My Laptop (Toshiba Satellite L10 - 102) seems to be eating a lot of my RAM...i dont know whats wrong please check the log details below and let me know what is the the problem...Thanks in advance for all ur help....

Attached Files

hijackthis.log (7.4 KB, 1 views)

hello rash, and welcome to the forums....you've got at least the newdotnet infection going on, so let's start from square one and go from there, please. .....if you could click on the prework link in my signature, that will have you go through some preliminary steps that will clean out some of the nasties in there, and should leave you with two logs, one from AVG (be sure to choose 'quarantine' on all the items it finds) and one from HJT. If you could then attach the two logs, we can get started.

Thanks,

v

OK i did everything exactly as the pre worked mentioned and saved the log. I could not save the AVG log but i can sure tell you that there was no threats found apart from that here is the remaining log

Attached Files

	Spy Sweeper Session Log.txt (1.8 KB, 1 views)
	hijackthis.log (8.0 KB, 1 views)

First, Download LSPFix.exe to a convenient location. Do NOT run this program. This is only to be used if you lose Internet Access after removing NewDotNet.

To Get rid of NewDotNet, go to:

Start > Control Panel > Add or Remove Programs and remove the following:

New.Net Applications or New.Net Domains (anything that says New.Net)

If it is not there, go here and follow Procedure 4: NewDotNet Removal Procedure 4.

In the event that you lose Internet access after removing New.Net, please double-click LSPFix.exe that you downloaded earlier. Check the "I know what I'm doing" button. You will see 2 panels. If there is any file listed in the "Remove" panel on the right-side, leave it as is and just click "Finish>>" then reboot your computer and you should now have access to the Internet. If nothing is listed under the "Remove Panel", do NOT do anything - just close the program. You will need to use another computer to come back here for further instructions on what to do.


Next, run hijackthis, click ‘perform system scan only’, and place a tick next to the following:

O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file)
O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup –s


Finally, please right-click on My Computer, and choose, Explore. Click on Tools, Folder Options, and then View. Make sure that there is a tic next to Display contents of System Folders, Show Hidden Files and Folders is selected, and Hide known file extensions is not selected. Then navigate to and delete the following (don't worry if they are not present):

C:\Program Files\NewDotNet

I also see signs of both Norton/Symantec and AVG anti-virus. Did you recently uninstall Norton? If both are running, that could cause issues.

Please reboot, and post another hijackthis log.

Thanks,

v

i ccant seem to find these files

O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup –s

Should i still proceed and regarding your question on Norton and AVG..actually i did recently unistall Norton as it was making my PC slow but i am no longer using it...

Here is the new log file after doing everything as you said.......is there anything else i must do....??

Attached Files

hijackthis.log (7.6 KB, 1 views)

Looks good.

How's it running?

v