Kavo.exe, 2.exe, tt.exe,Tavo.exe ~ I just formatted/installed XP

Computer forums for help with removing malicious software (malware) and improving computer security

Welcome Guest to What the Tech! ( Log In | Register ) We specialize in the removal of malicious software (malware), but here you'll find free help and support for all your tech questions. We invite you to ask questions, share experiences, and learn. Explore our message boards, or register now to post messages of your own. Please Start Here. Register today (registration removes advertising)

What the Tech > Spyware / Malware / Virus Removal > HijackThis™ Logs and Infections Removal

Kavo.exe, 2.exe, tt.exe,Tavo.exe ~ I just formatted/installed XP

Options

Reynaldo04 View Member Profile	Jun 7 2008, 09:20 PM Post #1
New Member Group: Authentic Member Posts: 15 Joined: 20-April 08 Member No.: 78,542 Operating System: Windows XP	ughhh I just formatted and installed a XP but i did not format the 2nd partition, D:/(since there i have my drivers), so i just formatted the partition of where windows is installed. Other information you should know is that my workgroup network(the others pc of the networks) have spywares and a lot of stuff(but i cant help it since is my dad's pc and he wont let me touch), im wondering if those spywares are coming throught the net to my PC. Earlier right when i installed Spybot S&D it found and destroyed 2(worms?) Win32. The main problem i have is Kavo.exe,tavo.exe,2.exe,tt.exe keep getting in my pc no matter how many times i delete them >_<, and i dont navigate in bad webpages, or anything like that, i even use 3 antispywares(2 have 24/7 security, the other one just scan): -Spybot S&D -Spyware Terminator -Malewarebytes Antispyware ----------- I dont have antivirus also, havent had for a while. Thinking about downloading AVG FREE now. This is my clean hijack this: QUOTE Logfile of HijackThis v1.99.1 Scan saved at 8:14:55 PM, on 6/7/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\RALINK\Common\RaUI.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Spyware Terminator\sp_rsser.exe C:\Program Files\Spyware Terminator\SpywareTerminator.exe D:\hijackthis_sfx\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://g.live.com/1rewlsup/WinInstaller O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKCU\..\Run: [kava] C:\WINDOWS\system32\kavo.exe O4 - HKCU\..\Run: [tava] C:\WINDOWS\system32\tavo.exe O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Ralink Wireless Utility.lnk = C:\Program Files\RALINK\Common\RaUI.exe O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe As you can see there appears the kavo and tavo x_x. I can manage to delete them with my antispyware but the main problem is that they just keep appearing in my pc, and i dont even navigate throught bad sites :x. EDIT: i just scanned with Spyware Terminator and found/clean this: Threat Files <Trojan.W32.OLGames.KAV> : C:\WINDOWS\system32\kavo.exe <Trojan.W32.OLGames.KAV> : C:\WINDOWS\system32\kavo0.dll They will come back after i reboot or so i can say, i wish you help me to make it stop appearing in my pc. Thanks in advance!~. -------------------------- EDIT2: i realized that everytime i double click(to open) there is a .dll(i think is bad) called xfa.dll that is my Temp folder. This post has been edited by Reynaldo04: Jun 7 2008, 09:51 PM

LDTate View Member Profile	Jun 8 2008, 01:34 PM Post #2
Forum God Group: Root Admin Posts: 43,182 Joined: 23-September 04 From: Missouri, USA Member No.: 15,276	Read post #4 http://forums.whatthetech.com/Numerous_qua...tml#entry465946

Reynaldo04 View Member Profile	Jun 12 2008, 08:42 PM Post #3
New Member Group: Authentic Member Posts: 15 Joined: 20-April 08 Member No.: 78,542 Operating System: Windows XP	I purchased a new one at a local store and everything is ok now =D, all the problems i had got solved(thought it was my Ram or something else but no =D)

LDTate View Member Profile	Jun 13 2008, 05:29 AM Post #4
Forum God Group: Root Admin Posts: 43,182 Joined: 23-September 04 From: Missouri, USA Member No.: 15,276	Glad you got it fixed

« Next Oldest · HijackThis™ Logs and Infections Removal · Next Newest »

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Topic Title	Replies	Topic Starter	Views	Last Action
Kavo Trojan on my External HD	6	MoogleMC	80	Yesterday, 03:28 PM Last post by: LDTate
[Closed] KAVO AND TAVO	2	anotherproblem	54	4th October 2008 - 05:20 AM Last post by: LDTate
[Closed] PLZZ Help Stuck with kavo,tavo,kcvo	5	sidh	94	20th August 2008 - 04:51 PM Last post by: LDTate
help with kavo.exe. tavo.exe. tt.exe 2.exe 1234	50	cindieee	1,660	16th August 2008 - 11:46 PM Last post by: cindieee
[Resolved] Kavo.exe headache, pt. 2 12	19	MarJayKiran	659	12th August 2008 - 11:24 AM Last post by: ken545