Slower than imaginable

By teamlosiwins ยท 8 replies
Oct 17, 2009
  1. any help would be appreciated, i ran my goodies.. avira avg ccleanr adware prof
    over tha last couple days. here is my hyjack list i hope there's a fix. thank you for any help.

    my usage is at 100% at idle ! call the pc shop? im not too computer literate
  2. WinXPert

    WinXPert TS Guru Posts: 445

    I see 2 randonname.exe virus. I'm checking kupuhivus on Avira's website.

    Ok no scanning yet. You have CCleaner let's trim your startup.

    CCleaner | Tools | Startup | Disable all except you antivirus program. Don't delete.

    Ok so you have 3 active that why Windows crawls. Let's disable AVG and Avira.

    Can you launch the TaskMan press [Ctrl][Alt][Del] simultaniously. Click Processes tab maximize and post a screen shot.

    Press PrintScreen. Launch Paint. Paste Ctrl-V. Save your image and post it here.


    Just follow my lead. Can you do it?


    Boot Safe Mode

    On Explorer navigate to C:\Documents and Settings\All Users\\Application Data and delete the ff folders:

    or any random num folder

    Create a folder on the desktop, name it Vir

    Move the ff files/folder to Vir

    C:\Program Files\ultrik
    - suspect??? I don't know what this is.

    Cut and paste the content of your autorun.inf on your next post

    Run HijackThis and remove the following:

    O4 - HKLM\..\Run: [40414518] C:\DOCUME~1\ALLUSE~1\APPLIC~1\40414518\40414518.exe
    O4 - HKLM\..\Run: [system tool] C:\Program Files\ultrik\iafwsysguard.exe
    O4 - HKLM\..\Run: [59830126] C:\Documents and Settings\All Users\Application Data\59830126\59830126.exe
    O4 - HKLM\..\Run: [kayiropit] Rundll32.exe "c:\windows\system32\teyesiti.dll",a
    O4 - HKLM\..\Run: [kayiropit] Rundll32.exe "c:\windows\system32\teyesiti.dll",a
    O20 - AppInit_DLLs: vororeni.dll c:\windows\system32\ketahope.dll c:\windows\system32\teyesiti.dll
    All O21 and O22 entries
    O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

    Ok were going to disable AVG and uninstall it later.
  3. hellokitty[hk]

    hellokitty[hk] Hello, nice to meet you! Posts: 3,448   +145

    Haha, they won't all fit at default size. and a hijackthis might be just as useful, which he has already done.
  4. teamlosiwins

    teamlosiwins TS Rookie Topic Starter


    i tried the starting in safe mode and navigated to all users folder, nothing there call ed application data. couldnt find the all number files that i have noticed in task manager you mentioned. At start up i open task man and end process on any all number progs immediately, ive been doin this for the last few days. also have icon on desktop called security tool, is the root of all evil im sure. anyways, pulling hair out at the moment and need a break. thanks again i appreciate it.
  5. JuliusCaesar

    JuliusCaesar TS Rookie Posts: 73

  6. WinXPert

    WinXPert TS Guru Posts: 445

    At the command prompt:

    Start | Run | CMD

    CD "C:\Documents and Settings\All Users\Application Data"

    - do not type this I modified the above command
    DIR /ash /s

    this will display all the hidden/system folders

    DIR /ash /s > C:\dir.txt

    Post dir.txt.


    Let's try Explorer, enable show hidden system files and folders

    Type at the address bar C:\Documents and Settings\All Users\Application Data

    if you still can't see the random number folder,

    C:\Documents and Settings\All Users\Application Data\59830126

    delete all files

    C:\Documents and Settings\All Users\Application Data\40414518

    delete all files

    You can also use LIST.COM. Search TS I've posted it on other thread. Extract Run LIST.COM and press F1 for help.

    *** I'll write a guide on how to use LIST.COM in navigating, changing attributes and deleting files (w/ screen shots).
  7. JuliusCaesar

    JuliusCaesar TS Rookie Posts: 73

  8. teamlosiwins

    teamlosiwins TS Rookie Topic Starter

    this hurts my head lol

    ok so i was able to locate those random number files and delete them, also uninstalled and deleted my threatfire, computer got really fast for half a day, like nothin ever happened. been running adware proff. and first off i fix a couple of the problems, run it again they are still there. here are my latest hyjack report and my DIR txt. i hope this helps narrow it down.
    thanks again
  9. WinXPert

    WinXPert TS Guru Posts: 445

Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...