Hi,
I have had the red X next to my C drive in My computer for some time. Is has XP sp 3, Also, some programs do not respond - I click on them and nothing happens, or they start to open and then disappear. Sometimes it gets stuck in a mode where nothing responds. It is in that mode now so after running all those scans. I installed webroot antivirus/antispyware but it did not find anything. Online forums pointed me to the VundoFix so I ran that and it did find a problem and fix it. I went through the instructions for what to do before posting and that also found some problems:

1) Windows malicious software tool did not find anything
2) I ran the ATF cleaner
3) Malwarebytes found several problems - see attached logile
4) EEset found one problem - see atteched logfile
5) uninstall list from Hijack - This is also attached
Thanks In advance for your assistance.
menaicom

Recommended Answers

All 6 Replies

Generally the red X indicates a disconnected network drive, but thats wierd as your C drive should be a fixed, local, physical drive.

Hello,

Well as jbennet said, it shouldn't be doing this on the C drive.

Download hijackthis and post the log.

Thanks,

Cohen :)

Generally the red X indicates a disconnected network drive, but thats wierd as your C drive should be a fixed, local, physical drive.

yeah, just to check - you are not anything strange like running off a usb drive/ramdisk/thin client etc?

Are you on home or pro?

OH, just another thing.

In the future, when you post logs, post them in a post / reply.

Thanks

Cohen :)

As requested, I am attaching the hijackthis.log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:50:24 AM, on 12/5/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Sony\Giga Pocket\shwserv.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dns\bin\named.exe
C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
C:\Program Files\Webroot\Desktop Firewall\wdfsvc.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Sony\Giga Pocket\RM_SV.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\sony\SONICS~1\SsAAD.exe
C:\Program Files\ZyDAS Technology Corporation\IOGEAR_802.11g_Utility\ZDWlan.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/login_verify2?&.src=ym
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.sony.com/vaiopeople
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
F2 - REG:system.ini: Shell=Explorer.exe,
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,uxefxpt.exe,
O1 - Hosts: 209.73.168.74 login.yahoo.com
O1 - Hosts: 209.86.66.93 www.citibank.com
O1 - Hosts: 209.86.66.92 www.sunnyvale.ca.gov
O1 - Hosts: 68.142.195.60 ca.yahoo.com
O1 - Hosts: 66.94.228.103 finance.yahoo.com
O1 - Hosts: 64.233.187.99 www.google.com
O1 - Hosts: 209.204.170.90 stats.liahl.org
O1 - Hosts: 72.14.255.99 maps.google.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [VAIO Recovery] "C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe"
O4 - HKLM\..\Run: [NvCplDaemon] "C:\WINDOWS\system32\RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SsAAD.exe] "C:\PROGRA~1\sony\SONICS~1\SsAAD.exe"
O4 - HKLM\..\Run: [UserFaultCheck] "C:\WINDOWS\system32\dumprep.exe" 0 -u
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SsAAD.exe] "C:\PROGRA~1\sony\SONICS~1\SsAAD.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: ZDWLan Utility.lnk = C:\Program Files\ZyDAS Technology Corporation\IOGEAR_802.11g_Utility\ZDWlan.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1161463415062
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.com/downloads/BUM/BUM_WIN_IE_1/axofupld.cab
O16 - DPF: {924C1588-90C3-4910-B6CA-D57A1C0418FE} (YbUploadFavsCtl Class) - http://us.bookmarks.yahoo.com/YbConvFav.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{213F1AFD-0E46-424A-A166-55CB9E87EB54}: NameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A55D7012-6249-4941-BA9D-4F89AD3566A6}: NameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F497BA08-7377-4A15-B29D-34D685E1F85E}: NameServer = 127.0.0.1,192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{213F1AFD-0E46-424A-A166-55CB9E87EB54}: NameServer = 127.0.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{213F1AFD-0E46-424A-A166-55CB9E87EB54}: NameServer = 127.0.0.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{213F1AFD-0E46-424A-A166-55CB9E87EB54}: NameServer = 127.0.0.1
O20 - Winlogon Notify: App Management - C:\WINDOWS\
O20 - Winlogon Notify: App Paths - C:\WINDOWS\
O20 - Winlogon Notify: AutorunsDisabled - C:\WINDOWS\
O20 - Winlogon Notify: Internet Settings - C:\WINDOWS\
O20 - Winlogon Notify: logons - C:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Giga Pocket Hardware Detector - Sony Corporation - C:\Program Files\Sony\Giga Pocket\shwserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony TV Tuner Controller - Sony Corporation - C:\Program Files\Sony\Giga Pocket\halsv.exe
O23 - Service: Sony TV Tuner Manager - Sony Corporation - C:\Program Files\Sony\Giga Pocket\RM_SV.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: twdns - Unknown owner - C:\WINDOWS\system32\dns\bin\named.exe
O23 - Service: VAIO Entertainment Aggregation and Control Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
O23 - Service: VAIO Entertainment File Import Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
O23 - Service: VAIO Media Video Server (VAIOMediaPlatform-VideoServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Video\GPVSvr.exe
O23 - Service: VAIO Media Video Server (HTTP) (VAIOMediaPlatform-VideoServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Video Server (UPnP) (VAIOMediaPlatform-VideoServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
O23 - Service: Webroot Desktop Firewall network service (WDFNet) - Webroot Software, Inc. - C:\Program Files\Webroot\Desktop Firewall\wdfsvc.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. (www.webroot.com) - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
O24 - Desktop Component 0: (no name) - (no file)

--
End of file - 11169 bytes

I forgot to add that my OS is Windows XP, Home Edition, Version 2002, Service Pack 3. The PC is a Sony Vaio, Pentium 4

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.