We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
What Now!
kitty42
Posts: 17 Forumite
in Techie Stuff
I do run my spybot programme (but not nearly as often as I should) I tried this morning and got a message from windows saying there is no cd in the computer (or something like that) which i cancelled. then spybot said 2 problems couldn't be fixed because they were currently in memory, this may be fixed by restarting the computer. I have done this and got the same messages, the problem is newdotnet, i couldn't find it the control panel either. I try to keep my computer updated but i find it a struggle, I'm not techie minded. my windows update won't let me update internet explorer either. am i losing control of this thing?:eek:
0
Comments
-
kitty42 wrote:, the problem is newdotnet, i couldn't find it the control panel either.
If you want to remove newdotnet try this link.
If you don't want to remove it the site should have more information to help you .0 -
i would start the Pc in safe mode
http://www.pchell.com/support/safemode.shtml
and then run spybot, it will be able to remove it then (not sure that i would rely on the sites own removal instructions, especially as it says turn off firewall and antivirus )Ex forum ambassador
Long term forum member0 -
geordie_joe wrote:If you want to remove newdotnet try this link.
If you don't want to remove it the site should have more information to help you .
thanks for the link. the thing is, i don't what the heck newdotnet is, does anyone know what this is and what have i done to have this on my pc?0 -
kitty42 wrote:thanks for the link. the thing is, i don't what the heck newdotnet is, does anyone know what this is and what have i done to have this on my pc?
It appears to be spyware of some sort.
Visit this link and read about it. Or just skip half way down the page to the Removal Procedure Section.
I didn't read all of it, but apparently just deleting it, or stopping it start will cause problems.0 -
according to my list of programmes on the control panel i don't have newdotnet, can it be called something else?
also what on earth is prosavage ddr and utilities? how do these things get on my computer, it's a little unsettling
0 -
Go to http://www.spywareinfo.com/~merijn/programs.php and download Hijackthis. Run the program letting it create the log file. Then copy and paste the log file in here and when I get back i'll take a look at it and delete you what to get rid of. Or save the log file and put in this site http://www.hijackthis.de/ and it will tell you what to get rid of. If your not sure though just post it here. I'm off out at the minute but I'll have a look when I get back or someone else on here might be able to look at it.0
-
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\BLUEYO~1\SMARTB~1\blueyonder-istnotifier.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
C:\Program Files\palmOne\HOTSYNC.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Program Files\blueyonder IST\bin\mpbtn.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Outlook Express\msimn.exe
C:\DOCUME~1\CAROLM~1\LOCALS~1\Temp\Temporary Directory 1 for hijackthis[1].zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/radio
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://dial.blueyonder.co.uk
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by blueyonder
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
F3 - REG:win.ini: run=
O2 - BHO: Adobe PDF Reader Link Helper - !!06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - !!53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - !!761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: &Google - !!2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ZgFGW1ow] C:\PROGRA~1\wuvqsx\squrr.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\BLUEYO~1\SMARTB~1\blueyonder-istnotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: HotSync Manager.lnk = C:\Program Files\palmOne\HOTSYNC.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Digimax Viewer 2.1.lnk = ?
O4 - Global Startup: blueyonder Instant Support Tool.lnk = C:\Program Files\blueyonder IST\bin\blueyonder-istconfig.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://dial.blueyonder.co.uk
O16 - DPF: !!2A32B14F-4D29-4EA3-AC54-E9B19F436CE7} (Scanner Class) - http://www.windowsecurity.com/trojanscan/TDECntrl.CAB
O16 - DPF: !!2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: !!4594FE69-C44F-4E7B-A6CB-98E185EFCA95} (ActiveXATS.ActiveXDemo2) - http://cl-0063.web.uk.netscalibur.com/student/ats/ActiveXATS.CAB
O16 - DPF: !!56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/190b1c3b5316bbd74305/netzip/RdxIE601.cab
O16 - DPF: !!62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040427/qtinstall.info.apple.com/saba/us/win/QuickTimeInstaller.exe
O16 - DPF: !!62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) - http://gisweb7.city.vancouver.bc.ca/download/mgaxctrl.cab
O16 - DPF: !!6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120634198296
O16 - DPF: !!6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1159861462484
O16 - DPF: !!86A88967-7A20-11D2-8EDA-00600818EDB1} (ParallelGraphics Cortona Control) - http://www.parallelgraphics.com/bin/cortvrml.cab
O16 - DPF: {C606BA60-AB76-48B6-96A7-2C4D5C386F70} (PreQualifier Class) - http://www.telewest.co.uk/motive/files/MotivePreQual.cab
O16 - DPF: {D6867DAF-DDD2-4559-ACFB-A46C38E847D0} (ActiveXATS.ActiveXDemo2) - http://cl-0063.web.uk.netscalibur.com/student/ats/ActiveXATS.CAB
O16 - DPF: {F167FEC6-C7E3-4123-A928-30A40648DE3B} (ActiveXATS.ActiveXDemo2) - http://cl-0063.web.uk.netscalibur.com/student/ats/ActiveXATS.CAB
O18 - Protocol: asp - !!8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\System32\hsppp.dll
O18 - Protocol: hsp - !!8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\System32\hsppp.dll
O18 - Protocol: schmap-help - (no CLSID) - (no file)
O18 - Protocol: x-asp - !!8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\System32\hsppp.dll
O18 - Protocol: x-hsp - !!8D32BA61-D15B-11D4-894B-000000000000} - C:\WINDOWS\System32\hsppp.dll
O18 - Protocol: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\WINDOWS\System32\wowctl2.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
is this it? feeling completely out of my depth here:huh:0 -
first part of the log is missing, the bit about the version of Xp you are using etc, plus you have run hijack this from a temporary location, if we make changes then no back-ups will be saved so you need to install the program in it's own Folder
I'll have a look at this first thing tomorrow for you, only take advice about what to remove from me, PChelpman or Alfonso from this point
Ex forum ambassador
Long term forum member0 -
kitty42 wrote:according to my list of programmes on the control panel i don't have newdotnet, can it be called something else?
also what on earth is prosavage ddr and utilities? how do these things get on my computer, it's a little unsettling
Prosavage DDR is your video card drivers and utilities.
In the add/remove programes it is usually called new.net Domains
Basically it's spyware that watches your internet browsing and pops up adverts that relate to the sites you visit.
In your windows folder you may have a file called NDNuninstallX_XX.exe. (“X” represents the version number of the uninstaller)
Try having a look for this. If you can't find it in your windows folder try doing a search for NDN*
If you find it don't click on it, just let us know it is there.
If some tells you to delete something to fix it, DO NOT DO IT, unless you have access to the internet by a different computer.0 -
was it dangerous posting the message with bits of my computer on it? i feel very naive and vulnerable. i am now really worried and wonder if i should just leave well alone, i don't know what i'm doing.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.6K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.2K Work, Benefits & Business
- 600.8K Mortgages, Homes & Bills
- 177.5K Life & Family
- 259K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards