AmplusnetPrivacyTools.exe Eating Up CPU Resources

AmplusnetPrivacyTools.exe is another one of those executables that use up all your resources and slows down everything else.

I booted my computer this morning and saw that loading of any application seem slow and dragging. My default firefox browser took a long time to load. Even the SeaMonkey browser, which I usually use when I want quick browsing, took forever just to search ‘cpu slowing’ on google.

I tried checking out the Windows Task Manager, and sure enough, the CPU Usage showed a whooping 100% usage. So, I clicked on the ‘Processes’ tab to check out the culprit. On double-clicking the CPU column button, this ‘AmplusnetPrivacyTools.exe’ executable soared up to the top, claiming to be the thug who is eating up

CPU resources. I have seen something like this perhaps a couple of times before, and the culprit applications are usually a little tricky to pull down. Like, I tried to use the ‘End Process’ button to have it stopped by force; but before I could sigh with relief, it re-activated itself back and shot up to the top cpu eaters flank with a grin and greeted me ‘I’m back!’.

Luckily for me, this AmplusnetPrivacytools.exe file was easier to break down than some other pain-in-the-neck I’ve encountered before. I searched for its location in the drive. Once I’ve found it, which was in the systems folder, I used some lightning speed Jet Li moves of ending the process via the Windows Task Manager and immediately deleting the files (the exe file itself and this AMPLUSNETPRIVACYTOOLES.EXE -3A7D8C4D.pf file (yeah, it showed itself in capital letters as if trying to look meaner than it really is)) before it can re-activate itself.

After the surprise attack I gave the enemy, I took a peep back at ground zero and saw that everything looks alright this time. The CPU Usage bar had subsided to its normal levels and the enemy hadn’t resurrected itself anymore.

This time, I could take a full sigh of relief breath cycle and felt good at myself for taking the enemy down without having to call for help from the IT folks downstairs. Yeah, these IT kids are an awesome lot. Sometimes I think they are part human and part machine. How else can they tame down a messed up computer so quickly without breaking a sweat? The trick I used above was given to me by one of these kids sometime ago.

I still have to do a research on what this AmplusnetPrivacyTools.exe does besides sucking cpu resources. For all I know, it could be a resource file used by some legitimate application in my computer and deleting it might cause it to cease to work. Or, it really is some Trojan or whatever virus, in which case, what I’ve done is not necessarily enough to stop it. It could have entered some data in the registry where the tracking down for it usually proves to be way beyond me. Well, I’ll find out soon I guess. Or, if you know something about it, you can save me the waiting time by speaking your mind now in the comments section. 🙂

UPDATE: The Day After

Lo and behold, the next day, I was again greeted with a crappy drunken slow cpu. But when I checked who’s on top of the cpu huggers list, it’s ekrn.exe! So I repeated the same process I did yesterday. Thing is, I couldn’t find ekrn.exe in the windows directory where it should be. Even the recommended RegCure software wasn’t able to remove it (although it did find 1,354 problems in my computer!). Some site also said that ekrn.exe problems are 94% due to registry problems. Google, google, google. How to remove ekrn.exe. I found out that this executable is something ESET uses. After 2 hours, I got kinda tired and looked again at the task manager’s top list and found that just below it is smss.exe. Well, why not try to end this process? If my computer crashes, so be it. I can’t do anything today anyway as long as cpu usage is 100%. So I killed smss.exe, and what do you know, the cpu usage bar made a free fall to 1% like a bungee jumper from a crane boom. Then I remembered this smss.exe is actually the one I meant when I said I have had this cpu hugging issue before. Thing with smss.exe is that although you can end its process in the task manager, it refuses to get deleted in the windows explorer. I had to resort to downloading this pocket killbox free app to have it killed by force.


It’s peaceful here once more. I hope I wouldn’t need to add another ‘day after‘ update to this post anymore as this post is getting uncomfortably long. This must be the longest post I have written so far. Anyway, if tomorrow gives me another challenge like this, I’m going for reformatting.

18 comments

  1. I never heard of AmplusnetPrivacyTools.exe or ekrn.exe,I suspect they might be kind of Trojan,but it is good that you finally sorted it all.I hate registry problems that windows causes,I wonder if it is the same with Mac and Linux?

    1. I won’t say I’ve really sorted it all out. I’ve probably just given my computer relief from its symptoms. Who knows what else those critters have been doing behind my back. I’m presently on the lookout for any other signs of it in the days to come. I have to give credit to those thugs who make this Trojan abominations. They’re good at this field. I wonder what they could do if they put their brilliant minds into something worthwhile.

  3. Looks like I may indeed have to invest in some tuneup and security applications soon. If you noticed, the admin’s username is now james_m. That’s because my main page has been hacked and I have to scramble to find a way to gain back possesion of my wp dashboard. The problems I had about cpu usage turned out to be some trojan or spyware (or whatever) cover-up after all. Yes, I’m definitely going for reformatting this time.

    I’ve glanced through a lot of posts in some other blogs about wp security but I never gave them second thought because I was sure my blog is so negligibly un-important (both in content and PR) to be noticed by hackers. Turns out these hackers eat anything they stumble upon, whether its gold or garbage.
    .-= james_m´s latest blog ..Bugs Bunny Poster =-.

  4. Hey James,

    I took a look in Google search to see what it could be (yes, I am just that nosey lol) and came across this http://www.threatexpert.com/report.aspx?md5=0c6c13698bf49b8c83e1f4f9519c10d4 that you may find useful.

    If you do a search for amplusnetprivacytoolss.exe it seems like others have been having trouble with it.

    Well, here’s hoping you get it sorted or that what you have already done is the end of it.

    @Sire I use that TuneUp Utilities and it works well for my needs.

    Regards,

    Karl
    .-= Karl Foxley´s latest blog ..15 Free Tools To Add To Your Online Business Toolbox =-.

    1. Hey Karl, thanks for the link. It did confirm my suspicions that it is something I need to be really cautious about not getting again in the future. Either it is through this exe or that other ekrn.exe that my blog’s wp username and password were retrieved by hackers. I have to reformat my cpu to completely clean it up.

    1. Hi Will, I’m afraid, if you can call it a tool, it’s not a very useful tool. As you may have read above, it wrecked havoc with my computer, taking all resources so that my computer crawled to a halt. And no, it’s not related to privacy policy, whatsoever.
      .-= james_´s latest blog ..Stephenie Meyer’s Twilight Saga =-.

  7. It’s definitely a pain whenever bloatwares attack the system. I’d rather uninstall the software by force than edit the registry since it can cause a lot of problems. Try using RevoUninstaller the next time you need to remove nasty programs. It does the registry entry removal for you so you don’t have to worry about going to the registry and doing it manually. Just my $0.02.
    .-= Mathdelane´s latest blog ..Why Computer Hardware and Device Driver Detection Software Matters =-.

    1. Most probably, yes. But when it starts eating up all resources, more likely it is an impostor executable hiding under the guise of some legitimate application’s name.

      I remember having installed a registered version of an IP Hider that I won from Math’s site.

        1. Cool products. What scares me is that they have the ‘Stealth Keylogger’ product in their list. It’s probably this that allowed the hacker to retrieve all my data. I don’t know, but as long as my hacking ordeal is still fresh in my mind, I’ll never trust anything that starts with amplusnet.

  10. AmplusnetPrivacyTools.exe (A P T) is indeed part of IPHider (and other proxy tools run by the same company). The CPU problem is caused by the fact that when you exit IP Hider, APT stays resident in memory and is still scanning various ports for activity. If you use programs like UTorrent or Soulseek or are just downloading a lot of images etc, performance may eventually be affected because APT goes bananas and hogs the CPU even slowing down anti-virus software. I’ve written to APT/IP Hider and they can’t explain this errant behaviour only suggesting I download a fresh copy of their software bla bla…
    The solution is not load APT automatically (on boot up) but use services . m s c to switch it on and off. End of story.

Comments are closed.