TechSpot

I cant remove trojan "backdoor.generic2.wtw" help please

By animemanga
Jun 22, 2006
  1. aaaaaaaaaaaaaaaaahhhhhhh!!!
    alert!!!
    all of a sudden my pc got slow(slightly) i don't know what is happening. i thought is was java that was making the problem but i got it out of my system. but my pc is still slow.

    other problems: can't see videos from site, can't get google toolbar. when i download it and install it says succesfuly installed but i don't see the toolbar.
    all of a sudden media player start getting glitch. especially windows media player.

    help plz!!!howard_hopkinso :grinthumb
    here is my hjk log in advance
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Boot into safe mode. See how HERE. http://www.bleepingcomputer.com/forums/tutorial61.html

    Turn off system restore.(XP/ME only) See how HERE. http://www.bleepingcomputer.com/forums/tutorial56.html

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE. http://www.bleepingcomputer.com/forums/tutorial62.html


    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    ULi5287.exe


    Close task manager.

    Run HJT with no other programmes open. Have HJT fix the following, by placing a tick in the little box next to(if there).

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy1@equinxsolution.com:80Fix this, if you don`t know w2hat it is, or you have not set this yourself.

    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)

    F2 - REG:system.ini: Shell=

    O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)

    O2 - BHO: Nothing - {686a161d-5bd1-4999-8832-6393f41e564c} - C:\WINDOWS\system32\hp100.tmp (file missing)

    O2 - BHO: Nothing - {6ab7158b-4bff-4160-ad7d-4d622df548cf} - C:\WINDOWS\system32\hp100.tmp (file missing)

    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)

    O4 - HKLM\..\Run: [ULiRaid] C:\Program Files\ULi5287\ULi5287.exe

    Fix all 016-DPF entries.

    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

    Click on the fix checked button.

    Close HJT.

    Reboot into normal mode and turn system restore back on.

    Post a fresh HJT log, if you still have problems.

    Regards Howard :)
     
  3. animemanga

    animemanga TS Rookie Topic Starter Posts: 92

    completly no change. still less speed. still can't install google toolbar. still can't watch videos from web sites.

    here's the fresh log
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Ok. As far as the Google toolbar is concerned, accordin to your HJT log, it is already installed, so I`m not sure what the problem is there.

    Let HJT fix the following.

    O4 - HKLM\..\Run: [Workflow] D:\Workflow.exe

    O4 - HKLM\..\Run: [RecoverFromReboot] C:\WINDOWS\Temp\RecoverFromReboot.exe


    Fix all 016-DPF entries.

    Another thing you can do to speed up your system, is to get rid of that Symantec/Norton crapware.

    Download the free AVG antivirus programme and the free ZOnealarm firewall form HERE and HERE.

    Then, disconnect from the net and completely uninstall Symantec/norton from add remove programmes in your control panel. You will probably have to do this in several bits rebooting after each uninstall.

    Once you`ve got rid of Symantec/Norton, install Zonealarm, followed by AVG and reboot your system.

    Reconnect to the net and run the AVG updates.

    Then, click start/run and type msconfig into the run box and press the enter key. Click on the startup tab and disable anything you don`t use. Click apply/ok. You will be prompted to reboot your system.

    Once your system has rebooted, you wil see a window that says you have used msconfig to make changes etc. Tick the little box that says not to run msconfig the next time you start your system and click ok.

    You should also reinstall Java as this is needed in order for some websites to work properly.

    Also, stop using IE, except for Windows updates and get Firefox instead

    Regards Howard :)
     
  5. animemanga

    animemanga TS Rookie Topic Starter Posts: 92


    how do u fix all 016 entries .
    huh?? norton is eaeting up mu cpu???
    what am i suppose to do without norton. i mean i paid for it and i probably wont find a free antivirus software that aint trial

    WHY CAN'T I SEE VIDEOS FROM SITES?? IS IT A PROBLEM WITH CODES??
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    You can fix all 016-DPF entries, by placing a tick in the little box next to the entries in HJT, just like I asked in post #2


    Yes, Norton will slow your system down, because it`s a load of resource hogging crap.

    I have already given you links to the free AVG antivirus and the free Zonealarm, none of which are trial programmes. The links are in post #4



    I said you should reinstall Java. You might also want to install the Macromedia flash player. Just Google Macromedia flash player.

    Regards Howard :)
     
  7. animemanga

    animemanga TS Rookie Topic Starter Posts: 92

    did that already but no change. pc slightly slower than it was without jave.


    deleting norton is in progress.
     
  8. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Once you`ve finished uninstalling Norton and installing AVG etc.

    Run a full system scan from safe mode with AVG. Make sure that AVG is fully updated.

    Then, reboot into normal mode.

    Download and run the Ccleaner programme from HERE. Run the programme two or three times.

    Then, run a disk defrag and see how your system runs.

    Regards Howard :)
     
  9. animemanga

    animemanga TS Rookie Topic Starter Posts: 92

    all done !! speed hasn't changed much but it's okay!!
    however i reinstalled java download micromedia flash player. and still nothing
    just can't watch videos.
    still having problems with google toolbar
     
  10. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Damn, sorry to hear you`re still having problems.

    All I can suggest at this stage, is you backup your important data and do a reformat and reinstall.

    If that doesn`t help, then maybe you have some kind of hardware problem.

    Regards Howard :(
     
  11. animemanga

    animemanga TS Rookie Topic Starter Posts: 92

    i don't think it's worth the trouble. but seriously i have been having some tought problems. windows media player's gone crazy(even all the othe media players. i uninstalled and reinstall em but nothing) sites take long to load. memory gets short all of a sudden. and so many other annoying pros.

    anyway sorry but i got my self infected again. while uninstalling norton i had a message letting that i was infected and a weird message " THE CURRENT SITE IS TRYING TO OPEN ANOTHER SITE
    CURRENT SITE: (it shows the ip of the site") .
    while no site is even opened.
    anyway it's looks like the one in the other thread if you remember.i ran hjk and ewido in safe mode. ediwo found 57 threats. i deleted them but no change.

    thans in advance it's really appreciated.
     
  12. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    I did say you should disconnect from the net after you had downloaded AVG etc and before uninstalling norton. See post#4 in this thread.

    You`ve managed to get yourself infected with the SmitFraud infection.

    Go HERE and follow the instructions carefully.

    Post a fresh HJT log, when done.

    Regards Howard :)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...