Posts by DMR

1. ProTools is the way to go for heavy-duty pro recording, but it does involve purchasing additional Pro Tools-compatible audio I/O hardware, some of which is quite expensive. Digidesign did put out a freely downloadable, software-only Pro Tools product, but that was designed for Win 98/ME. Even when run under those versions of Windows though, most people ran into hardware-related compatibility issues of some form or another. I remember trying to get it to run on three or four different Win 2000 systems, with absolutely abysmal results.

Given that, software-only PC solutions like Sound Forge might suite your particular needs (and system configuration) just fine. If you really want to "go pro" though, let me what sort of studio setup you're shooting for and how much $$ you're thinking of spending.

2.

At the same time ive heard that the PC version, altough greatly improving, still lags behing the Mac version

The underlying reason for that is mostly due to the differences between the Mac and PC hardware architectures; it has little to do with software.

The major issue lies with signal-processing latency/timing. As I'm sure you know, doing "real time" audio or video processing (and having it turn out "glitch-free") is very system-intensive in general, and becomes even more so when working at higher bit/sample/clock rates. Without going into details, the hardware design of Mac-based computers basically has a shorter "pipeline" through which your record and playback signals must travel, making it much more …

Hi JorgePerez,

First of all- welcome to TechTalk!

What RPeeteRules suggested is true: we do ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.

Please start your own thread and post your question there. When you do, please try to give us as much specific info as possible regarding the problem (exact error messages, system specs, etc.).

For a full description of our posting guidelines and general rules of conduct, please see this page:

http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_faq#faq_rules

Thanks for understanding.

Well then- the "unwanted guests" might truly be gone. :)

Let us know if any of those (or other problems) crop up in the near future.

Hi Mike- that's good news; glad we could help you get it sorted out :)

I'll throw this out there though:

Ad Aware and Spybot used to be the best general detection and removal tools, but with the huge explosion/growth of the malicious programs floating around on the Net, they alone really just don't cut it anymore.

Given that, this is my "canned" repsonse concerning what people should do regarding detecting and removing current threats:

You will need to disconnect from the Internet for some of the following, so you'll need to print out the following instructions, or save them into a text file with Notepad.

1. Run at least two or three of the following online anti-virus/anti-spyware scans and let them fix what they can:

http://www.kaspersky.com/scanforvirus.html
http://housecall.trendmicro.com/
http://us.mcafee.com/root/mfs/default.asp?cid=9914
http://www.pandasoftware.com/active...n_principal.htm
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/scan/licence.php

2. Download, install, and run the following (free) detection and removal tools (use each program's online update function before running them to make sure you have the most current updates installed).

After each utility completes its fixes, reboot before continuing on to the next utility; have the utilities fix all of the problematic/malicious items they find:

ewido Security Suite - http://www.ewido.net/en/download/
Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en
Ad Aware SE Personal - http://www.lavasoftusa.com/
SpyBot Search & Destroy - http://www.safer-networking.org/

3. …

I wish it was that easy. The drive is no longer with me, and the person who has it is not pc literate at all. He might do more harm than good...

Sorry to hear that that's the case, but I definitely understand everything that you're decribing about the situation.

1. Your assessment of "He might do more harm than good" is right on the mark. If he knows nothing about data backup and recovery, he could very well lose everything on the drive if he attempts any recovery procedures on his own.

2. If the data on the drive is truly important, I'd suggest that he call some of the local computer service companies/people in his area and see if they can help. If those people really do know their stuff, they should be able to do something similar to what Christian suggested- install the drive as a slave drive in another computer and access/recover the data that way.

I'm a freelance computer consultant, so I've done that a number of times, and for a few different reasons; massive spyware infections included. If it was truly a virus/spyware infection that crashed the system, then all of your friend's data is still intact and most of it, if not all of it, should be recoverable. It might involve using a computer running something like Linux (as non-Microsoft operating systems are immune to the infections) to copy the data to a safe backup location, but the process should …

The version of rundll32 that you've found appears legit, and there's nothing amiss in your HJT log.

Are you getting any further indications of lingering problems, or do things seem to be working correctly now?

OK- the "about":blank" infection has revealed itself more fully now.

Run these specific "about:blank" removal tools and post a new HJT log once you've done that (before scanning/fixing with About:buster and CWShredder, use their online update features to make sure you have the most current updates installed):

CWShredder - http://www.intermute.com/spysubtract/cwshredder_download.html
About:Buster - http://www.majorgeeks.com/AboutBuster_d4289.html
HSRemove - http://www.majorgeeks.com/HSRemove_d4286.html
Sp.html-Se.dll Hijack Fix - http://www.majorgeeks.com/Sp.html-Se.dll_Hijack_Fix_2000XP_d4617.html

Your log looks clean now, although that isn't a definitve indication that your system is entirely clean.

Let's make sure the original infected file (or copies of it) are really gone:

1. Open Windows Explorer, and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types".

2. Click on the Search button in Explorer and:

a) type the following in the "All or parts of the file name" box"

scvho*.*

b) In the "Look in" box, select your C: drive.

c) Click on "More advanced options" and make sure that the first three boxes are checked.

d) Perform the search, and give us the exact names and locations of any files found.

1. If you can give us the exact "usb.sys" error that might be helpful. You might find more specific info for that, and perhaps the other problems, by doing the following:

Open the Event Viewer utility in your Administrative Tools control panel.

In the Event Viewer, look through the System and Application logs for entries flagged as "Warning" or "Error"; double-clicking on any of those entries will open a "details" window with more information about the error/warning. If you find any entries that seem to relate to the hangs/crashes that you're having, post the full and exact contents given in the detail windows.

2. The sharing of IRQs isn't usually a problem anymore, although it definitely was back in the days before PCI, "Plug-N-Play", and ACPI technologies were invented.

Since you haven't indicated that any recent hardware changes have been made to the system, the PCI/IRQ resource allocations of your installed hardware shouldn't have changed, but if you want to eliminate that possibility:

A) You can sometimes force a given device to use a specific IRQ or memory address range via the Resources tab in the device's Properties in Device Manager, but for the most part this rarely works. The issue is that modern operating systems and BIOSes do PCI resource allocation automatically, as opposed to the old (and pretty much manual) way that allocation was done with ISA devices.

B) There's one procedure which can often force a reallocation of resources …

1. Judging from the info you've given so far about the screen- you could have a hardware problem, and it could even be the specific connection problem you mentioned. The ribbon cable that carries the power and data signals between a laptop's motherboard and its screen has to do a lot of flexing in the course of opening and closing the lappy, and that wear can take a toll on the integrity of the cable over time.

However, if you haven't done this already (and if you can get a useable brightness again, obviously), I'd try downloading and installing a fresh load of video drivers before doing anything else. Replacing or repairing the screen won't be cheap, and you could get dinged a fair amount of $$ just to have a pro repair shop diagnose it for you.

2. In terms of your filesharing/networking question: are you using XP Home, Pro, a mix of both, and are the systems running SP2 or SP1? Networking is one of the major areas where the two versions of XP differ greatly, so the sharing configuration differs between the two as well.

the ipconfig gave just the header line:

Windows IP Configuration

That is it. and Nothing else..

If your network card were truly working properly (and enabled, of course), the ipconfig command should have given you information somewhat similar to the following:

Windows IP Configuration

		Host Name . . . . . . . . . . . . : Stinky
		Primary Dns Suffix  . . . . . . . : 
		Node Type . . . . . . . . . . . . : Mixed
		IP Routing Enabled. . . . . . . . : No
		WINS Proxy Enabled. . . . . . . . : No


Ethernet adapter Local Area Connection:

		Connection-specific DNS Suffix  . : 
		Description . . . . . . . . . . . : Intel(R) PRO/1000 
		Physical Address. . . . . . . . . : 00-0C-F1-26-FE-3B
		Dhcp Enabled. . . . . . . . . . . : No
		IP Address. . . . . . . . . . . . : 192.168.0.5
		Subnet Mask . . . . . . . . . . . : 255.255.255.0
		Default Gateway . . . . . . . . . : 192.168.0.1
		DNS Servers . . . . . . . . . . . : 4.2.2.1
		NetBIOS over Tcpip. . . . . . . . : Disabled

That fact that ipconfig listed no information whatsoever about your network card means that the device is either not configured correctly, or that it is configured correctly but has been disabled.

Look in your Network Connections control panel. Do you seen the connection listed? If so, what information do you see there? Right-click on the connection and then click Status in the resulting pop-up menu. what information do you see there?

Hi ijagarce,

First of all- welcome to TechTalk!

RJL1265 is right about starting your own thread. We do ask that members not tag their questions on to a thread previously started by another member (regardless of how similar your problem might seem). Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.

Please start your own thread and post your question there. When you do, please try to give us as much specific info as possible regarding the problem (exact error messages, system specs, etc.).

For a full description of our posting guidelines and general rules of conduct, please see this page:

http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_faq#faq_rules

Thanks for understanding.

Due to the fact that the member who originally started this thread has not responded in nearly one year, this thread is considered abandoned and has been closed.

In accordance with our posting rules, other members having similar problems should start their own threads and post their questions there. In order to help us help you most quickly, please include as much information about your problem as possible in your posts.

If the member who originally started this thread wishes to have the thread reopened, please send your request, including a link to this thread, to one of our moderators via email or Private Message.

Thank you.

Yes- do as Matt suggested.

If you have to delete the program manually:

1. Open Explorer. Search for and delete folders and files named "Ad Aware" and also "Lavasoft". In addition to putting a Lavasoft folder in your Program Files directory, Ad Aware will also have created at least one folder somewhere under your Documents and Settings folder.

2. If you're comfortable editing your Registry, open the Registry Editor, do a search for Ad Ware and Lavasoft, and delete any keys, subkeys, and values that reference those terms.

3. If the Ad Aware program entry still appears in your A/R Programs control panel after maunually deleting the program itself, follow these instructions to remove that entry:

http://support.microsoft.com/?kbid=314481

- As Zachery is suggesting, please give us a specific description of your network configuration.

- Do the machines all still have Internet access, or are there problems with that as well.

- Can you think of anything that happened around the time that you lost connectivity which might have contributed to the problem?

- What exact message do get from the failed pings?

- Are you using DHCP, or are you assigning IP info manaully.

Thanks for the follow-up Christian. :)

Hi manhunt2k,

First of all- welcome to TechTalk!

We do ask that members not tag their questions on to a thread previously started by another member, regardless of how similar your problem might seem. Not only does it divert the focus of the thread away from the original poster's problem, but it also makes it less likely that you yourself will get the individual attention that you need.

Please start your own thread and post your question there. When you do, please try to give us as much specific info as possible regarding the problem (exact error messages, system specs, etc.).

For a full description of our posting guidelines and general rules of conduct, please see this page:

http://www.daniweb.com/techtalkforums/faq.php?faq=daniweb_faq#faq_rules

Thanks for understanding.

Unfortunately, date recovery companies such as DriverSavers and the like charge a heck of a lot of $$ for their services, but if your drive was really hosed by viruses and/or spyware, the data is still most likely intact.

I'd suggest trying the following if you haven't already:

Install the drive as a slave drive in another computer and see if you can access and back up the data that way.

1. Yes- broadband routers have at least some firewalling capabilities built in. All broadband routers on the market today are at least capable of doing Network Address Translation (NAT), which affords a certain level of protection.

2. Ideally, you want a router that also does Statefull Packet Inspection (SPI; you can Google for the meaning of that term). Most of the current versions of broadband routers from the major manufacturers do this as well.

3. Does my existing broadband router, already a firewall?

You would have to give us the exact make and model # in order for us to answer that question, but given what I said above, the chances are probably pretty good that the answer is "yes".

4. Is it possible for someone to access my computer through my firewall?

Unfortunately- yes. Both hardware firewalls and software firewall programs have bugs and/or other weaknesses that are well known to hackers.

First of all- That alert is an option in the BIOS of Dell computers. Boot into your BIOS setup (hitting the F12 key just after the system restarts gets you there for Dells if I recall) and disable the option.

As to why it freezes, I'm not sure. does it boot properly into Safe Mode?

What version of Pro Tools are you considering? The "Professional" line of their products involves purchasing PCI plug-in cards and external devices. Give us more details; I worked with Avid/Digidesign products for years, so I can probably help you out.

Knowing which exact version of Office you currently have installed would help. :o

If you haven't already, open you Add/Remove Programs control panel and try to uninstall version 6.0 from there.

If that doesn't work, let us know.

1. Obviously, make sure that the IP addresses that you're getting for your DNS servers are correct. To verify that, open a DOS window, type the following command at the DOS prompt, and then hit Enter:

ipconfig /all

2. Download and run the (free) WinsockXPFix program.

... i am getting is the IBM startup screen... the screen is then going dark again but i can see the microsoft windows NT loader screen and can log into windows itself. i cannot see to alter any settings to troubleshoot it though.

What exactly are you saying there?

Does the initial "IBM logo" screen display properly?

Is the screen too dark to read once Windows loads?

Since an external monitor does seem to work, your brother's general assessment of the problem with the lappy's screen might be right. If that's the case, I would:

1. Set up filesharing between the laptop and desktop in order to back up your data. We can walk you through that if need be.

2. Buy a laptop-to-desktop (2.5"-to-3.5") drive adaptor and temporarilly install the laptop drive on the desktop machine. That will bypass any possible problems with networking the two machines together. Again- if you need more info on that we can give to you.

Many of the higher-end vid cards do come with a fan, or least a heavy-duty heat-sink, but you have to check the specs of the exact models and versions to be sure if that's the case. Alternately, a quick Google search should turn up some links to cooling solutions for your current card.

Hi Janine,

You can find info on the possible causes (and fixes) for that particular Stop Code error in the links returned by the following Google search:

http://www.google.com/search?hl=en&lr=&q=STOP+0x0000008E+win32k.sys+0xC0000005&btnG=Search

Give some of those a try and let us know the results.

Is it just that one site? (It works for me, by the way.)

I don't know if this will help for a problem that specific, but try downloading and running the IEFix utility:

http://windowsxp.mvps.org/IEFIX.htm

Hi amill18,

Your HJT log does show signs of the "smitfraud" infection.

Please click on the "Search this forum" button at the top right-hand side of this forums's main page and type "smitfraud" (omit the quotes) into the search box. Try the suggested fixes we've posted for other members in the links returned by the search, and then repost here with the results and a new HJT log.

The meaning of BIOS "beep codes" can definitely be helpful, but they vary depending on the BIOS' maker. Is your BIOS an AMI, Award, Phoenix, or other?

The beep code pattern you describe does seem to have some common reference among the major BIOS makers though- it appears to point to a memory problem, and more specifically to an area of memory possibly reserved for used by the video card. Because the BIOS runs its device checks and initializations well before Windows even starts up, it would be more likely that a video card driver issue is the symptom of a lower-level problem, rather than the cause.

The first recommendation is to open your chassis and check your physical memory modules. A short description from another site:

" First check your SIMM's. Reseat them and reboot. If this doesn't do it, the memory chips may be bad. You can try switching the first and second banks memory chips. First banks are the memory banks that your CPU finds its first 64K of base memory in. You'll need to consult your manual to see which bank is first. If all your memory tests good, you probably need to buy another motherboard. "

Scroll down to Section "Screen" and add the desired resolution to the "Modes". You should have something like this: Modes "1280x800""1024x768""800x600" (make sure you change all the Modes lines). Save file, restart X with Ctrl-Alt-Backspace.

Right. Also:

- The first resolution listed on the "modes" line is the default. If you want X to start in another res, edit that line so your desired res comes first.

- If you've configured multiple resolutions, and they all show up in the "modes" line, you should be able to toggle through them on the fly from within the GUI. Just hold down (simultaneously) CTRL+ALT+the +/ - keys on the numeric keypad. Using the "+" and "-" (hyphen) keys on the main keyboard won't work.

Hi Chintz,

1. You're running a slightly older version of HJT (v 1.99.0); you should get the latest version (1.99.1), do a scan with it, and post the new log.

2. Your current log definitely has some "nasties" in it. Before posting a log from the new HJT version, please complete the following general removal proceedures in order to (hopefully) get some of the infections cleaned up automatically:

You will need to disconnect from the Internet for some of the following, so you'll need to print out the following instructions, or save them into a text file with Notepad.

1. Run at least two or three of the following online anti-virus/anti-spyware scans and let them fix what they can:

http://www.kaspersky.com/scanforvirus.html
http://housecall.trendmicro.com/
http://us.mcafee.com/root/mfs/default.asp?cid=9914
http://www.pandasoftware.com/active...n_principal.htm
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/scan/licence.php

2. Download, install, and run the following (free) detection and removal tools (use each program's online update function before running them to make sure you have the most current updates installed).

After each utility completes its fixes, reboot before continuing on to the next utility; have the utilities fix all of the problematic/malicious items they find:

ewido Security Suite - http://www.ewido.net/en/download/
Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en
Ad Aware SE Personal - http://www.lavasoftusa.com/
SpyBot Search & Destroy - http://www.safer-networking.org/

3. Reboot into safe mode …

Windows has no buit-in bandwidth limiting/shaping capabilities that I know of, although your router might; check it's documentation.

Since the laptop can connect to the router and access the Net, it should only be the desktop machine that would need to be restarted if anything.

1. Right-click on the networking icon in the tray and click "Status". It should show that you are connected, and that packets are being both sent and received.

2. Disable any and all firewall software entirely. Even Windows' built-in firewall gets wonky sometimes and denies connections that it shouldn't.

3. Open an MS-DOS window and type the following command:

ping ip_address_of_the_router

If that works, you should get 4 positive responses from the router. If it doesn't work, give us the exact error that the ping command gives you.

4. If the above ping works, try to ping a website (Google in this case) by its IP address:

ping 66.102.7.147

5. If that works, try:

ping www.google.com

6. If none of te above work:

Type:

ipconfig /all >C:\ipconfig.txt

Open the resulting ipconfig.txt file in Notepad and post the contents of the file.

What's the exact model # of the Linksys router?

... when i try to access the computer that i am having problems with, it says that i have not been given the requested login type at the client computer.

Can you give us the exact message please?

i have tried all that i know

In order to avoid having us suggest things you've already tried, please tell us exactly what you have done already.

Which facet of this do you need help with? What you describe is a very broad scenario, and one with many options.

You say you have no experience in network design and administration. Does this mean that you will be responsible for hiring an outside company to do the installation and configuration, or are you expected to attempt this yourself? If the later, I'd highly suggest you reconsider. No offence meant, but designing and implementing a 60-node network isn't something that you just read up on and then go out and do.

Some (totally random) thoughts:

- Will wireless be involved?

- Are you going to have a company Email server on the network? If so, and assuming you'll be using Microsoft products, you'll need someone who know how to build and maintain Exchange servers.

- What other data needs to be centrally served? Do you want to use server versions of your actual applications, or will you install stand-alone versions of your applications on each workstation and just serve the data?

- Do you have people who know how to configure and administer Active Directory? With 60 or so seats, this obviously won't be a workgroup.

- Will you want or need users to have remote access to the network? VPN and the like would come into play at that point.

- Do you plan on running a Web server which needs to be accessible to the "outside world"?

- …

1) whats better? a) hub b) switching hub c) dsl router

Use a broadband router. For one thing, you can't usually connect more than one computer to the modem at a time, because the modem only assigns a single IP address. Switches and hubs are "transparent" in that regard, so even if you use one, all of the computers connected to it are still essentially tied directly to the modem. A router solves this problem by using Network Address Translation (NAT) to allow all computers connected to it to use their own "private" IP address. The router then handles the job of directing each computer's network traffic to/from the modem. Switches and hubs also have no built-in firewalling features like routers do, so they offer no protection from outside attacks.

2) can the virus protection of new puter extend over
network to old puter?

Not unless you've purchased the server version of sofware. You don't need to buy a second load of anti-virus software though; there are free A-V programs which often provide better protection than "pay for" products such as Norton and McAfee. AVG is one such program.

3) will NTSF file system read a FAT 32 file system?

All versions of Windows that use the NTFS filesystem are fully compatible with FAT/FAT32 as well. If you're asking about drives on two separate (but networked) computers, the specific filesystems don't even come in to play; the network doesn't care.

4) use new puter for online …

So do I have to re-install Windows?

Unless you do a totally clean reinstall (reformat, etc.), the problem might persist. Since Windows has lost its full association with the file, it's difficult to say exactly what would happen if you did a "repair" or "in-place" install, but you can try it if you want (back up you drive first just to be safe).

Did you run the filesystem check? If so, did it find any errors?

... or are they getting smarter?

Absolutely. :evil:

I'm glad that finally seems to have worked. :)

Now that your system is clean, here are a few things you can/should do to minimize your chances of future virus/malware infections:

1. Enable Windows Automatic Update function to keep your system as up-to-date as possible with the most current Microsoft security and bug fixes.

2. Stop using Internet Explorer as your web browser. Because IE is so closely tied into the Windows operating system itself and contains so many security flaws, switching to another browser such as Netscape, Firefox, or Opera will reduce the avenues through which spyware/adware/hijackers/etc. can infect your computer.

3. Install preventative utilities such as SpywareBlaster and SpywareGuard (links are in my sig below), especially if you absolutely have to continue using Internet Exploder. These utilities protect areas of your system known to be vulnerable to malicious attacks. IE-SPYAD is another helpful tool; it can be downloaded here:
https://netfiles.uiuc.edu/ehowes/www/resource.htm

4. Tighten up some of Internet Explorer's existing, default settings to make it more secure. Some info on that can be found here: http://tomcoyote.org/ieoe.php

5. Obviously-install a good anti-virus program and enable its "auto-protect" and email-scanning features.

6. Install a stand-alone firewall program such as Zone Alarm, Sygate Personal Firewall, or Kerio Personal Firewall, or purchase the "Internet Security" packages offered by Symantec and McAfee.

7. None of your utilities are of much good if you don't check for updates frequently; updates …

Hi Zooks, and welcome to Daniweb. :)

Please follow these cleaning instructions careful and fully (yes, I know that you have some of these programs installed already):

You will need to disconnect from the Internet for some of the following, so you'll need to print out the following instructions, or save them into a text file with Notepad.

1. Run at least three of the following online anti-virus/anti-spyware scans and let them fix what they can:

http://www.kaspersky.com/scanforvirus.html
http://housecall.trendmicro.com/
http://us.mcafee.com/root/mfs/default.asp?cid=9914
http://www.pandasoftware.com/active...n_principal.htm
http://www.ravantivirus.com/scan/
http://www.bitdefender.com/scan/licence.php

2. Download, install, and run the following (free) detection and removal tools (use each program's online update function before running them to make sure you have the most current updates installed).

After each utility completes its fixes, reboot before continuing on to the next utility; have the utilities fix all of the problematic/malicious items they find:

ewido Security Suite - http://www.ewido.net/en/download/
Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en
Ad Aware SE Personal - http://www.lavasoftusa.com/
SpyBot Search & Destroy - http://www.safer-networking.org/

3. Reboot into safe mode (you get to the safe mode boot option by hitting the F8 key as your computer is starting up)

- Open Windows Explorer, and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system …

You said "can't get her desktop back"; can you give us specific information on just what you mean by that please?

These are all thin I recommend to clients, and yet it still got through.

The Nasties have gotten nastier, so the rules have changed. The old recommendations of Ad Aware, SpyBot, and a good A-V programs (which I used to recommend to my clients as well) just don't do the trick anymore in terms of keeping a system most protected. Ad Aware and SpyBot are still good tools to have thaough.

For the best protection against the most current threats, these are my general recommendations:

This should go without saying, but:

Enable Windows Automatic Update function to keep your system as up-to-date as possible with the most current Microsoft security and bug fixes.

In addition:

1. Detection and removal tools:

ewido Security Suite - http://www.ewido.net/en/download/
Microsoft Anti-Spyware beta - http://www.microsoft.com/downloads/...&displaylang=en
Ad Aware SE Personal - http://www.lavasoftusa.com/
SpyBot Search & Destroy - http://www.safer-networking.org/

Use each program's online update function before running them to make sure you have the most current updates installed, and run the programs consecutively (the order doesn't really matter). After each utility completes its fixes, reboot before continuing on to the next utility; have the utilities fix all of the problematic/malicious items they find.

2. Online anti-virus/anti-spyware scanners (have your clients run at least three of …

Unfortunately, information about your filesystem (the names, sizes, locations, creation dates, etc. of files and folders) is one of things that Windows does not store in the Registry, so there's no Registry edit that you can do to remove the file.

Since you said that did have virus/spyware infections, we'd certainly take a look at a HJT log if you want to post one, but I doubt it will help you get rid of the corrupt file.

The second screenshot shows the file listed by the dir command, but it also shows that you can't delete it with the del command. :(

The file is almost cetainly corrupt, but I need to log off for a few hours and won't be able to post further suggestions until later today.

1. You've posted this in the spyware/viruses forum; what indications have you gotten that malicious infections are the cause of the problem?

2. Open the Event Viewer utility in your Administrative Tools control panel.

In the Event Viewer, look through the System and Application logs for entries flagged as "Warning" or "Error"; double-clicking on any of those entries will open a "details" window with more information about the error/warning. If you find any entries that seem to relate to hangs/crashes in Media Player or Real Player, post the full and exact contents given in the detail windows.

<EDIT>

Hmm... looks like swatkat and I are posting at the same time again.

</EDIT>

OK- we'll be here.

it doesn't matter right?

It does matter. If an anti-virus or anti-spyware program detects an infected file on your computer, you should definitely delete it. Even if an infected file seems to be "dormant" at the moment, it could be triggered back into action at some point in the future. This is especially true of infections hiding in your System Volume Information folder, because that's where Windows stores the backup files that it uses for its System Restore feature. If you ever have to use System Restore to recover from a problem, any infected files in the Restore folders can get reinstalled along with the "good" Restore files.

Following the instructions given in the link that dlh6213 posted should have deleted the contents of the System Volume Information folder, but if not, you can try to manually delete the infected files by doing the following:

1. The System Volume Information folder is a hidden folder; make it visible by opening Windows Explorer and in the Folder Options->View settings under the Tools menu, select "show hidden files and folders", and uncheck "Hide protected operating system files" and "Hide extentions for known file types".

2. In Explorer, browse/search for the infected files and delete them by hand.

3. Make sure to empty your Recycle Bin after deleting the files.

what does this virus do?

We can't tell that from the information you've posted; the names that AVG is giving you are just the names of infected files, not …

Try posting in the Networking forum and you should be up and away in no time, to be sure :D.

Yes- Start a new thread in the Networking forum and we'll try to help you find a solution. In your post, please be sure to include specifics such as the makes/model #s of your wireless devices, the type of Internet access you have (cable, DSL, etc.), the version(s) of Windows you're using, and any other information which might be of use to us.