Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Avast found Rootkit and Strange Behavior Win7 [Solved]


  • This topic is locked This topic is locked

#16
sportspeddler1

sportspeddler1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Well,,,,,, I did the procedure in your last post including un-installing then re-installing SP1. I got rid of the pesky yellow ! in my device manager. However, I tried to install and run malwarebites with a fresh download and fresh install and still got: code 31- A device attached to the system is not functioning. I tried running normally and right clicking and clicking on "Run as Administrator"

Thank you,
Brad
  • 0

Advertisements


#17
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
• Download and run "mbam-clean.exe" from here: http://downloads.mal...file/mbam_clean

• It will ask to restart your computer, please allow it to do so (this is very important)

Next, download the latest version of Malwarebytes Anti-Malware via the link below:

http://downloads.mal...s.org/file/mbam

NOTE - All downloads and set up files are the Free version, registration with your ID & key will activate the Pro features.

Save the file to your desktop then double-click it to begin installation.
  • 0

#18
sportspeddler1

sportspeddler1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Frustrating. I was able to run both programs under my Administrator account but only get the 'A device attached to the system is not functioning' pop-up when I try to run it under my Brad account. When I ran them in Administrator, no malicious items were detected.
  • 0

#19
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello sportspeddler1

Not sure what else we can do with it something is wrong with the account - probably should make a new one and remove this one


gringo
  • 0

#20
sportspeddler1

sportspeddler1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Hmmmm, I just created a new user account and the same pop-up showed up. Now I REALLY dont know what to do.
  • 0

#21
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Please download Sysinternals Autoruns from here and save it to your desktop.
http://live.sysinter...om/autoruns.exe

Note: If using Windows Vista or Windows 7 then you also need to do the following: Right-click on Autoruns.exe and select Properties
Click on the Compatibility tab
Under Privilege Level check the box next to Run this program as an administrator
Click on Apply then click OK

Double-click Autoruns.exe to run it.
Once it starts, please press the Esc key on your keyboard.
Now that scanning is stopped, click on the Options button at the top of the program and select Filter Options...
In the Autoruns Filter Options dialoge, verify that the following are unchecked, if they are checked, uncheck them:

Include empty locations
Hide Microsoft entries
Hide Windows entries

Verify that the following is checked, if it is unchecked, check it:

Verify code signatures

Once that's done press the F5 key on your keyboard, this will start the scan again, this time let it finish.
When it's finished and says Ready. on the lower left of the program window, please click on the File button at the top of the program and select Save and save the Autoruns.arn file to your desktop and close Autoruns.
Right click on the Autoruns.arn file on your desktop and hover your mouse over Send To and select Compressed (zipped) Folder
Attach the Autoruns.zip folder you just created to your next reply
  • 0

#22
sportspeddler1

sportspeddler1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Gringo,

I was finally able to run some programs in my new user account (Now 'Brad3'). I was only able to do so by turning off any and all protection on the computer that I could think of. I turned off my Avast antivirus, Comodo Firewall, Windows Defender and set my user account control to "Never Notify". I was not able to change my user account control setting while logged into my 'Brad3' acount. I was only able to make the change to my user account control when logged into my Administrator account.

Anyhow, once all those things were disabled, I was able to run 'mbam-clean' then Malwarebytes while logged into my Brad3 account. Malwarebytes still did not detect any malicious items. I ran AutoRuns and have attached the AutoRuns .zip file.

Thank you,
Brad

Attached File  AutoRuns.zip   206.61KB   31 downloads
  • 0

#23
sportspeddler1

sportspeddler1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Gringo

I have no idea if this is any hint, but I re-enabled all of the things I dis-abled one at a time and tried to open malwarebytes and CCleaner after each item was re-enabled. After I started Avast Antivirus, Comodo Firewall, and Windows Defender, both programs still opened fine. As soon as I set the user account control settings back to the default "Notify me only when programs try to make changes to my computer" the 'device not functioning' pop-up came back and I was unable to open Malwarebytes and CCleaner. I'm sure other programs would be affected but those are the only 2 I tried because I new I was having problems with those. Maybe the problem is somehow related to the user account control notifications??
  • 0

#24
sportspeddler1

sportspeddler1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Any thoughts after looking over my AutoRuns Log?
  • 0

#25
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

rerun autoruns and remove the checkmark on all the items in yellow


gringo
  • 0

Advertisements


#26
sportspeddler1

sportspeddler1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
I unchecked all the yellow entries in autoruns. I had to set the user account control settings to "never notify" in order to be able to do it. I re-booted with user account controls still set to never notify. When back into "Brad3" I changed the user account control setting to the "default - Notify me when programs try to make changes to my computer" and it seemed that the computer was working normally. I thought maybe we had it figured out. I re-booted with the user account control setting set to the default and when it came back up, I still had the same old problem of the "device not functioning" pop-up. Seems the only way it will work normally is with user account control setting set to "Never Notify". Any more thoughts?
  • 0

#27
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello


I have NO IDEA WHAT IS GOING ON


Gringo
  • 0

#28
sportspeddler1

sportspeddler1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Sorry but not sure where to go from here. re-format and re-install? Hate that idea. Think possibly someone in the Windows 7 forum might have any ideas? Not sure where to go. If I have to resort to re-formatting is there someone on here that might be able to give me some guidance with that? I still cannot afford to screw up my Win XP install trying to fix the Win 7 problem. I have to assume that using the Win 7 with User Account Controls set to Never Notify is a bad idea? Is there 3rd party software that would serve the same purpose as the User Account control? Just trying to figure out where to go from here. More questions the answers at this point.
  • 0

#29
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

I would go ask in the windows 7 forum and see what they come up with - let them know I sent you there


Gringo
  • 0

#30
sportspeddler1

sportspeddler1

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 106 posts
Will do. Thank you for your help!

Brad
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP