Solved: They have been disabled

Hi ,

Well i did have a virus or some trojan kinda spyware THING !

Norton picked it up , but kinda failed to be aware about the back log of it all ..

I had the AntiSpyware2009 thingy....(If i recall right , thats what it was calling itself) , which disabled my desktop wallpaper n made it into , well , all there advertising propaganda

@@@@@@@@

Now theres 3 problems i am left with ...

1. When i right click desktop background and click properties i am only presented with the tabs a.themes b.appearance c.settings (there are no tabs for the rest of the usual 1's)

2. My c & d drive do not show in my computer ( those 2 being my hard drives )

3. Every time i load Internet Explorer , Norton picks up an intrusion from an attacking suspect , blocks it and a window pops up with failed to load bugging screen !

I know its a lot to ask , I appologise !

I am using Xp Home edition & These are my problems !

I would be glad & extremely greatful if you experts could help me please .

Thanking you greatly if you can ,

Joe

 

Please download ATF Cleaner by Atribune.

• Double-click ATF-Cleaner.exe to run the program.
• Under Main choose: Select All
• Click the Empty Selected button.

Click Exit on the Main menu to close the program.




Please download Malwarebytes Anti-Malware and save it to your desktop. alternate download link 1 alternate download link 2

• Make sure you are connected to the Internet.
• Double-click on Download_mbam-setup.exe to install the application.
• When the installation begins, follow the prompts and do not make any changes to default settings.
• When installation has finished, make sure you leave both of these checked:
  • Update Malwarebytes' Anti-Malware
  • Launch Malwarebytes' Anti-Malware
• Then click Finish.
• MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
• On the Scanner tab:
  • Make sure the "Perform Quick Scan" option is selected.
  • Then click on the Scan button.
• If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
• The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
• When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
• Click OK to close the message box and continue with the removal process.
• Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
• Make sure that everything is checked, and click Remove Selected.
• When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
• The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the contents of that report in your next reply with a new hijackthis log.

Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.

Click here to download HJTInstall.exe

• Save HJTInstall.exe to your desktop.
• Doubleclick on the HJTInstall.exe icon on your desktop.
• By default it will install to C:\Program Files\Trend Micro\HijackThis .
• Click on Install.
• It will create a HijackThis icon on the desktop.
• Once installed, it will launch Hijackthis.
• Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
• Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
• Come back here to this thread and Paste the log in your next reply.
• DO NOT have Hijackthis fix anything yet. Most of what it finds will be harmless or even required.

 

Thanks for your time !

Ran everything you told me to run !

Heres the logs ...

------------------------------------------------------

Malwarebytes' Anti-Malware 1.28
Database version: 1229
Windows 5.1.2600 Service Pack 2

05/10/2008 12:10:54
mbam-log-2008-10-05 (12-10-54).txt

Scan type: Quick Scan
Objects scanned: 64508
Time elapsed: 16 minute(s), 30 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 4
Registry Keys Infected: 14
Registry Values Infected: 8
Registry Data Items Infected: 5
Folders Infected: 4
Files Infected: 40

Memory Processes Infected:
D:\Documents and Settings\PC\Application Data\Adobe\Manager.exe (Trojan.Agent) -> Unloaded process successfully.

Memory Modules Infected:
D:\WINDOWS\system32\apvjjror.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\hgGabCvU.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\quyheeqd.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\hgGyvSMd.dll (Trojan.Vundo) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{33ac7d18-dc35-4d1a-940e-afd5fc5c3327} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hggyvsmd (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{33ac7d18-dc35-4d1a-940e-afd5fc5c3327} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3c48382f-2446-4c77-ba6c-869f0e222718} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{3c48382f-2446-4c77-ba6c-869f0e222718} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\peltodgx.bmfr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{76acfa97-b729-4285-8787-10425443ad95} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0067e1b4-ecbd-47d6-8f88-80e14fb90295} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca5df1da-5181-4190-b40b-e3fd8fb1eaed} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\peltodgx.toolbar.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\28482c96 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{33ac7d18-dc35-4d1a-940e-afd5fc5c3327} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ca5df1da-5181-4190-b40b-e3fd8fb1eaed} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Run (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\wallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\originalwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\convertedwallpaper (Hijack.Wallpaper) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: d:\windows\system32\hggabcvu -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: d:\windows\system32\hggabcvu -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDrives (Hijack.Drives) -> Bad: (12) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
D:\Program Files\Smart Antivirus 2009 (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
D:\Program Files\Smart Antivirus 2009\Infected (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
D:\Program Files\Smart Antivirus 2009\Suspicious (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Start Menu\Programs\Smart Antivirus 2009 (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.

Files Infected:
D:\WINDOWS\system32\hgGyvSMd.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\hgGabCvU.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\UvCbaGgh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\UvCbaGgh.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\apvjjror.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\rorjjvpa.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\quyheeqd.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\dqeehyuq.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\peltodgx.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
D:\WINDOWS\rwlfsdmk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\hgGyvWnk.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\wvUkJbAP.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\wvUoPfdC.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\7NXKJBKG\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\ER5D6FSY\upd105320[2] (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\HQGBSU5C\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\J5AET37O\WebSoftCodecDrivern[1].exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\J5AET37O\WebSoftCodecDrivern[2].exe (Trojan.Dropper) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\K4TV12VC\cntr[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\KVKIJK7I\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Local Settings\Temporary Internet Files\Content.IE5\SB01KE4E\file[1].exe (Trojan.Vundo) -> Quarantined and deleted successfully.
D:\Program Files\Smart Antivirus 2009\vscan.tsi (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
D:\Program Files\Smart Antivirus 2009\zlib.dll (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Start Menu\Programs\Smart Antivirus 2009\Smart Antivirus-2009.lnk (Rogue.SmartAntivirus) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\mcrh.tmp (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\c.ico (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\m.ico (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\p.ico (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\s.ico (Malware.Trace) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\a.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Application Data\Adobe\Manager.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
D:\WINDOWS\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Favorites\Free MP3 Search.url (Rogue.Link) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Start Menu\Free MP3 Search.url (Rogue.Link) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Favorites\Free Porn.url (Rogue.Link) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Start Menu\Free Porn.url (Rogue.Link) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Favorites\Search Online.url (Rogue.Link) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Start Menu\Search Online.url (Rogue.Link) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Favorites\VIP Casino.url (Rogue.Link) -> Quarantined and deleted successfully.
D:\Documents and Settings\PC\Start Menu\VIP Casino.url (Rogue.Link) -> Quarantined and deleted successfully.

---------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 12:15:27, on 05/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
D:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
D:\WINDOWS\system32\DeltTray.exe
D:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe
D:\Program Files\BT Broadband Desktop Help\btbb_wcm\McciTrayApp.exe
D:\PROGRA~1\Yahoo!\YOP\yop.exe
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\RUNDLL32.EXE
D:\WINDOWS\system32\ctfmon.exe
D:\PROGRA~1\Yahoo!\browser\ycommon.exe
D:\Documents and Settings\PC\Desktop\HijackThis.exe
D:\PROGRA~1\Yahoo!\YOP\SSDK02.exe
D:\WINDOWS\System32\svchost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yahoo.com/search/ie.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bt.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.red.clientapps.yahoo.com/customize/btyahoo/defaults/su/*http://uk.search.yahoo.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DeltTray] DeltTray.exe
O4 - HKLM\..\Run: [btbb_McciTrayApp] "D:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe"
O4 - HKLM\..\Run: [btbb_wcm_McciTrayApp] "D:\Program Files\BT Broadband Desktop Help\btbb_wcm\McciTrayApp.exe"
O4 - HKLM\..\Run: [YOP] D:\PROGRA~1\Yahoo!\YOP\yop.exe /autostart
O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "D:\PROGRA~1\Symantec\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "D:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "D:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [VirtualCloneDrive] "D:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PowerStrip] d:\program files\powerstrip\pstrip.exe
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "D:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [NVIDIA nTune] "D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O9 - Extra button: BT Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - D:\PROGRA~1\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: PokerTime - {00000000-0000-0000-0000-000000000000} - D:\MicroGaming\Poker\PokerTimeMPP\MPPoker.exe (HKCU)
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - D:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - D:\Program Files\Windows Live\Mail\mailcomm.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - D:\PROGRA~1\Symantec\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - D:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: LiveUpdate Notice Service - Unknown owner - D:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "D:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Symantec Core LC - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

--------------------
The desktop properties is back to normal & also the c & d drives are now showing .

Cheers
Joe

 

You're welcome!


The log looks fine. If you are not having any problems now you should flush your system restore and set a new restore point.


http://support.microsoft.com/kb/310405

 

Thanks A Lot

Joe

CLOSED !