There is a rogue malware infection running around that hides itself by posing as a running process. If it is detected and "disinfected" or removed, it simply reloads itself on start up and it is back again.
Some users report that it is not particularly obvious, but it can drain your system's resources and disable certain processes (like system restore, etc.) Some users have resorted to a complete re-install, but that may not be needed, as this procedure that has proven very effective at defeating this infection (as a last resort, the "PSS" section below goes into how to repair the Windows installation before actually re-installing it):
0. Ensure the Hard Disc Drive is not damaged or faulty.
Solution - Run CheckDisk:
a. Start> Computer >select C Drive>Right Click C Drive>select "Properties">"Tools" > click "Check Now"> Select both boxes and click "Start".
b. This can take a long time, so let it complete (may take all night or longer).
1. Do a System Restore to a point before this started (if you can't get into system restore, see PS below):
a. Start - All Programs - Accessories - System Tools - System Restore (click to open);
b. Select a restore point well before you started having these problems;
c. Start the restore process and let it complete.Note: you will need to re-install any programs and maybe the updates that were installed after that restore point).
2. Get good Anti-Virus and Anti-Spyware programs (AVG is good for Anti Virus; MalWare Bytes is a good, free anti malware program as is SuperAntiSpyware -- see links below.
Get an Anti-Virus if you don't have one and Malware Bytes & SuperAntiSpyware).
AVG AntiVirus: http://download.cnet.com/AVG-Anti-Virus-Free-Edition-2011/3000-2239_4-10320142.html
MalWare Bytes: http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html
a. Download and run Rkill at http://www.bleepingcomputer.com/download/anti-virus/rkill
Rkill stops fake processes that are running on the system (don't restart your system as this will just restart the process).
If you can't run Rkill it is being stopped by the malware -- the site above has it under different names so the malware does not "see it". Simply download one of the other names (or all of them if you want) and try a different one by one or change the file's name to something else and then install and run it.
Once RKill completes, your AV will probably find the infection and neutralize it. Whatever happens, just go to the next step. DON'T RESTART THE PC as the malware will just re-load.
b. Download Malware Bytes and install it. Also download and install SuperAntiSpyware
c. Run a complete (full) SpyWare scan with Malware Bytes and handle whatever it finds. Repeat with SuperAntiSpyware, handling what it finds.
d. Run a complete Virus Scan and handle whatever it finds (if you are going to change AV programs, remove the old one first before installing AVG).
Make sure you run FULL or COMPLETE or WHOLE PC scans.
3. Next, ensure the Registry is clean and the disk's clutter is also cleaned out.
Solution: Get and run a good registry cleaner.
a. Get CCleaner here: http://download.cnet.com/ccleaner/
b. Run the Registry cleaner till it finds and corrects all errors
c. Run the "Cleaner" to analyze the disk and see what files it finds to delete and then delete the files that are not needed (most of the files it finds are unneeded, but look through the categories to be safe).
d. In CCleaner, under "Tools", go to "Start Up" and look over the programs that start up on your PC.
You may see a lot of programs that simply do not need to start up when you first boot up your PC. Disable these and leave only the essential ones (if not sure, note down the program name and then try to open it up via Start-> All Programs. If not essential, disable them). These are big "RAM Eaters" and many times are not needed at start up -- if you do need to use them, you can start them up as needed.
4. Run a good disk defrag. If you use the computer more than occasionally, the built-in may not cut it.
Consider downloading a free trial of a third party commercial defrag tool.Third party programs are more robust and many work in the background so you can use your PC while defragging.Most third party programs offer a free, fully-functional trial (the better ones are for 30 days).
Below is a recent Top 10 Reviews side-by-side comparison of the best defrag programs available.http://disk-defragmenter-software-review.toptenreviews.com/a. Select a program and install it. The better defrag programs are automatic and the top placers in the above review can defrag while using the PC. The top placer was completely transparent during defrag and it also prevents fragmentation (see the review or download a free trial at the site below).
b. Defragment your disk drives. The best defrag programs are very fast. You will be able to see the progress and with the gold medalist, you can use the PC while it is working with no problems.
Good luck to you!Bill R TechSpec
PS: If you can't get into System Restore, don't despair -- it means you're on the right track (the malware is protecting itself). Just go onto Step 2.
If you can't run the scans, go to Safe Mode as directed below and run the scans from safe mode:
A. Restart the PC and tap the F8 button repeatedly as it is booting up (before Windows splash screen come on). If windows starts, you need to re-start the PC after it completes and start the repeated tapping of F8 sooner)
B. Select "Safe Mode with Networking"
C. When it completes the boot up to Safe Mode, it may give you the option to go to System Restore.
Try to go there and do Step 1 and proceed with step 2, etc. from safe mode...
PSS; If still not working properly, proceed to the next step to Repair the Windows Installation:
a. Insert your Windows installation disk in the disk drive;
b. Re-start your PC and opt to boot onto the disc drive ensuring the CD or DVD drive is selected as a boot device before the HDD;
c. When asked if you want to install windows or repair it, select REPAIR (if you select install it will format the drive and install Windows but you will lose your files, so select REPAIR);
d. This will check all the system files and replace them as needed.
Once complete, you should be able to boot into windows and all should be fine.