Hi there, I apologize firstly for my long post but I thought it best to give details.
I have been having problems the last couple of days. I first started to notice that my computer was running very slowly and I was getting error messages (the ones that need to close the program and you can send error messages to Microsoft) for almost every program I opened so I tried to run a full system scan…that’s when I noticed that Avast wasn’t just NOT running but had totally disappeared from my system! I know I didn’t delete it accidentally and even after reinstalling it and rebooting my computer it had vanished again! Sygate firewall has also vanished, as has Spybot Search and Destroy. I tried to run an online antivirus scan and also access avast.com for support but i couldn’t connect. In the end I went into My Control Panel’s Add/Remove Programs to uninstall all my security programs (intending to reinstall) and found a program I didn’t recognize. If I remember rightly it was called newdotnet. I uninstalled this and rebooted, also uninstalling, rebooting and reinstalling my security programs but all of them keep disappearing after rebooting. (The folders and files are still there when I explore, just the application files disappear). I’ve got no antivirus running at the moment and I’m using a different firewall but I am still getting error close down messages for every program I run (at present I’ve just dragged the one for Firefox to the side so I can post) and my computer is running slowly. I’m attempting to run an online antivirus scan but it keeps crashing. Is there anything I can do short of totally reformatting?
IMPORTANT: During rebooting I get a message saying BOOT.INI file has changed.
System info:
Windows XP Pro Sp2
AMD Athlon XP 2600+ 2.08GHz
512MB Ram
FAT32 File System
74.5GB HD (24.5GB free)
Many thanks in advance for any advice you can give.
If your system is badly infected, I’d recommend Trend Micro Sysclean. If necessary, download the files on another computer. Extract the Zip file and copy to a CD. Start your computer in safe mode, copy the files to your desktop and run from there.
If you are not a Trend Micro customer please download the following file.
For the TSC package to be effective, you must download and use the latest pattern file. Place the pattern file in the same folder as the Trend Micro System Cleaner Package.
Many thanks to both of you. I have managed to download and run Ewido and also run TrendMicro’s online scanner and found a LOT of nasties (Ewido really is fantastic, thank you)! The offending files appear to be removed now and I have been able to reinstall Avast AV with no problems this time. I’m running Ewido again and will run Avast overnight to make sure my system is totally clean.
Thank you again for your help.
If anyone is interested for future reference the files that TrendMicro found were:
Along with me, I am sure the others are glad you have been successful at removing the nasties from your computer. Thank you for coming back and posting what was found. This could be valuable information for others with similar problems.
Please come back often, learn more, and maybe help others.
Click on the Menu button.
Choose Schedule Boot Time Scan.
Doing so displays a dialog allowing you to schedule virus scanning.
Check Archives, if you want scan all the archives.
Specify whether all the disks or just a specific folder should be scanned.
Select Advanced options for scheduling details.
Select how to automatically process infected files.
Choose how to automatically process infected system files.
Click the Schedule button to confirm the settings.
"Newdotnet" is a serious piece of spyware & I do not know
if it can be as easily removed by what was suggested to
you !? To confirm it ( and perhaps some "companions") are
really gone, I recommend you have antiSPYWARE Experts
check your computer; if you know of none, I recommend
www.landzdown.com .
"Newdotnet" is a serious piece of spyware & I do not know
if it can be as easily removed by what was suggested to
you !? To confirm it...
…try a Google search.
The programs recommended (ie Ad-Aware and Spybot) should have no problem with it.
Both of these programs can generally be removed through the Add/Remove Programs Control Panel. SaveNow will show either as SaveNow or WhenUShop generally, while NewdotNet will be there as simply New.Net.
If the programs are not listed in the Add/Remove Control Panel, I recommend downloading an automatic spyware removal tool such as Adware, Spybot, or another automatic detection and removal tool.
Spiritsong, I won’t call serious if you’re referring to removal possibility and dangerousness.
Newdotnet can be easily removed through Control Panel, no trash left behind (name New.net) 8)
The simpthoms described here let me thing that there are A LOT OF OTHER infections besides Newdotnet…
Did a little research & it appears new.net is NOT as serious
as it has been in the past. However, I found this :
"NewDotNet can generally be removed via the Add/Remove Programs Control Panel.
Mr Leonard Amabile has a canned reply to posts regarding NewDotNet:
"New.net has an uninstaller in Add/Remove Programs labeled New.net Domains. I recommend that you use the New.net provided uninstaller prior to using any other method. If you do not find an entry in Add/Remove Programs, please follow the other procedures listed at http://www. newdotnet.com. Once you have ran one instance of our uninstaller and reboot, our software should be fully removed.
