[NVR0FLASHDev - Service Control Manager]

At startup / logon prompt, a dialog box appears alerting Service Control Manager - Service or driver failed during startup

The error would appear in Event Viewer intermittently [service NVR0FLASHDev could not start - file could not be found] (not at every reboot) although the system complained at every logon. The nagging became increasingly annoying to me.

Determined:

The issue occurred after uninstalling an Nvidia driver [178.13], which apparently did not uninstall properly, as I upgraded to a more current driver. NVR0FLASHDev is tied to nView.

Uninstalling and reinstalling did not correct as the issue according to Event Viewer was NVR0FLASHDev could not be found and apparently the newer driver do not come with nView.

Browsing the registry turned up fruitless.

Solution:

After thinking for a bit, I realized that Windows was looking for this at startup so on the off chance I fired up Autoruns by SysInternals and low and behold after browsing I found an entry related to it marked as 00NVR0FLASHDev. Autoruns is kind enough to report the image path and as it were it reported File could not be found.

The safe way to test this would be to use the "Jump to" option which opens the registry to that key and rename it. Restart and see if the issue was resolved.

The key should be safe to delete.

This solved the error I was incurring.

I hope this information may help others out.

[Active Directory]

My OS is Windows 2003 which I use as my primary box.

I decided to set up AD and play around with it to learn but then removed it and unfortunately all my profile and browser settings were deleted. Unfortunately I had not backed up Firefox with the nifty extensions [FEBE, OPIE, CLEO]. My desktop settings are negligible.

The user folder is still present from the domain, Administrator.<computer name>, but just contains remnants and no usable data and is not listed as a user account anymore.

That doesn't make sense if you promote your box to a DC then remove AD it then hoses the user account.

Any comments. Lesson learned.

[Username and password over 2 domains]

Do you have a 2-way trust in place? You need a trust in each direction. A typical one-way trust between domains is: A (user accounts) [trusting domain] -> B (resources) [trusted domain]. Users from A are allowed to access resources on B. Set up another trust between domains in reverse of the initial and then you will have your 2-way trust.

[VIRUS ALERT in Task Bar...HELP!]

+1 for Malware Bytes

This sounds reminiscent to the Smitfraud virus I came across about 8 months ago which displayed a message in the system tray. Tarun recommended Malware Bytes and it did the trick then. Solid program.

[Add-On Maker for Nlite 1.2.4 Update: 06/17/2006]

Been having the same problem with the Addon maker across two different platforms now. [XP and W2K3] Every time I make an addon the program spits roughly a 200 MB file. Is there a certain compression program that this is only compatible with because I have used 7zip and WinRAR? I thought I could download and use the program without a hitch.. well getting some of the switches can be cumbersome.

[WD360GB not recognized by SATA controller on new motherboard]

I have (2) WD360GB hard drives. 1 out of the 2 is recognized on the new P5E3 board. I have tried every sata port and cable combination and tried various power sources. All my other drives are recognized fine. The drive hooked up via USB SATA adapter is recognized.

I have also reformated and partitioned the drive. I am downloading DLG tools from WD but don't have high hopes.

The drive works fine on the old system board. This blows my mind as to why I cannot get it recognized. I have updated to the latest bios revision for this board as well. The system is running bare bones.

Any help greatly appreciated as I would like to get my RAID array set up on these 2 drives and install my OS.

[Silicon Image SiI 3132 driver issue Windows installation]

Ok, doing a quick on ASUS and Google led me to what I believe is the answer. I am missing the nvidia RAID drivers. Darn you ASUS! Why couldn't they include them under the RAID section for downloads with the Silicon controller driver. Sheesh! I will integrate the drivers into another installation disk and post back.

[Silicon Image SiI 3132 driver issue Windows installation]

M2N32-SLI / Silicon 3132 controller

nlited WinXP with SP3 and integrated raid driver from ASUS as well as SATA driver by unpackaging and integrating via .inf file -- burned the disk at lowest speed [4x]

2 raptors [36GB] original issued 8MB cache connected to SATA ports

In bios enabled RAID through Serial ATA configuration under the Advanced menu

Silicon SATAII Controler set to [RAID MODE] under Advanced menu as well

Configured the RAID as striped mode

Booted Windows installation which freezes at the installation point where you are given the option to install, repair or quit -- leads me to believe there is an issue with the driver

Any ideas on how to troubleshoot this issue, initially had trouble with drivers loaded on a floppy doing the F6 option as well.

Any help greatly appreciated, thank you for your time.

[What is the best Audio Ripping Software]

Audio Grabber is one I've used

Smartripper or DVD decrypter for of course DVDs, might have trouble finding these as I know DVD decrypter is not supported or developed anymore.

[Whats the best Defragmentation Software]

Hands down, best freeware defragmentation software is JKdefrag by Jeroen Kessels. website

I just happened across this software and absolutely love it. It's standalone and can work off your flash drive for all you techs out there hint hint. Programmed using native windows api. There is a forum and tons of other information and utility recommendations as well at the site. What a great resource in my opinion.

By the way, its command line yet others have written a GUI for it. There is more than one to choose from. Hope people find this useful. BTW, I am big proponent of Diskeeper as well. This utility is as good if not better and it is free! I will donate to support ongoing development.

[Computer Associates Antivirus]

Thanks for the replies.

Nuff said then. BTW, the sales associates from Tiger Direct and Comp USA are the ones pushing CA.

Personally, I have NOD32 on my PC and also recommend Kaspersky. For a friend whose system I recovered, avast! is what I installed. AVG's integration into the web browser annoys me.

[Computer Associates Antivirus]

So I am in the process of rebuilding my system and call up a retailer with an inquiry on a product, the sales associate then proceeds to try and hawk an AV by Computer Associates. Never heard of it, anyone have any experience with this companies products? Seems like they have a history and a quick search of the net doesn't really produce anything. Looks as though they doctored up their entry on Wikipedia. Probably a company to stay away from or not even bother worrying about but I am just curious now that it has been brought up.

[What Anti-Virus do you Use/Recommend?]

I voted for avast! being that I was looking for a new freeware AV and tried AVG, AntiVir, then avast!. I recommend try all three, although the clear winner was avast! for me do to the boot-time scanning option, respectable resource footprint, great support forum, and of course it was not intrusive into my daily computing activities. Also, avast! supports email client support protection and online mail support protection as well. So it was a fully featured AV which I might consider using personally in place of a paid for AV. But I recommend avast! to anyone who chooses not to purchase an AV.

For instance, AntiVir has a lovely pop up that I thought initially only occurred once after installation yet it reappeared therefore resulted in an uninstallation. AVG does not allow you to turn off the integration into your browser without a glaring big red exclamation point over the system tray icon.

As far as a paid for version goes, well of course NOD32 and Kaspersky but I suggest also looking into the pro version of avast!.

[Efficient and effective procedure to clean a severely infected PC]

Ultimately you are correct. We do not have much control over that though, yeah I would like to implement something along the lines of Altiris, which was employed at my University. Any changes made to the system would be discarded and essentially rolled back to the initial configuration.

I am not looking to solve the root cause. What I am investigating really is a way to clean an infected PC that is presented to me without any care to how or why it happened. If based on this discussion thread and our continued efforts at work to prove unsatisfactory whether in turn around time or even just the success of the procedure I venture to guess I will be developing a procedure for techs to just: backup, reinstall, and reconfigure.

Also, please keep in mind that not every PC will be that bad. I just want to develop a procedure to employ for any PC that comes to be serviced. This procedure will consist of checking for and removing malware, maintenance, updates, and optimization. This what I am striving to achieve and hopefully find a way to automate most of it.

[Efficient and effective procedure to clean a severely infected PC]

I have an easy solution: backup data, reload system. Works every time.

Ideally IcemanND that would be the solution. The problem with most of our clients is they do not image their PCs or have any type of backup solution except for the data they maintain on their servers.

I would like to be able to target the issue and resolve it rather than circumvent it.

[Efficient and effective procedure to clean a severely infected PC]

Thanks for the input Jim.

Eventually, I'd like to get the number of applications down to a minimum.

Just used MalwareBytes today and am so far impressed. There was a machine being worked on with a SmitFraud infection and the desktop AV, online AV, and Spybot failed to do anything about it. Right after grabbing the fix utility for the tech I remembered about trying MalwareBytes and it took care of the issue.

[Efficient and effective procedure to clean a severely infected PC]

Have you considered a batch file or making an AutoIt program to automate the process?

Actually, I have not but am familiar with AutoIt because nLite which I recall that you are not fond of, I would be interesting and discussing that at a later time and date. But I will let you know if and when I decide to go that route. For the most part, once I develop a procedure that works satisfactorily for me I will be sure to apprise you of the results.

If you develop an AutoIt script to install and scan with these applications it may speed up the process. Alternatively, you could always program an application that handles that process. I've seen a few tech CDs that do this. With the reg cleaner, the most I'd use is CCleaner's Issues though I wouldn't make registry cleaning a requirement. Registry cleaners can do more harm than good, and I've seen CCleaner's Issues cleanup cause a few problems on some computers (mainly Windows 2000).

I still like the idea of having an in-house PC to handle the scanning for a couple reasons; limit the amount of software we install on client PCs as I do believe it should be removed at the end of the procedure, ablility to use the desktop AV scanner of my choice rather than the preinstalled McAfee which I loathe. As far as internet AV scanners go, they require downloading of the scanning engine as well as definition updates. This might not be such an issue but surprisingly the connection we have at work is quite meager. I would also really like to see how much it would speed up general scanning although I do realize that a constraint would be the hard speed mostly that of 5400s. I don't really expect to see too many of them.

Well, being relegated to use the CCleaner and the registry tool in the native OS isn't that big of a deal I suppose. Good point with the environment variables, I should have realized that myself.

I have experienced CCleaner breaking a PC. Before I noticed the added functionality I used and still use JV16's Registry Cleaner from the suite personally. We have to get a license at work for it if I decide to keep that as part of the procedure. Most of the PCs that come have a multitude of garbage that has been installed and uninstalled; e.g. toolbars , chat programs, etc. I believe a registry cleaning would be beneficial, I have yet to mess up a machine with JV16's registry cleaner.

I also defrag the clients hard drive with an excellent standalone utility by Jeroen Kessels [JKdefrag]. I carry it on my thumb drive. It is a command line utility but there are a few different GUIs provided by others if one does not wish to use the CLI. The utility provides a nice feature that optimizes the registry rather quickly. I imagine you might think this to be superfluous as well. In my eyes though, the client will receive their PC back not only free of issues yet in an optimized state which is noticeably improved.

As far as the automation by way of programming / scripting out the activities, that's something I will have to look into as I am more familiar in that respect on a Linux platform. Although Power Shell might be ideal, finally Microsoft made an effort to give us a little more power over the Windows OS. Still they do not provide much documentation at the lower level API obviously for security reasons or that of Intellectual property.

Thanks for the tip on Malwarebytes, I actually was doing some searching around and found that program but was somewhat skeptical and needed to check into a little bit. I then saw mention of it over at LunarSoft. Today I will try and spend some time familiarizing myself with it. Appreciate the /allhives switch tip on Spybot.

Eventually, I will present information about the procedure I ultimately employ. Getting a framework together is most important and from there hone it down and polish it up. Once I am satisfied, then I will spend time finding the best way to automate the procedure.

Thanks a bunch Tarun

[Free antivirus that's NOT AVG 8.0?]

While setting up a PC for a friend I went through trying out a few of the free AVs. AVG annoyed me with the browser integration that when disabled caused the system tray icon to have a large red exclamation point over it, Anti Vir occasionally threw a pop up window at the user and upon seeing it the second time I immediately unistalled the app, avast! is now installed.

avast! has a boot time scan option, is unobtrusive, reasonable resource footprint, and a wealth of options. I almost considered uninstalling my paid for AV to use avast! instead due to my excellent overall impression of avast! , actually I might look into buying the paid for version. AV consumers has a link to an independent test ranking avast! rather high on detection rates.

[Efficient and effective procedure to clean a severely infected PC]

I would like to pose a few questions to all the savvy techies who frequent the forum.

I work for an IT consulting firm that also provides support. Lately we have been getting in a lot of 'sick ' PCs. Most recently a PC came in with a severe infestation. One of my new coworkers had a difficult time dealing with partly because he was doing trial and error off of instinct without a procedure to follow and thus taking a whopping three days to complete from the time the PC arrived until it was finally clean. Of course this did not go over well and made me realize we need to solidify a proper procedure to follow.

I am conceptualizing an in house solution to treat a patient HD hooked up via a USB SATA / IDE adapter. Of course this poses a few issues, regarding some software being ultimately designed to run in the native environment. Although, I have worked that out in all the jibba jabber below, if you do care to look over my mess of a thought process then feel free.

Ok, basically I want to decrease the turn around time on these PCs drastically. What do I need: a procedure – check, main time hog: scans – decrease this by using a pre-configured [proper utilities installed / up to date] system with plenty of resources may work to alleviate this issue, point CCleaner manually to include the directories of the patient hard drive incurring a run through of the host directories as well but due to the speed and efficiency of the app shouldn’t be a big deal, manually configure Ad-aware and Spybot to scan on the patient HD [requires upgraded / paid Ad-aware], of course this is simple with AV programs and most internet scanners except for ESET’s off the top of my head. *note: most internet scanners require IE but to use Firefox just grab the IEtab add-on and add the domains to the site filter in options (Nice!). Now the running of a registry cleaner and Hijackthis is a different story (maybe I can contact the developers to include an option to specify the system directory in an advanced setting). Otherwise just run them natively through the patient OS. Updates will have to be done on the patient OS.

Any thoughts, suggestions, or criticisms? Please back up criticisms with some relevant information or don’t bother.

============================================================================

Stream of consciousness: thought process that led to the above, read at your leisure or not at all.

I've visited and read Tarun's guide [Anti-Malware and Cleaning pinned at top] along with the forum postings at Lunarsoft.net amongst others. It seems to me there should be a wealth of these type of guides yet there is not for some reason. [Not to say everyone is clueless about preventative measures] I found his guide to be of high interest because basically he has already done what I set forth to accomplish. : Currently, I am in the process of developing a streamlined procedure (that is both effective and efficient) to clean severely infected client systems. Although I do have a few reservations about his guide along with different opinions of my own, for the most part it employs most of the software I have been using for years with the exception of some others.

Assuming my procedure is similar to that of Taruns, I would like to remedy a few insufficiencies but not at the cost of effectiveness. So here goes, I'm just going to spill my brain -- so bare with me hopefully we can sort it out after.

Say for example we follow the guidelines laid forth by Tarun which is directly applicable to all the single users who visit this forum. I would like to switch gears and pose a method to use being that of a service oriented in a business environment dealing with many infected PCs on a somewhat regular basis. I know, apparently some of these companies are not instituting proper prevention.

I would like to pose a few questions that hopefully garner helpful feedback.

Each PC that comes in to be disinfected / cured, would required time to set up with the correct software. Also, the legal issue concerning the licensing since the being used in a business environment as well as sending back the PC to the client with a bunch of 'foreign software' and waiting to field their telephone calls.

I originally thought off the top of my head to set up a single PC in house the with the proper software to aid in our efforts to continually handle client PCs, although issues arrive with standard cleaning software that essentially is designed for the host machine running it. Then I thought of a Bart PE'd disk coupled with a flash drive containing configurations and maybe some updates [not sure if it is possible, used Linux live CD's in this fashion]. So maybe a hybrid solution would work. One of the two methods mentioned and then doing direct work within the patient PCs live environment will suffice if increasing speed of the time consuming scans. I do realize that older hard drives at 5400 rpm will somewhat thwart the effort of trying to use a system with more resources to scan but yet should give speedier results than that of the infected machine for more than one reason. Of course Hijackthis is one of the apps needed to run natively and any reg-cleaner as well.

My main question with this approach }}let alone all the other issues which I will hopefully address}} is how would this affect detection of the hard to find / remove infections that use random file name generation and therefore require heuristics to be employed yet the infections are dormant and therefore undetectable? Maybe, this approach is good in a sense that it will basically clean the easiest junk first [temp files, cache] then focus on the more difficult while in the native environment. My main problem is basically some the older machines with severe infections and sizable file systems would still take way too long not to mention incurring difficult infections that require special attention.

With CCleaner, you can point it to specified directories and it is quite a fast utility so taking in account that you will ultimately be scanning the host PC each time you do a patient HD hooked up via a USB SATA / IDE adapter. It might be a bit tricky to initially set up but with the aid of knowing the patient HD will default to the same drive letter each time one can set the directories once and forget about it. I figure doing a search for all temp directories as well as other known directories and then using PROCMON to analyze CCleaner's behavior should take care of the rest. Initially a bit of work but may be beneficial to others out there.

Then there is the question of the spyware scanners designed in mind to be run natively. Since I am in the process of conceptualizing a way cut out some of the redundancy in performing system cleans I realize that it may not be feasible to eradicate any redundancies without creating extra tasks that would annihilate any time saved by alleviating some redundancy in the task at hand. *Ok Ad-Aware upgraded to Plus or Pro versions can do a customized scan, not sure if that means how it scans or whether I can pick where it scans or both. Spybot can by default be set to scan specific directories by switching to advanced mode. Excellent, now I'm on to something.

[Add-On Maker for Nlite 1.2.4 Update: 06/17/2006]

I was unable to find a link to contact the administrator of the VirtualTek site to apprise them of the Add-on maker being infected with PSW.Banker4ADQM Trojan Horse. Hopefully they will put up a clean download soon.

[Scan to FTP HP laserjet 4100mfp]

Corrected the issue of missing 'Send to option' on the printer control panel. Problem cause as "The option possibly disappeared due to a disk replacement." Firmware update restored the option. Wasn't able to install it conventionally [failed saying it may be due to improper rights], it finally worked through the Windows command interpreter.

The first person from HP told me for out-warranty support I would have to pay $25. I told her I wasn't interested and she proceeded to say she would provide me with some information. Basically, she told me I needed to purchase the Digital Sending Software.

[Scan to FTP HP laserjet 4100mfp]

At our office we have a HP laserjet 4100mfp connect to our local network. According to the documentation, HP MFP Digital Sending Software is required for scanning to email and DSS workflow software to direct documents within the network. Does anyone know of a third party software or workaround that would allow this machine to scan to an FTP server without having to purchase the proprietary software from HP?

[Character encoding - unable to delete file]

Thank you for the response Ponch.

Overlooking the basics, I guess the tip off to file corruption would have been the error message "cannot delete: cannot read from source file or disk", post date creation, the characters from the extended ASCII set and or the inability to rename the file.

Doing a search based on the error message "cannot delete: cannot read from source file or disk" just returned solutions assuming the file was locked by the OS.

Issue:

Receiving the error message: "cannot delete: cannot read from source file or disk"

Solution:

The first and simplest thing to have done would be to have run chkdsk /f. Then work from there.

And then refer to (if need be):

http://www.geeksaresexy.net/2007/06/04/how...deletable-file/

[Character encoding - unable to delete file]

The file resides on a FAT partition. I have a file with a unique character at the beginning of the file name with whitespace and the letters "Vk" and no extension. The date of the file is post dated to the future 2030. When attempting to delete the file: "cannot delete: cannot read from source file or disk".

I have attached a representation of the character which I cannot find in any character set. It is similar to that of a double dagger. I have tried all the usual methods through the restarting, DOS shell, attempted the Unlocker utility, etc. Could not rename the file. I believe the file may have been corrupted.

I imagine that booting off a live Linux CD would allow me to delete the file. I am more interested in learning more about the root of the problem rather than just ultimately deleting the file.

Scandisk may resolved the issue but I wonder if anyone could provide some insight. Thank you.

[WinXP Pro network shares, anonymous login]

Can anyone provide insight into sharing a resource between two XP pro networked computers without requiring authentication/authorization [login]? I am unable to access the share without being prompted to login.

To rehash, I disabled simple file sharing (NTFS partitions) and set up a shared folder adding the ANONYMOUS LOGON group to the permissions on this share.

Added the ANONYMOUS LOGON group for access to this computer

Local Security Settings=> Local Policies=> User Rights Assignment {Access this computer from the network ==> added ANONYMOUS LOGON group}

I then defined the share as a share that can be accessed anonymously across the network through Local Security Settings.

Local Security Settings=> Local Policies=> Security Options {Network access: Shares that can be accessed anonymously ==>added the share}

Well it didn't work.