thread for Advanced Removal per protocol of topic

Discussion in 'Computer Games and General Discussion' started by Arch Feline, Oct 27, 2011.

  1. Arch Feline
    OP

    Member Arch Feline GBAtemp Regular

    Joined:
    May 7, 2007
    Messages:
    230
    Country:
    United States
    Windows XP Professional

    Version 5.1 (Build 2600.xpsp_sp3_gdr.101209-1647:Service Pack 3

    Toshiba Satellite laptop which came with Vista installed but was switched to XP Professional because Game Shark and Saitek were not supported in Vista


    Problems.

    1. I cannot post in Google+ using FireFox. I can comment in Google+. I can post from my account on another computer with the same internet connection.

    2. The Matshita DVD drive does not read DVD's. It burns DVD's/CD's and it reads CD's. This started about 2 years ago.

    3. I cannot update Internet Explorer. I have IE6 and the update for IE fails.
    ...A. I cannot run the Microsoft fixit. It stops at uploading powershell
    ...B. I cannot set up a clean boot because when I follow the instruction
    .......... go to the Service tab, tick "Hide All Microsoft Service" and tick "Disable All" and I get the message "An Access Denied error was returned while attempting to change a service. You may need to log on using an Administrator account to make the specified changes." Not only do I have a power account but I tried from the "Administrator" account and I got the same message.

    4. I did manage to update Windows Media Player but it took hours of repetition.

    5. While I was doing the Removal steps., "Shadow Copy" device kept appearing as new hardware that needed to be installed. I did a defragment of C drive and had no further problem with it.


    * * * * * * * * * * * * * * * *

    In the meantime I will go through the steps again. I generally can follow how to's. I chipped my Wii and modded it when that became available. I updated the firmware on my XBOX 360. I set up my DS Lite with R4 and CycloDS. (The special Edition Ace card is still unopened).

    Of course XP is a lot hairier.
     


  2. Rydian

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    1 - http://support.mozilla.com/en-US/kb/Safe Mode
    Does firefox work better in it's own safe mode?

    2 - Video DVDs, data DVDs, or both?

    3 - As stated in the sticky, something messed with IE, let malwarebytes remove it.
     
  3. Arch Feline
    OP

    Member Arch Feline GBAtemp Regular

    Joined:
    May 7, 2007
    Messages:
    230
    Country:
    United States
    1. In FireFox safe mode I can post on google+ and I checked that FireFox still does provide the text box otherwise. (Before I ran the procedure safemode did not provide the text box).

    2. Video DVD's and data DVD's get a different response. Before The drive would play video DVD's and not even recognize that a data DVD had data.
    !!!!!!!!!!! Joy! There is an improvement in the data DVD situation. Microsoft Explorer recognizes my DVD labeled Pirates and recognizes the 3 avi on it. Microsoft Media Player can play the movies but VLC cannot. VLC can play the movies on this DVD if I put the DVD on my exterior Liteon drive.
    For a burned iso, the DVD still does not show up in Microsoft Explorer but at least the drive is now being call a DVD ram drive and ImgBurn can tell that something is there. (I am estatic after 2 years)
    For the DVD with avi, I tried the same DVD a month ago (when I got my Liteon) and it was like nothing was there.


    3. I right clicked to have Malwarebytes scan IE6 and it said nothing malicious. I do not see an option in MalwareBytes to remove IE6, but I will search for a way to uninstall IE6.
     
  4. Nimbus

    Member Nimbus sudo /usr/bin make-me-a-coffee --nosugar --cream=1

    Joined:
    Nov 1, 2009
    Messages:
    913
    Location:
    Probably being lazy.
    Country:
    United Kingdom
    I agree with Rydian...let MalwareBytes murder whatever screwed with IE in a massive and glorious bloodbath of ones and zeros.

    As for you using IE, I'm very confused. You should use Firefox, at least Version 7. We can move tabs back down to the bottom now, and Firefox is soooooo much better.

    Course, Xuphor would argue that Opera is more secure than Firefox is, but because I have never used Opera, never had an issue with Firefox, and am a Linux user, I couldn't really vouch for it one way or the other.
     
  5. Arch Feline
    OP

    Member Arch Feline GBAtemp Regular

    Joined:
    May 7, 2007
    Messages:
    230
    Country:
    United States
    But how do I let MalwareByte murder IE? I specifically right clicked on the folder in programs so that MalwareByte scanned it again. I am not even finding an uninstall option. I suppose that I could delete the folder and delete the registry entry.

    I do have FireFox as my browser but FireFox is having a problem with google+. I want to update IE for the following reasons (A). have an alternate (B). for anything that may depend on IE (C) seems to be the only way to uninstall IE6
     
  6. Originality

    Member Originality Chibi-neko

    Joined:
    Apr 21, 2008
    Messages:
    5,154
    Location:
    London, UK
    Country:
    United Kingdom
    I use Chrome as an alternative.
     
  7. Rydian

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    1 - What addons/extensions do you have for firefox?

    2 - Sounds like your main drive is dirty.

    3 - I didn't mean for malwarebytes to remove IE, but to let it remove whatever's infecting IE by doing a full system scan.
     
  8. Arch Feline
    OP

    Member Arch Feline GBAtemp Regular

    Joined:
    May 7, 2007
    Messages:
    230
    Country:
    United States
    1.
    AdBlock Plus 1.3.10
    DownThemAll 2.0.8
    Element Hiding Helper for AdBlock Plus 1.1.2
    GameFox 0.8.2
    IE Tab 1.5.20090525
    Java Console 6.0.13
    Java Console 6.0.21
    Java Console 6.0.22
    Java Console 6.0.24
    Java Console 6.0.25
    Java Console 6.0.29
    Java Quick Starter 1.0
    PDF Creator Toolbar 1.0

    (and all of that Java Console garbage is weird but there is no option to remove it)


    2. ...


    3. I wish that MalwareBytes would find something but it is running without detecting anything. The first time MalwareBytes found a few things. As I said I repeated the setup and removal procedure. I uninstalled MalwareBytes and Avast and reinstalled. I ran Malwarebytes again without its detecting anything and I am about to run the boot scan of Avast again.

    * * * * * * * * * *

    That "Shadow Copy" install new hardware came and went away as I said earlier. Now I get a install new hardware "usb composite device" but this one gives up after one try. Lowering and raising the lid of the laptop is the trigger.
     
  9. Rydian

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    1 - See if disabling all the extensions you can fixes it?

    2 - As in you might want to try a lens-cleaning disc on it.

    3 - Does the laptop have a webcam, is it functional? The composite device may be the webcam, called composite for it's cam and mic combined.
     
  10. Arch Feline
    OP

    Member Arch Feline GBAtemp Regular

    Joined:
    May 7, 2007
    Messages:
    230
    Country:
    United States
    1. Brilliant. It was AdBlock doing it. If enough people use google+ and AdBlock, they will be made compatible.

    2. lens cleaning disk: I bought 2. One is specifically for the Wii and it has a handle. I will look for the other one.

    3. Brilliant again. I am starting at shadows.

    * * * * * * * * * * * ** *

    Now I messed up the "Administrator" account somehow. When I open Documents and Settings most of the contents do not display. In particular "Application Data." What might I have done? Somehow the attribute for some of the contents was switched to hidden. Is there a global way to remove them from hidden? If I search for, say, "Application Data," then I can change it from hidden; but if I do not know to look for something, it stays hidden?

    Is it possible that my DVD ram drive got hidden somehow?

    Could part of the problem be settings? I know that once I had a problem with Device Manager not displaying and I found a web page which let me make the right settings. All of these things that I try to do like set up a clean boot, set Groups (for the active setup reinstall), maybe even the install IE8 could just be Windows system settings.


    (I need some sleep). I will look for my disk cleaner after.


    ****************************************************************************************************
    ****************************************************************************************************

    I found the VCD/DVD Cleaner "Is suitable DVD machine and the computer light drive cleanly." Success! Image burn reads the iso. (I am going to save the image burn WINDOW and celebrate).

    * * * It is still not fixed though. As I said all but a few of the files and folders on the Administrator account got flagged as hide. Maybe uninstalling Avast did it? And I cannot set up a clean boot because I am not allowed to and I cannot set Group policy in order to create Microsoft Active Setup.
     
  11. Rydian

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    Application Data itself is a hidden folder by default, but some infections will go and mass-hide chunks of files in order to try to pretend they were deleted and to offer to "fix" the issue if you give them your credit card details, it's just one of the latest scams they pull. If you set a folder to be unhidden, there's an additional option to apply the setting to everything in the folder (including other folders).

    Does the DVD drive show up in "my computer"?
     
  12. Arch Feline
    OP

    Member Arch Feline GBAtemp Regular

    Joined:
    May 7, 2007
    Messages:
    230
    Country:
    United States
    1. Application Data was not messed up on my personal (power) account and was not messed up on "Administrator" at least half way into this. When Application Data got messed up, here is what was going on. The folder Application Data appeared as usual as faded out. When double clicked Application Data opened but only a few folders showed. i freaked out and logged out to my personal account and the files were there. I logged out and back into "Administrator" and did a search on all files and folders. Everything (I hope) showed up and I changed properties by folder. So weird. It makes me worry about what else could be hidden.

    2. Yes the drive shows up in "my computer" (it is actually named and not the generic my computer). If nothing is in it, it calls itself DVD-RAM drive (instead of CD drive). With a labeled sets of avi's the label appears in my computer. With an iso it shows a DVD-ROM being in there and says that it is a CD drive but ImgBurn can read the iso. Before the drive just showed up as CD drive and ImgBurn could not read the iso. In fact there is now a topic on the GameCube board of someone having the problem of not being able to read iso's on the computer.

    * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

    What can I do about not being permitted to set msconfig and Group Properties?
     
  13. Rydian

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    1 - There's also the "system" attribute, if a folder has that then you'll need to have the display of system files on as well.

    3 - See if you can do it on a fresh user account with admin rights. If not, I suggest a full scan with an AV like Avast. Your current AV has likely been crippled.
     
  14. Arch Feline
    OP

    Member Arch Feline GBAtemp Regular

    Joined:
    May 7, 2007
    Messages:
    230
    Country:
    United States
    1. Where do I turn on the display of system files?

    3. A fresh user account with admin rights is worth trying, I guess, to see whether it works. What do you mean by a full scan with Avast? You mean that doing a full scan with Avast will do something that all of the bootscans with Avast did not do?
     
  15. Rydian

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    1 - In the same place as hidden files, the view tab of folder options.

    2 - A scan with avast while logged into an account might pick up on incorrect applies permissions that something out of the account won't. I'm not sure exactly what the best way to fix account permissions is, though. The way Windows does it isn't that clean, personally when it happened to make I just made a new account and switched my crap over.
     
  16. Arch Feline
    OP

    Member Arch Feline GBAtemp Regular

    Joined:
    May 7, 2007
    Messages:
    230
    Country:
    United States
    I made a new account. I tried to set up a clean boot with msconfig and I got the same error as in the other accounts. I will run a scan with Avast while logged into an account. Which one should I choose --- Administrator, current or new?

    * * * * * * * * *
    I want to be sure that I have checked everything. I checked PUPs, scan entire content. Is there some other option which I may have Overlooked that I should check?
     
  17. Rydian

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    Go into the new account, run rkill, then avast, then malwarebytes, at the default "full" scans.
     
  18. Arch Feline
    OP

    Member Arch Feline GBAtemp Regular

    Joined:
    May 7, 2007
    Messages:
    230
    Country:
    United States
    The scan by Avast turned up a password protected file (that is invisible to me) and that Avast could not scan. I tried to get Avast to move it to the Chest but "Apply" is faded out.


    Is there a better way of getting rid of it than installing Ophcrack and finding the password , assuming that the password is short enough. ***** Take that back. Microsoft page says I can take ownership.

    I cannot see this file at all. A search reveals the executable Replay Media Catcher. I guess I can search for each item by the name listed by Avast. Another way is to create a new Shared documents folder with everything else and deleting the old one.




    Please tell me if there is a way to get Avast to move it to the chest.
     
  19. Rydian

    Member Rydian Resident Furvert™

    Joined:
    Feb 4, 2010
    Messages:
    27,883
    Location:
    Cave Entrance, Watching Cyan Write Letters
    Country:
    United States
    What does Avast say about the file?

    Sounds like you should give this tool a run.

    http://support.kaspersky.com/faq/?qid=208280684
     
  20. Arch Feline
    OP

    Member Arch Feline GBAtemp Regular

    Joined:
    May 7, 2007
    Messages:
    230
    Country:
    United States
    On the linked to page I did not see anything about scanning protected files. Is this something that you think might be helpful because VLC will not play video media on D drive?

    The folder is invisible. There is nothing to click on. Nothing to try to guess the password of it. The executable is dated 6/12/2010. Did anyone else here on gbatemp download Replay Media Catcher by ChattChitto? ChattChitto seems to be a site open by invite only. (I am not the only one using this computer and I hardly ever download music and videos- being a gamer. However, my memory is certainly bad enough that I could have been the culprit).


    Avast says for Result. Some files could not be scanned. Inside the log Avast says "Error: Archive is password protected. (42056). There is a visible executable in Shared Documents. "Replay Media Catcher v3.01 + Crack-Reg By ChattChitto.exe

    Are archived files invisible or is there a special place to view an archived file?

    Of course Avast also says no virus because Avast could not scan it. Now in the registry there are entries for this but the executable is not listed in remove or change programs. Does XP keep track of searches made in the registry? "_visual" was what I had to remove to get rid of a root kit and I am wondering if I should remove these registry entries or whether XP just put them there as a record of my search.

    HKEY_USERS\S-1-5-21-1614895754-1303643608-1547161642-1003\Software\Microsoft\Search Assistant\ACMru\5603
     

Share This Page