My computer’s messed up completley and i can’t fix it! WHen you turn it on this screen comes up and says there something wrong with the drive & BIOS. My computers date is also totally messed up. I put the BIOS back to the defalt settings but its still messed up. I also did a system restore..but nothing changed!!! I doenload Hijackthis too…here’s my log file:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:29:29 PM, on 2/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q404&bd=pavilion&pf=desktop
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 – BHO: Adobe PDF Reader Link Helper – {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 – Toolbar: HP view – {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} – c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 – Toolbar: Easy-WebPrint – {327C2873-E90D-4c37-AA9D-10AC9BABA46C} – C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 – HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 – HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 – HKLM\..\Run: [WildTangent CDA] RUNDLL32.exe "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0400.dll",cdaEngineMain
O4 – HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 – HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE
O4 – HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ‘LOCAL SERVICE’)
O4 – HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ‘NETWORK SERVICE’)
O4 – HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ‘SYSTEM’)
O4 – HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User ‘Default user’)
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra ‘Tools’ menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra ‘Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) – http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 – DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 – DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) – http://atv.disney.go.com/global/download/otoy/OTOYAX29b.cab
O16 – DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) – http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 – DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) – http://driveragent.com/files/driveragent.cab
O23 – Service: Ad-Aware 2007 Service (aawservice) – Lavasoft – C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 – Service: Apple Mobile Device – Apple, Inc. – C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: AVG7 Alert Manager Server (Avg7Alrt) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 – Service: AVG7 Update Service (Avg7UpdSvc) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 – Service: iPod Service – Apple Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Viewpoint Manager Service – Viewpoint Corporation – C:\Program Files\Viewpoint\Common\ViewpointService.exe
—
End of file – 5868 bytes
Tagged with: aawservice • adobe acrobat • adobe pdf reader • bho • completley • ctfmon exe • files windows • fwlink • hijackthis exe • hkcu software • hklm software • iexplore exe • internet connection wizard • internet explorer v7 • linkid • main search page • microsoft internet connection • running processes • software microsoft • svchost exe
Filed under: Computer Diagnostic Software
If you cant find an answer on here post your HJ log on bleepingcomputer.com they can and will help you!
From the log file I can see two problems:
First, you need to uninstall all of your anti virus softwares except one. Its a major no-no to run more than one anti virus. The manufacturers of each company program in that the other’s software is a virus…in other words, they don’t play well.
The other problem I see is that you have Viewpoint installed which is a notorious malware. Download Viewpoint Killer.
http://www.majorgeeks.com/ViewpointKiller_d4929.html
All that being said, I see nothing in the log that would indicate anything that would change your BIOS. Try tapping the F8 key next time you boot and choosing "Last known good configuration".
Theres a couple of reasons your Bios could be messed up, one being, a simple as this, open your computer up, and look for what appears to be a watch battery, yes that watch battery eventually in time must be replaced, its just a watch battery and I think its #3024 in most, it’ll be engraved on the battery. Go to store and get a new battery and replace that one…
Then after you’ve installed the new battery & put your computer back together…
I want you to use this tool ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe
you have 2 antivirus on your computer and it’s not very smart.
You can reinstall norton if you want afterwards, but AVG is a better and higher rated antivirus program.
Now I want you to reboot your computer into safe mode (press f8 during reboot) and go into your bios again…
Now I want you to set your bios to your "optimum settings" Im not sure of the number, but after you have done so press f10 when you exit your bios to be certain to SAVE the changes to your bios.
Thats most likely what you forgot to do, "save & exit"
You dont appear to have any viruses, or adware, but to be safe I’d suggest running AdAware & Spybot both, IN safe mode.
that will fix your problem… im certain of it
Would be very nice if you could elaborate a little bit more.
Quickly glancing over the running processes (I don’t have all the time in the world to look up each one and see if they are processes that run with a standard Windows installation) it appears these are all valid ‘names’ for windows processes, Now of course that says nothing to their integrity.
—
Exactly what issues are you having? You can set the BIOS clock before your operating system boots by hitting a certain F-key displayed at startup to go into it’s settings (and other information.)
Are you have issues in Windows itself? Possibly as a result of a recently downloaded/installed or internet traffick activities?
My E-Mail: cissp5@myway.com Let me know =)
When your computer is completely messed up you should bring it in somewhere and they’ll clean it out for you. If you want to do it yourself lets say you have Windows XP insert the Windows XP disc and everything will be lost but your computer will be like you just got it.
So you can still boot into Windows?
The BIOS essentially ends where windows starts. What are the messages word for word that it’s giving you in relation to the BIOS and the Disk?
The logfile doesn’t say much, as a BIOS problem wouldn’t be reported in any windows-based application.
Send a message my way with the disk/BIOS error messages and I’ll see what I can do.