When you come back

• post the F-Secure report
• a new HijackThis log
• and let me know how your computer is running now

[Chanel05]

When I go to "Start Scanning", it gives me this message "Insufficient rights to use ActiveX controls! Please check your user rights and Internet Explorer settings"

What do I have to modify to be able to use this scanner? I know, I know, if it isn't one thing it's another.

[emeraldnzl]

Hello Channel05,

Lets try this.

In Internet Explorer, go to Tools > Intenet Options > Security > Reset all Zones to Default Level > Apply > OK
Then go to the Advanced tab, and go to Restore advanced Settings> Apply > OK
Then in the Advanced tab go to Reset...> Apply> OK

Restart Internet Explorer

Try the F-Secure Scan again.

[Chanel05]

Hi again,

I've tried the above instruction and it still gives me the same error message.

[emeraldnzl]

Okay, we could spend a week trying to work out what is getting in the way.

I suspect we would have the same trouble with other on line scans.

Your main problem in any event is with Spyware/Adware.

We will take another approach.

Make sure you have downloaded all updates for your Norton antivirus and then run a full scan of your computer. Save the results of the scan and then let the program fix all problems it finds. Post results of the scan back here.

Next

Download and scan with SUPERAntiSpyware Free for Home Users

• Double-click SUPERAntiSpyware.exe and use the default settings for installation.
• An icon will be created on your desktop. Double-click that icon to launch the program.
• If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here.)
• Under "Configuration and Preferences", click the Preferences button.
• Click the Scanning Control tab.
• Under Scanner Options make sure the following are checked (leave all others unchecked):
• Close browsers before scanning.
• Scan for tracking cookies.
• Terminate memory threats before quarantining.
• Click the "Close" button to leave the control center screen.
• Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
• On the left, make sure you check C:\Fixed Drive.
• On the right, under "Complete Scan", choose Perform Complete Scan.
• Click "Next" to start the scan. Please be patient while it scans your computer.
• After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
• Make sure everything has a checkmark next to it and click "Next".
• A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
• If asked if you want to reboot, click "Yes".
• To retrieve the removal information after reboot, launch SUPERAntispyware again.
• Click Preferences, then click the Statistics/Logs tab.
• Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
• If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
• Please copy and paste the Scan Log results in your next reply.
• Click Close to exit the program.

So when you come back

• post the results of the Norton AV scan
• scan log results from SUPERAntiSpyware
• a new HijackThis log
• and please also tell me how your machine is performing