I couldn't find "RUN" on my start Menu, please what could be the cause?? could it be virus
No prob! Glad to have helped. Just make sure you always have your antivirus definition files up-to-date in future. And be careful where you insert your flash drive---you can't tell what might be on another person's machine. At any rate, I hope you didn't lose too many stuff. Good luck! And remember, before you ever format, run a scan on your machine always in safe mode to determine what you're up against (that's just me personally).
I really appreciate you for your kindness, I have formatted it before your second to the last post. but now I downloaded Hijackthis on a friend's comp. I am still downloading my drivers, so currently, i cannot use the system to browse, as soon as I am through with it, I will post the results here. You are da bomb!! thank you real good.
Huh? Ok, just out of curiosity, could you explain the rationale behind that remark you made that I have in bold? What has the RAM got to do with it? Also, I will have to disagree with your first sentence. So, you're telling me that each time a PC is infected with a malicious program, the best solution is to format the HD? That's interesting! What if it's a mere spyware (though they can be aggravating most times), would you format your HD because of that? How would you know what kind of malicious program you're dealing with if you don't first try to troubleshoot the PC, which in this case using scanning tools like HijackThis can give you a detail information of what's on your system. Besides, if it's brontok he's dealing with here, there are [url=http://www.bitdefender.com/VIRUS-157247-en--Win32.Brontok.A@mm.html]cleaning tools[/url] he can use to try and get rid of the program. But until he's sure of what he's dealing with, I won't suggest to hastily format the HD at this point. Peace!
Unleash, make u relax! What you want to do is to first make sure it's brontok before you format your entire HD. If you still have subscription to your antivirus, update your virus siganture files ASAP! If not, Go here and download this free A/V but make sure you uninstall your old A/V before installing this one as both might cause a conflict giving you another problem to deal with. And yes, this one does come with Antirootkit, which is why I like it. Once you're done installing it (if you have to), check for new updates and install it if there's any. Once you're done updating, remove your cat-5 cable or however you connect to the internet from the back of your PC and reboot your PC into safe mode. Incase you're not sure how that is done, here's how it's done: hit the F8 key on your keyboard after the PC boots up and displays your PC vendor's splash screen (not the windows XP splash screen). As soon as the splash screen goes off and the PC turns black, hold down the F8 key. It should bring up different menu, use the arrow key to select "Safe mode." Do not, I repeat, DO NOT select Safe Mode with networking (that won't work anyway, that's why I have you disconnect your network cable incase you select the wrong one). Depending how you get into your PC, make sure you're on it with an account that has administrative rights.
Now, go to programs, and launch AntiVir. Run a complete scan on all your drive. You probably want to go do something else around the house at this time cause it'll take forever depending the number of files and folders on your HD. If Antivir finds any malicious program, I'd suggest you let it delete it; you can have it quarantined if you want but I personally just let it go. Make sure you check the option that prompts you if you want Antivir to apply the same action to every malicious programs it detects. That way, you won't be going back and forth to answer the prompt. I can bet my last buck it'll find a lot more than brontok. Alternatively, download HijackThis, a light-weight scanning utility. Save the scan result as a text file (.txt) and post it on here. You probably want to do this after you update your virus definition (if you still have your subscription to the A/V software). Now, if the A/V is able to detect and remove some viruses, reboot after the scan back to windows and try to put the Run command icon back on your sart menu using the screenshot someone posted earlier. If you are able to restore the Run command icon, reboot your PC again and check to see if it's still there. If it's still there, you're fine for now but if it disappears again, then FORMATING is your only option at that point. At any rate, still scan your PC with HijackThis and paste the text file result here so I can see before you format your HD. Use your installed A/V first if you're still subscribed to it, otherwise, uninstall it before you install another one. Good luck! Peace!
the above are links to brontok removal tools( i am assuming its brontok - it may not be)
the above is a link to -RRT (Remove Restrictions Tool) 1.0, which should restore your diabled options.
in case it is not brontok,
download this standalone kaspersky tool from this link
download process explorer from this link
boot the system into safe mode (tap the f8 key when booting to bring up the safe mode dialog)
run the kaspersky tool.
after it cleans up, run the restrictions removal tool.
in the event theres a mesage like 'lsass.exe /newfolder.exe cannot be deleted, the file is currently in use' open process explorer, navigate to the newfolder.exe, or whatever the process that cannot be deleted is, and kill it. then run the kaspersky tool again.
isass.exe is the main payload of certain viruses, particularly ones that mess with firewalls and open backdoors into your box. it is mostly mistaken that this backdoor allows hackers to infiltrate: not always so. mostly it allows a flood of other malware to bypass your firewall and set up shop in your precious box, things like adware, spyware etc. isass.exe comes mostly via worms and since brontok itself is a kind of mailer worm it comes with isass.exe.
becareful though: i said spoofs above, and that is true. there IS a windows system file known as Lsass.exe, but it starts with an L looking like an i. the one that actually starts with an i is the virus.
smss.exe is the harder one to remove as there is also an actual windows component with that name, the Session Manager SubSystem which handles sessions in a running box. the Dam is that both the process and the viral one have the same spelling, but normally you are supposed to have only one instance running. do not delete this if you don't want to format your lappy.
that is why i recommend a format.
as to your other question: a virus is a small piece of malicious program written by antivirus vendors to make you a slave to their antivirus bloatware.
if it is brontok, its possible that antivirus apps are seeing it but can't delete it because its a running process. download process explorere or any third party task manager. you should see new folder .exe running among the processes. select it, and pick the option kill process. then run your antivirus.
i got hit by brontok last year and that worked. i used regtoy to restore my system settings, though i was never able to recover the folder options, though that can be done by creating a new profile ( like u did using guest) and transferring all your files to it. kaspersky will find and kill brontok - maybe u shld download it.
i know kaspersky works because a cafe i used to visit had brontok . i knew this because i was seeing my old friend new folder.exe, folder name .exe in my flashy. kaspersky wiped em out like that.
a lot of people wont agree with me, but antiviral programs are quack and wack. most of them are just bloatware that happily gobble up ram and cpu resources without really doing much besides pretending to be on guard and only alerting you of threats. they pretend to wipe your box clean ( and sometimes damage key system files worse than the virus,like avast and nod32) but leave tell tale traces of the infection behind.
dude, if its brontok (and it is, or its many variants), kindly FORMAT. don't even back up folders and programs that have exe. just copy individual files off that box.
when you reinstall windows, either install a shell pack or an icon set to differentiate real folders from mimicked ones. or just go to tools, folder options, view, and uncheck HIDE EXTENSIONS FOR KNOWN FILE TYPES
this way when you see a folder with a .exe extension (usually of size 200kb) you know its brontok and you can delete it.
also, windows vista protects your system files by denying ownership sometimes even to you, the admin.
me, i don't use antivirus and im never infected because im careful.
spyware doesnt corrupt system files or mess up registry. all it does is send info about your net usage and choke up your computer and bandwidth in the process. there is no doubt about it: you have brontok, and its going to be in any flashdrive u have recently used in the infected box. it will disguise itself as Newfolder.exe or assume the name of whatever foldder its hiding in plus the .exe extension.
how often do you update it?
an antivirus is only as good as its most recent update.
going by everything you've written i think you do have a virus/spyware
try using spyware doctor to scan for it.
the big problem with formatting is this - you back up your fils, which typically includes the files brotonlk is hiding in. you format reinstall, and the moment you revisit a particular folder, its biz as usual
download this app
all the virus has done is alter some registry settings. you may find that you cannot access the following
like neo said - folder options
regtoy enables you to tweak your registry via the gui
it requirs .net framework 2.2, though, so you need that (if you dont already have it installed). cheers
it is posible that you may have had a virus in which case you may have to tweak via the registry.
to enable run on the start menu,
click on your taskbar,
select start menu from the tabs
click on customize
select advanced tab
, you should see 'run command '
among the unticked options.tick it select ok. if this doesn't work, you probably have had a virus which has hidden/disabled run via the registry