Red X (cross) icon by C: drive

Page 2 of 2 Previous  1, 2

View previous topic View next topic Go down

Solved Red X (cross) icon by C: drive

Post by lcander on Thu 11 Nov 2010, 6:42 pm

First topic message reminder :

I've tried to search the forum for this issue but couldn't find anything. I am working on a computer whose onboard LAN port is not working (not found in Device Manager) I have put in a PCI Network Card. That was recognized and is working. The machine does not seem to be running as fast as I think it should be, although it isn't bad. It is using XP SP3 with WebRoot AntiVirus with SpySweeper.
When working on this I noticed a red X icon in front of the C: drive when I explore or use My Computer. In searching the web I found mention of this being a result of the Vundo virus.
I installed, updated and ran Malwarebytes and CCleaner. I did a full scan (just to be sure) and nothing was found. I cleaned what was found by CCleaner.
I ran HiJack This and the report follows.
I have 2 questions--1. Could anything listed be responsible for the onboard LAN port not working? 2. Is there still some sort of virus/malware that is still on the machine that is not picked up by the updated WebRoot and MBAM that would be causing the Red X? If not, how can I get rid of that red X?

Thanks for the help.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:39:57 AM, on 11/11/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\system32\lxczcoms.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\AOL\1131383480\ee\AOLSoftware.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [You must be registered and logged in to see this link.]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ShopAtHomeIEHelper - {E8DAAA30-6CAA-4b58-9603-8E54238219E2} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
O3 - Toolbar: ShopAtHome Toolbar - {98279C38-DE4B-4bcf-93C9-8EC26069D6F4} - C:\Program Files\SelectRebates\Toolbar\ShopAtHomeToolbar.dll
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\WINDOWS\system32\NeroCheck.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [SoundMan] "SOUNDMAN.EXE"
O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] "nwiz.exe" /install
O4 - HKLM\..\Run: [NvMediaCenter] "RUNDLL32.EXE" C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HostManager] "C:\Program Files\Common Files\AOL\1131383480\ee\AOLSoftware.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\WebrootSecurity\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [ctfmon.exe] "C:\WINDOWS\system32\ctfmon.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AOL Fast Start] "C:\Program Files\America Online 9.0\AOL.EXE" -b (User 'Default user')
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.aol.com
O18 - Filter hijack: text/html - {07851C6A-1C43-41d9-8319-BC89154A8C00} - (no file)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: lxcz_device - - C:\WINDOWS\system32\lxczcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Windows Live OneCare Health Monitor (OcHealthMon) - Unknown owner - C:\Program Files\Microsoft Windows OneCare Live\OcHealthMon.exe (file missing)
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. ([You must be registered and logged in to see this link.] - C:\Program Files\Webroot\WebrootSecurity\SpySweeper.exe
O23 - Service: Webroot Client Service (WRConsumerService) - Webroot Software, Inc. - C:\Program Files\Webroot\WebrootSecurity\WRConsumerService.exe

--
End of file - 6824 bytes

lcander

Rookie Surfer
Rookie Surfer

Posts : 103
Joined : 2009-06-16
Operating System : Xp, Vista

View user profile

Back to top Go down


Solved Re: Red X (cross) icon by C: drive

Post by Belahzur on Sat 20 Nov 2010, 12:22 pm

Hold tight, talking to a colleague and we'll see if we change the icon back.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Solved Re: Red X (cross) icon by C: drive

Post by lcander on Sat 20 Nov 2010, 12:49 pm

Ok, not come across this one before???

lcander

Rookie Surfer
Rookie Surfer

Posts : 103
Joined : 2009-06-16
Operating System : Xp, Vista

View user profile

Back to top Go down

Solved possible fix??

Post by lcander on Sat 20 Nov 2010, 1:01 pm

I came across this while researching the problem, but wasn't sure if it would work and didn't want to try it if there was really still a problem with the machine.

3- Launch RegEdit from the Start menu's Run dialog and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\
CurrenTVersion\Explorer. If a subkey named driveicons is present, open it; You will find a subkey named C ,, Delete this subkey , this will return the C drive default Icon so the red icon will be gone.


Could this be a way to get the icon back??

lcander

Rookie Surfer
Rookie Surfer

Posts : 103
Joined : 2009-06-16
Operating System : Xp, Vista

View user profile

Back to top Go down

Solved Re: Red X (cross) icon by C: drive

Post by Belahzur on Sun 21 Nov 2010, 11:21 am

It may, but the articles I read on that says to put the normal value back rather than delete it, that's why I'm asking some of the other helpers that work here.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Solved Normal values

Post by lcander on Sun 21 Nov 2010, 12:14 pm

Is knowing how to get the normal values back the issue??

lcander

Rookie Surfer
Rookie Surfer

Posts : 103
Joined : 2009-06-16
Operating System : Xp, Vista

View user profile

Back to top Go down

Solved In Safe mode

Post by lcander on Sun 21 Nov 2010, 12:56 pm

Don't know if this will help, but the normal Icon shows when in safe mode for both Administrator and the Owner.

When looking for more answers to this, I came across a post that suggested the the default icon file (IconCache.db) may be corrupted. They suggest deleting that file and restarting the computer. They thought this should cause the default HDD icon to return.


lcander

Rookie Surfer
Rookie Surfer

Posts : 103
Joined : 2009-06-16
Operating System : Xp, Vista

View user profile

Back to top Go down

Solved Still there

Post by lcander on Wed 24 Nov 2010, 3:19 am

I tried the suggestion of deleting the IconCache.db file and the red X is still there. So that fix doesn't apply to this machine's problem.

lcander

Rookie Surfer
Rookie Surfer

Posts : 103
Joined : 2009-06-16
Operating System : Xp, Vista

View user profile

Back to top Go down

Solved Re: Red X (cross) icon by C: drive

Post by Belahzur on Wed 24 Nov 2010, 9:35 am

Hello.
Lets try this, we'll make a backup of the registry first.

  • Please use the following link to download ERUNT
  • Use the setup program to install ERUNT on your computer

Click Erunt.exe to backup your registry to the folder of your choice.

Note:to restore your registry, go to the folder and start ERDNT.exe

Please run OTL.exe.

  • Copy the commands with file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):


    :reg
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\DriveIcons\c]


  • Return to OTL, right click in the "Custom Scans/Fixes" window (under the light green bar) and choose Paste.

  • Click the red Run Fix button.
  • A fix log in Notepad will appear. Copy the contents of the fix log to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  • Close OTL.exe
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.


@RealBelahzur - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur

Manager | Tech Officer
Manager | Tech Officer

Posts : 34917
Joined : 2008-08-04
Operating System : XP SP3 Media Centre

View user profile

Back to top Go down

Solved Fix log

Post by lcander on Wed 24 Nov 2010, 10:26 am

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\DriveIcons\c]


lcander

Rookie Surfer
Rookie Surfer

Posts : 103
Joined : 2009-06-16
Operating System : Xp, Vista

View user profile

Back to top Go down

Solved Fixed

Post by lcander on Wed 24 Nov 2010, 10:35 am

You're brilliant!!!
That seemed to fix it. When I restarted the computer, the default icon is back.
Thanks so much.

lcander

Rookie Surfer
Rookie Surfer

Posts : 103
Joined : 2009-06-16
Operating System : Xp, Vista

View user profile

Back to top Go down

Solved Re: Red X (cross) icon by C: drive

Post by Sponsored content Today at 2:53 pm


Sponsored content


Back to top Go down

Page 2 of 2 Previous  1, 2

View previous topic View next topic Back to top


 
Permissions in this forum:
You cannot reply to topics in this forum