Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Resolved Question

Rogue Website - Any protection?

Nov 5, 2011 4:49AM PDT

I am running both a W7 and an XP PC. The problem is with the XP ONLY. I have AVG Security. My screens assure me that all components are working. I also have a Windows firewall.

However, every 10 or so minutes whatever I am doing (including composing this post) I am interrupted with a small window headed Hardware Installment. Below that is this message: The software you are installing ... non-Plug and Play Drivers ... have not passed Windows Logo Testing. Then there's some other text and lastly two buttons: Continue or Stop.

I AM NOT in the process of installing either hardware or software. Three months ago I switched from ATT to Comcast so I switched routers but it is only recently that these messages started.

I have run both Malwarebytes and AVG's PC Update but they found nothing. That didn't surprise me because it appears there is a rogue computer out in the great beyond which will try this as long as I have this PC plugged in.

Any help will be greatly appreciated. Thanks!

Discussion is locked

garrason has chosen the best answer to their question. View answer
- Collapse -
Clarification Request
From your description
Nov 5, 2011 5:01AM PDT

From your description it doesn't really sound like any malware or rogue browser web site.

What does your Device Manager say?

I'm not a technical expert but that Hardware Instalment sounds like a problem with a driver or hardware component. What can you tell us about this system?

Do you have SATA hard drives with a SATA Controller?

Are there any exclamation marks against any devices in the Device Manager?

Also, look at the Event Viewer and see if any errors are logged there under System.

Do you have all your personal files backed up? If not, I would make a start on that now.

Mark

- Collapse -
Rogue Website
Nov 5, 2011 7:32AM PDT

Mark, thanks for your reply. You write that you're not technical but you are way ahead of me. I checked the Device Mgr, found a list of some 15 items all with a + mark but nothing else that would give me anything to tell you. Or did I miss something?

In the Event Viewer I find that all the Errors are about MsiInstaller (??) and when I click for details I find that the "driver was not installed". Which makes sense because I've not allowed that questionable software to download. The times match the most recent attempts

As for backup I have both my PCs on Carbonite. I use the XP mostly to write a family history while doing online research on the faster W7. At end of day I also copy the latest version of the genealogy from the XP onto a thumb drive.

I know nothing about my hard drive or its controller. It is a Seagate replacement installed about 3 years ago by Geeks on Call.

Does any of this help?

Again, Many Thanks!

- Collapse -
Next steps
Nov 5, 2011 8:08PM PDT

By all means post an image of your Device Manager as suggested below, but personally I'm not sure it is needed now. If you don't see any exclamation marks when you open the Device Manager, then you have no hardware problems. Any + marks would be expanded to a - with the device overlaid with the exclamation mark if Windows was encountering a problem with hardware.

So, next step.

We need to identify what these supposed drivers are being offered for.

In fact, an image would be a good idea, of that popup window. Can you do that? When this next appears take a screen print of your whole Desktop. Paste that into Paint then save it to your Desktop as a JPEG file. If you need to remove any personal information from that image before saving, now is the time to do so.

Then upload that image to your favorite image hosting site, (I use ImageShack), and post the link to the Full-Sized image here.

Also, a couple of other things. Have you used XP's Task Manager before? Right click the Taskbar, select Task Manager. In the TM window open the Processes tab. There is an option at the bottom of the window to display processes for all users so select that please.

When this popup displays again, open your Task Manager and see if any process has appeared that doesn't appear normally. There may also be an entry in the "Applications" tab that wasn't there before.

Finally, back to the Event Viewer, but this time instead of looking at System, have a look at Application, and see if there are any relevant errors logged for when this popup appears.

Let's see what we can find.

Mark

- Collapse -
what you have described sometimes happens ...
Nov 9, 2011 5:43AM PST

even after a successful installation of some application or drive that uses Windows Installer.

The common cure used to be to make use of Microsoft's Windows Installer Cleanup utility but Microsoft no longer offers it as there were some problems with Office 2003 and later.

If you do not have Office 2003 or later I would suggest you give it a try as it can be downloaded here:
http://majorgeeks.com/download.php?det=4459

Best Answer

- Collapse -
Posting a Picture of Device Manager might help
Nov 5, 2011 5:44PM PDT

garrason,

To take a picture of Device Manager, open it, and use the Paint program to capture the image of Device Manager. Press Alt key and Print Screen on your keyboard at the same time, and then open Paint. Next, go to Edit>Drop down list>Paste. and save the file as something like 'Device Manager'. Note where you are saving it to.

Alt+Print Screen only takes a picture of the currently running window. It will not show the rest of the desktop.

You can post the image link here if you wish: http://www.mediafire.com/ You may have to register an email address to upload an image.

I'm thinking if we can see what is not running/installed right on your system, we can better assist you.

Like anything else, it is not something one has to do.

If you wish, please post the link to your upload in your reply.

- Collapse -
Posting Picture of Device Mgr
Nov 6, 2011 2:22AM PST

In spite of a (non-technical) association with computers since the IBM-1400 in the early 1960s, I feel that I must have lost all my marbles when I turned 75 in July. For a number of years I was a systems project leader for one of the now-defunct large Wall St brokerage firms. I bought my first PC (Tandy 1000) in 1987 and installed WordPerfect 4.o at the same time.

I had no trouble saving a picture of the device mgr and planned to attach it to this reply but, darn, I see NO button or other link that will allow me to attach my graphic. My work on genealogy doesn't require me to use an image hosting site but will join one if necessary.

Just before I came to this site I had to reboot to make an AVG update effective. When I started back I got "that" message. The task manager showed "Hardware Installation" the only application running. I switched to processes and there were 54 listed, some of which I am sure I don't need. Three that I likely need were classified as "User" and concerned AVG, Carbonite and DivX Update. I have no idea how to eliminate those "Users" I don't need or even how to determine which are unneeded. Apparent my rogue is one of them.

I await your reply but may not answer again today. My old back is giving me some trouble and it is painful to sit at my PC for long.

Thanks!!!!!

- Collapse -
OK, What about Carbonite?
Nov 6, 2011 2:45AM PST

garrason,

Brief look-around the 'net indicates you may have encountered a Rogue A/V antivirus program.

Usually this happens when a user clicked a window that mysteriously pops up out of the blue. Clicking it allows the rogue to run on your computer.

If you still want to upload the image, open a new tab, go to mediafire, right-click the address title bar, highlight the address, select copy, and come back here and paste the address like this: http://www.mediafire.com/ in the reply box you are writing in. The address will look different, and will only be a link to the upload you just made.

Since you have Carbonite, and the most recent copies of your genealogy files, I would simply do a system restore to put your system back to the way it was before the rogue came in. If you have a back-up for before the Device Manager problem began, use that, and so much the better. See here: http://www.carbonite.com/en/

Contact support at Carbonite if you need support. Use the support link posted within that page.

- Collapse -
Solution found
Dec 7, 2011 11:55PM PST

As suggested early in this discussion I restored the XP PX to the earliest date possible - Oct 15. Fortunately this did work.
I have been slow to post this information because of back trouble and because I was contacting the forum on my Dell W7 PC and it crapped out. It took them 17 days to replace the parts. One had to come from the factory. It is a Dell Inspiron not even a year old. And a month before this crapout I had lost the same PC for the same reason. Not much of a recommendation for Dell, is it? To be honest, this is my 4th Dell and it is the first I had any trouble with.
Restore did not eliminate any of the data files, etc. I had created so no need to use Carbonite.
Thanks so much for your interest and suggestions.
C C Garrason