How To Fix UAC and VirtualStore Problems

[regnak999]

Before searching for the hidden folder, did you unhide all files, folders, and drives in Folder Options first? They won't show otherwise.

If it's Vista SP1 or later, try searching the roaming folder.

I don't know how to do that. I don't know where a roaming folder would be either. And I have windows 7.

[regnak999]

Ok I found the info int eh first post and revealed the hidden files. I still have no virtual store in my user data.

[irishron]

How about users\your username\appdata\roaming\the creative assembly?

[regnak999]

How about users\your username\appdata\roaming\the creative assembly?

I found the roaming folder but the last part is not there. I checked all the user folders.

[irishron]

Try installing then. If you a message of it already installed, check again and check the registry again.
Computer does have a Search box top right corner you can use, too.

[regnak999]

So I disable uac(still nervous about that) reboot and install? I have already done a ccleaner scan. Thanks for the help and happy new year!

[irishron]

Sound like plan. Go forth.
If you're the only user on your computer and you only go to legit sites you don't need the UAC. Even with kids using mine long before Microsoft included it I'd just password protect programs I didn't want them into.

[regnak999]

What would you consider a non legit site? I don't do torrents or go looking to dl pirated stuff(or any stuff for that matter) on use net or sites like that..

[regnak999]

Ok I got it installed and am running the 1.05 patch now. I will probably wait on the TATW stuff until the morning. After I do that(and is there anything else I need to do before that) won't I be finished? What I mean is since the TATW mod is finished(and I installed from dvds) would it be safe to reactivate the UAC? I am a bit paranoid in case you hadn't noticed.

[irishron]

UAC is better left off when dealing with Medieval2 mods. Others have said this long before me.

[regnak999]

Well after turning off UAC I did a Spybot scan before continuing. A trojan popped up Win 32 Bifrost and my Spybot will no longer fix selected results. Needless top say I ahve stopped with TATW until I get this fixed. If I can.

[irishron]

http://en.wikipedia.org/wiki/Bifrost_%28Trojan_horse%29

It's a rootkit. Try this. http://usa.kaspersky.com/downloads/TDSSKiller It worked for me once.

[regnak999]

I tried it but it didn't find anything.

[irishron]

Is this file on your computer in this folder?

Code:

C:\Program Files\Bifrost\server.exe

If so delete it and run another Ccleaner scan.

[regnak999]

I don't see it. From that path there would be a Bifrost folder where the exe would be inside right? Or should I look in some other folder? I am trying a Hitman pro scan now.

[irishron]

Windows folder has server.exe for a reason that is legit. Let the Hitman scan run first.

[regnak999]

Hitman got rid of 2 Trojans but neither said Bifrost. A second scan came up with no problems. I am running Spybot again to see if Hitman listed the Bifrost under an alternate name. What a way to start the new year.

[irishron]

Hopefully this makes the rest of the year better.
What were the other Trojans out of curiosity?
Edit: Have you tried Malwarebytes? They also have a rootkit killer the last time I checked.

[regnak999]

Thanks. From the log:

Trojan.Generic.1071250 (Engine-A)
Trojan.MSIL.Fakromup.i

I have Malwarebytes but it didn't find anything. TBH I am starting to wonder if Spybot removed the Bifrost trojan but got stuck before telling me.

[irishron]

Possible. Did Spybot leave a text file after its scan?