Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


CPU Usage maxed out, internet speed at a standstill--am I infected?

  • Please log in to reply
1 reply to this topic

#1 Seamus3971


  • Members
  • 3 posts
  • Local time:04:55 PM

Posted 25 March 2010 - 02:50 PM


I'm running Internet Explorer 8 with Windows XP Media Center Edition 2004 (Gateway GT5032 computer). Bear with me 'cause I'm a total novice at doing my own computer repairs, and I hope I will describe the problem(s) correctly.

First, I had a scary encounter late last week with some kind of virus/trojan/hijacker that popped up and acted like an Anti-Virus program that was scanning my machine. I knew right away that it was something fishy, but not having any experience with this stuff, I frankly panicked. I restarted my computer and ran Spybot Search & Destroy, which I already had installed, then downloaded Malware Bytes Anti-Malware based on a recommendation (probably from this board). I ran both programs and followed prompts to fix the bad stuff that was showing up. I wish I could remember exactly what these program claimed to fix, but I didn't write it all down, and I don't know how to find out now. I did write down "Win32.Agent.pz" as one of the offenders. Also there was a message that "Microsoft.WindowsSecurityCenter_disabled" which I told Spybot Search and Destroy (I'm pretty sure it was Spybot) to fix. I just wanted the anti-spyware programs to get rid of this stuff as quickly as possible, and it looked like it worked, after I chose to fix these things. This was about 7 days ago.

Over the next few days, I ran the programs again just to make sure, and had them delete some tracking cookies, but nothing else significant turned up on Quickscan in Malwarebytes, and since my system seemed to be running fine, I thought I was out of the woods.

Two days ago, Windows slowed to a crawl, in particular my internet connection was slower than molasses (I have a high-speed wireless connection). Eventually, opening files and folders in Explorer became much, much slower as well. Rebooted the computer a few times and noticed that CPU Usage as shown in the Windows Task Manager was nearly maxed out (upper nineties to 100%) even when I wasn't doing anything. I booted into safe mode and used Malwarebytes again and found no problems. Did a full-scan in Malwarebytes and still no problems found. By the way, in Safe Mode (without networking) the computer ran much, much faster, so I guess the problem file, app, or whatever was not being loaded on startup (?). Anyway, I decided to boot into Safe Mode with Networking and downloaded Windows Defender.

Here's where I started running into even bigger difficulties. Again, my internet speed slowed to a crawl. Task Manager was not showing me any processes that looked out of the ordinary, although "System Idle Process" was showing values as high as 99 in the CPU column (not sure exactly what this means). I downloaded Windows Defender on my wife's MacBook and burned it to a CD, then transferred it to my PC and tried to install it. At first (can't remember what mode the system was in at the time) I got the error message: "The system administrator has set policies to prevent this installation." I futzed around some more, don't remember exactly what I did. Installation also required internet connection, which has been very dicey (almost non-existent) but after several tries, I finally got Windows Defender to install with updated files, and I ran it as well, still finding no problems on the system with Windows Defender.

At my wit's end, I tried two other things--I tried to use the System Restore function in Windows (Safe Mode) and got the error message: "System Restore has been turned off and cannot be turned on in Safe Mode. To turn on System Restore, restart in Normal mode and then run System Restore again." I tried it in Normal Mode too, but just got the message: "System restore has been turned off. Do you want to turn on System Restore now?" I figured there was no point if System Restore had peviously been turned off and the restore points were already deleted, so I left it alone.

I also bought McAfee Antivirus 2010, but found out to my chagrin that the retail version of this just contains a card with a pin # that allows you to download the program from the McAfee site, rather than containing a CD with all the relevant files, which is what I thought I was getting. This was basically of no use, because Internet Explorer is not allowing me to download all the files necessary to run the product.

So, to sum up--everything I try to do (except in Safe Mode without Networking) is super slow, I can't download new antvirus programs or browse websites on my PC, and my existing virus/spyware protection is coming up short. I don't know for sure if my system is infected, but it seems like it must be. Any help would be greatly appreciated.

Note: I am currently using my wife's MacBook to read and post to this site, as my own PC is useless for that right now. I was able to create a rkill log on my PC about an hour ago, but don't know how to interpret it.


BC AdBot (Login to Remove)


#2 Seamus3971

  • Topic Starter

  • Members
  • 3 posts
  • Local time:04:55 PM

Posted 25 March 2010 - 03:36 PM

Don't know how I forgot this detail, but "Security Tool" was the name of the fake anti-virus thing that I removed last week (following the instructions on this youtube vid: ).

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users