Virus...? Help Needed

Thu Feb 10, 2011 12:12 am

To begin, I would like to apologize if there have been topics similar to this one posted in the past. I simply don't have the time to browse through everything. I can only hope that you guys can provide some needed answers.

In the last couple of days, I have noticed that my primary computer (a Core 2 Duo desktop running Win 7 Ultimate - you can find its specs somewhere in my previous posts) has begun acting up. The two primary symptoms that I have observed are as follows:

1. The processor seems unusually loaded even when the system is simply idling. I tested this out for about half an hour after rebooting my system, and my processor usage hovered at an average of 50%-60%. I have a Core 2 Duo E8400 which though nothing new, is still a very decent processor. Normally when my system has sat at idle, processor usage was much lower, below 15% in any case.

2. The second problem I have observed is that my hard-drive space has been disappearing. I came home from classes today to find my computer telling me that I had only several kilobytes of space left. This is unusual considering I had in the neighborhood of 150-200 gigabytes free. I'm running a WD Caviar Green 650 GB HD. I ran several clean-up procedures to little avail and rebooted the computer. When Windows loaded again, I found the computer telling me that I had 189 GB of free space. Over the course of several hours however, this slowly dipped back down. The last time I checked before shutting my system down, Windows was telling me I only had 90 GB of free space. All this time though, the computer was idling with the Internet physically unplugged.

What I've done:
So far I've run several anti-virus sweeps which have uncovered nothing. I've also done a System Restore which has been similarly ineffective.

I am hoping that the Gerbil wizards on this site can help me out and at the very least, point me in the right direction. Any and all insight is welcomed and appreciated. Thank you.
Re: Virus...? Help Needed

Thu Feb 10, 2011 1:12 am

Did you try Malware Bytes?
Re: Virus...? Help Needed

Thu Feb 10, 2011 1:39 am sound like virus. In my experience, relying on AV to fix the problem is fruitless.
It's much more productive to simply wipe it out and reinstall OS then spending hours trying to fix but can't.
If I were you, I'd save important data as much as I can and wipe HDD and reinstall OS instead of trying to figure out easy
and magical way to fix it.
Re: Virus...? Help Needed

Thu Feb 10, 2011 1:46 am

As a causal investigation, go to Task Manager and see which process is hogging CPU? Pay attention to the name and the path of the executable (you can right click on the process and select properties). Remember to click the "Show processes from all users" button.
Re: Virus...? Help Needed

Thu Feb 10, 2011 2:12 am

Boot into Safe Mode with Networking, then install, UPDATE and run full scans with Malwarebytes and SuperAntiSpyware (that's the portable version, the full one won't install in Safe Mode). You can run them both at the same time. If those don't clear things up, you may need to go a little deeper with more powerful (and potentially dangerous) tools like HiJackThis, Autoruns and ComboFix.
Re: Virus...? Help Needed

Sun Mar 13, 2011 9:46 pm

It does sound like it could be a virus. Running Malware bytes from Safe Mode is a good start. Then I would suggest a good antivirus. My own preference is to burn Dr Web Live CD to a CD
and then boot with it. It's a very highly rated anti virus and it automatically updates to the latest. Plus it gives you other utilities to check out your system from the graphic shell.
Re: Virus...? Help Needed

Sun Mar 13, 2011 10:19 pm

I would pull the HDD, put it in another known good computer with up-to-date AV software like Avast or Microsoft Security Essentials, scan it and quarantine any infected files. Then backup your files and reinstall windows. If you have a rootkit that is very hard to clear from the computer that is infected. If a virus is identified in the scan you can look for a utility to remove the virus. Some antivirus software providers have these for specific viruses. You could try a live cd, but I haven't always had the best luck with those. Once you get the problem corrected make sure you do not normally use the computer as an administrator, keep AV software up-to-date, use a firewall + NAT router, password protect network shares, use strong passwords, and keep off the shady websites. Hope that helps.

