[CLOSED] System tray icons missing after using police virus rescue disk
3 posts
• Page 1 of 1
- steveatparkit
- Posts: 2
- Joined: Wed, 19 Sep 2012, 12:35
[CLOSED] System tray icons missing after using police virus rescue disk
by steveatparkit » Wed, 19 Sep 2012, 13:00
Sorry if this is posted in the wrong place, but the "disinfection tools" board is locked to me.
A few days ago I had to remove the "police virus" from a friend's Windows XP PC. The Panda rescue disk did the job beautifully, but after restarting the PC there was an anomaly. The system tray icons were missing, apart from the volume control and clock.
When I checked the startup tab in msconfig, the first five or six lines contained blank entries - normally an indication that a program has been deleted without telling msconfig.
But these programs hadn't been deleted, and task manager showed that they were in fact running. They just were not displayed in the system tray. Missing icons included anti-virus software, display adapter and audio system control panels.
AND CHECKING MY MACHINE NOW I think I've discovered where the problem lies....
In regedit, under "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" MY computer has the paths to the programs under the "Data" column, but I'm pretty sure that this was missing from my friend's PC after disinfection.
So how come the programs seemed to be running? Weird!
OK - anybody else noticed this? I'm guessing it's havoc wrought by the police virus.
And maybe if I put the data back into the registry, the icons will re-appear. I re-installed the anti-virus software to be sure - although it had let the attack through in the first place. But my friend is a bit of a virus magnet anyway!
A few days ago I had to remove the "police virus" from a friend's Windows XP PC. The Panda rescue disk did the job beautifully, but after restarting the PC there was an anomaly. The system tray icons were missing, apart from the volume control and clock.
When I checked the startup tab in msconfig, the first five or six lines contained blank entries - normally an indication that a program has been deleted without telling msconfig.
But these programs hadn't been deleted, and task manager showed that they were in fact running. They just were not displayed in the system tray. Missing icons included anti-virus software, display adapter and audio system control panels.
AND CHECKING MY MACHINE NOW I think I've discovered where the problem lies....
In regedit, under "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" MY computer has the paths to the programs under the "Data" column, but I'm pretty sure that this was missing from my friend's PC after disinfection.
So how come the programs seemed to be running? Weird!
OK - anybody else noticed this? I'm guessing it's havoc wrought by the police virus.
And maybe if I put the data back into the registry, the icons will re-appear. I re-installed the anti-virus software to be sure - although it had let the attack through in the first place. But my friend is a bit of a virus magnet anyway!
- VirusBuster
-
- Posts: 1602
- Joined: Mon, 02 Apr 2012, 17:53
- Location: Panda HQ - Bilbao
Re: System tray icons missing after using police virus rescue disk
by VirusBuster » Wed, 19 Sep 2012, 15:51
In order to get rid of the Ransom.AB malware (police virus) the police rescue disk deletes the content (not the key) of all the registry keys that are loaded at windows startup.
So, all the applications loaded at windows startup won't appear in systray
You will need to restore they keys from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run or reinstall that applications so that the installation restores the keys
So, all the applications loaded at windows startup won't appear in systray
You will need to restore they keys from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run or reinstall that applications so that the installation restores the keys
Regards,
Jorge Torre
TechSupport Department, Panda Security
Retail & Malware Team
I don't reply to private messages unless I have previously requested them
Jorge Torre
TechSupport Department, Panda Security
Retail & Malware Team
I don't reply to private messages unless I have previously requested them
- steveatparkit
- Posts: 2
- Joined: Wed, 19 Sep 2012, 12:35
Re: System tray icons missing after using police virus rescue disk
by steveatparkit » Wed, 19 Sep 2012, 16:16
That would explain it I guess. Perhaps a clue that it was going to happen in the instructions, and how to deal with it, would be useful.
Thanks for the answer and the fix.
Thanks for the answer and the fix.
3 posts
• Page 1 of 1
Return to Consumer 2013 - Archive Issues
Who is online
Users browsing this forum: No registered users and 2 guests