Problems after removing winantivirus2009

auspcs · Aug 21, 2008

Hi guys, Have run the guide as per your instructions. It has removed all traces of this nasty piece of garbage. After it was gone however, I now have a problem with the icons in the "My Computer" window. There are no icons at all showing up. I have googled and searched for over an hour now and cant find reference to anyone having this problem. I am lost as to what to do to restore them. I tried kellys-corner for a reg fix but there is none for this problem. It has to be a registry setting somewhere.
Any suggestions?
Thanks guys.

chaslang · Aug 22, 2008

Welcome to Major Geeks!

Is it only your icons that are not showing? Or is the whole Desktop not showing? The Desktop includes icons, wallpaper, Start button, system tray ...etc. If only the icons, right click on the Desktop and select Arrange Icons By and then select Show Desktop Icons

If the whole Desktop is gone, it is due to what this infection did to your system and it is somehow blocking Windows Explorer from running.

It would be a good idea to attach the logs that were requested in the READ & RUN ME.

auspcs · Aug 22, 2008

When I doubleclick "My Computer" The window opens and there are no icons in the window, no drives , no floppy, no cd, nothing just a blank white window.
I have been through the registry I have found an entry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\HideMyComputerIcons Im looking into whether this is what caused it. I had to return the persons computer so I just wiped it and redid their windows so I cant get the logs now. I ran out of time sorry.

chaslang · Aug 22, 2008

Okay it sounds like you are not talking about your Desktop. Sounds like you are talking about the icons for files and folders that show in Windows Explorer.

You should not be playing around in the registry on your own. Had you already been making changes in the registry while trying to fix your malware problems?

It think you should attach the four logs that were requested in the READ & RUN ME as I already suggested.

auspcs · Aug 23, 2008

I havent said "desktop" anywhere. I said "My Computer". The window that opens when you double click the "My Computer" icon. I also said i dont have the logs any more. Ill post this problem somewhere else. Thanks anyway.

auspcs · Aug 23, 2008

Ok, I found it. the malware set quite a few settings in the registry.
the malware hid all the drive letters. it hid them by setting NoDrives in the key HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, The trick was figuring out the values it put in the REG_BINARY value of NoDrives.
I found it by googling hidemycomputericons (all one word)
Thankyou for the help.

I believe this malware is very new. as I have removed winantivirus2008 and 2009 many many times. this one however showed quite a few new approaches.

chaslang · Aug 23, 2008

I'm happy to see you found your problem.

Next time you suspect malware problems, follow the required procedures for posting here which are in the below sticky thread:

READ & RUN ME FIRST. Malware Removal Guide

It would have shown the policy settings in at least two of the four logs requested. Both ComboFix and MGtools would have revealed the changes.

auspcs · Aug 24, 2008

Perhaps I may have figured that out if you hadn't wasted 4 posts asking about my desktop......When in the very first post I said "My Computer".
Sorry to sound peeved, but your patronising is getting to me.
I quite clearly said the "My Computer" window. I never once said "DESKTOP"
Had you bothered to read you might have seen that and you might have been able to help. Luckily The other forum I used was helpful and knew what I wanted. They knew that "My Computer" meant "My Computer" not "The Desktop".
You can go ahead and flame me now.
I deserve it.
But read these lines first:
Me..." I now have a problem with the icons in the "My Computer" window"
You.."Or is the whole Desktop not showing?"
Me..."When I doubleclick "My Computer" The window opens and there are no icons in the window"
You.."Okay it sounds like you are not talking about your Desktop"
I mean...Doh!
You can ban me if you wish. I wont be back. and neither will any of the hundreds of customers i used to refer to you.

chaslang · Aug 25, 2008

auspcs said: ↑

Perhaps I may have figured that out if you hadn't wasted 4 posts asking about my desktop......When in the very first post I said "My Computer".
Sorry to sound peeved, but your patronising is getting to me.
Click to expand...

Sorry that you feel it was patronising, I was simply stated a fact that the READ & RUN ME FIRST is there for a reason, and if you had run it FIRST and attached the logs as required then this would have been resolved earlier.

Yes I misinterpreted your statement about "My Computer" which is really just Windows Explorer which is responsible for also giving you a desktop. When dealing with 100 people per day this sometimes happens as we do not always directly communicate things the same way. Since we see dozens of Desktop hijackers every day, I thought you meant your Desktop icons and Start button etc were missing. We have had many people say My Computer when they meant Desktop. So in message # 2 when I asked about your Desktop I just wanted clarification that it was not also your Desktop that was missing icons. You did not directly answer this but continued to mention My Computer. Thus all I was saying in message # 4 was a statement of the what I was now understanding and that is you were not referring at all to a problem with your Desktop.

Log in or Sign up

Problems after removing winantivirus2009

auspcs Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

auspcs Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

auspcs Private E-2

auspcs Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

auspcs Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member