Help! Possible Virus attack that hits drivers.

April 21, 2012 at 18:54:02
Specs: Windows XP
My fiance's computer is operating on windows XP. It started acting up, shutting down when in the middle of things or closing out programs. He has IE on his computer but never uses it. He was using firefox (still installed) but started using Google Chrome. He used the avast and it popped up that a file was dirty. It asked if he wanted to delete it, but he didn't realize it was an important part of windows. Now 3 drivers are missing. Keyboard drivers, cd rom drivers, and port drivers. He can't log onto the internet. Is unable to reinstall or repair windows since the cd rom doesn't work. And the keyboard doesn't work as well. What can we do to fix this problem, or is the computer just toast now? I really hope it isn't, he's got important pictures and files he doesn't need to loose that have to do with his job.

See More: Help! Possible Virus attack that hits drivers.

Report •

#1
April 21, 2012 at 19:38:45
did you try tapping f8 on bootup and going into safe mode? Try that and then try a system restore to before the problem.
We don't even know if this is a desktop or laptop....you say the keyboard and the CDrom don't work. If that is the case, you can physically remove the hard drive and slave it to another PC and get all the pictures and important files from it.

Some HELP in posting on Computing.net plus free progs and instructions 7 Golds


Report •

#2
April 21, 2012 at 20:20:16
A virus may be able to disable the CD & keyboard while in Windows, but it cannot prevent the drive from being used outside of Windows. Create a rescue CD. boot off it & clean the system.

Report •

#3
April 21, 2012 at 20:46:21
If he has a desktop computer, the most likely hardware thing that could cause all of the devices you've mentioned to not work is the computer's power supply is failing.
.......

"It started acting up, shutting down when in the middle of things or closing out programs."

If the computer shuts off and stays off, the computer probably has a hardware problem.
E.g.
- overheating of the cpu (processor) can cause bizzare behavior of Windows, then the computer shuts off and will not start up again until the cpu has cooled to below some temp.

- failing power supplies are common on desktop computers. Sometimes it's failing because it's fan is no longer spinning and it's been overheating to the point that it's being damaged. There should be air obviously blowing out of the back of the case where the power supply is.
.....

Overheating of your video chipset that has a fan on a video card that's installed in a desktop mboard slot can cause bizzare video symptoms.

If it definitely closes down programs without his input, he may have malware on the computer he needs to get rid of.
......

If the computer shuts off (he may see a glimpse of a blue screen) and Restarts automatically,
Win XP is set by default to automatically Restart when it encounters an unrecoverable error.

To have XP possibly display an error message you can investigate instead of the computer rebooting:

1. Click Start, and then right-click My Computer.
2. Click Properties.
3. Click the Advanced tab, and then click Settings under Startup and Recovery.
4. Under System failure, click on the small box beside Automatically restart to remove the checkmark.
5. Click OK, and then click OK.

If a blue screen appears it will stay on the screen.

Copy down the things that are unique in the message and post them here.

E.g.

STOP: 0Xx00000xx (we don't need the stuff in brackets beside that)

A_TEXT_STRING_ALL_IN_CAPITALS

There may be a problem file named at the end of the text.

There may be a link to More info or similar - if so, click on it to see if it names a problem file.

There may be a mention of a MINIDUMP file having been made - if so, copy down the name and location of it - you may need to click on a link to find that. That MINIDUMP file can be analyzed.

...

"He used the avast and it popped up that a file was dirty. It asked if he wanted to delete it, but he didn't realize it was an important part of windows. Now 3 drivers are missing. Keyboard drivers, cd rom drivers, and port drivers."

It's extremely unlikely Avast deleting whatever it was it found caused that.

Windows installs generic drivers that are built into it for optical (CD and DVD) drives, most ports, and drivers for standard functions for keyboards (if the keyboard has non-standard buttons, software may be required for those but that's not essential).
Even if they were deleted, all you would need to do to have Windows restore the drivers for those is Restart Windows.

If Restarting Windows doesn't help, he probably has a either a hardware problem or a malware problem.

E.g.
- If the desktop computer's power supply is failing and is no longer supplying, or not supplying enough of, what is supposed to be an accurate +5.0 voltage, CD and DVD drives, floppy drives, USB ports, PS/2 ports, and other ports that need +5.0, volts, and other devices that require +5.0 volts which include most cards installed in mboard slots on a desktop computer and some devices built into the mboard such as a network adapter CANNOT work properly.

I know from experience that hard drives and the video on desktop computers will still work when the power supply is not putting out enough of what is supposed to be an accurate +5.0 voltage, at least on AT computers.

- Some mboards develop this problem - electrolytic capacitors were installed on them that were not properly made, and they fail eventually - the mboard manufacturer didn't know they were improperly made at the time the mboard was made.

Open up your case and examine the mboard to see if you have bad capacitors, and/or other findable signs of mboard damage .

What to look for, mboard symptoms, example pictures:
http://www.badcaps.net/pages.php?vid=5
Home page that site
- what the problem is caused by
- he says there are STILL bad capacitors on more recent mboards.
http://www.badcaps.net/

Pictures of blown capacitors, other components, power supplies, fried Athlon cpus, etc.:
http://www.halfdone.com/Personal/Jo...
.........

It's extremely unlikely malware is the cause of the devices you've mentioned to not work.

If that were the case, malware usually affects only ONE user of the computer. You should be able to at least load Windows in Safe mode, choose the built in Administrator user (it has no password by default - just press Enter) and load a System Restore previous restore point, with a time and date just before you first had this problem, which should cure your problem.

Remove any bootable CDs or DVDs you have in drives.

Boot the computer and starting very early, press F8 repeatedly, do not hold down the key, and when the "Advanced..." Windows loading choices menu appears, choose
Safe mode, or Safe mode with networking.

Some computer's bioses have their own use for pressing F8 while booting. E.g. you may see a screen where you can select which device to boot the computer from. If you see something like that, READ the screen and find out which key you need to press to exit that screen, e.g. Esc. Press that key, then immediately repeatedly press F8 until you see the 'Advanced..." Windows loading choices menu.
......

If the problem computer is a desktop computer.....

- if you can still get into the mboard's bios Setup, usually there is somewhere where you see the current voltages and fan rpms listed. E.g. Hardware Monitor.

What is supposed to be +12.0 v, +5.0 v, and +3.3 v should be within 10% of the nominal values. If any of those are not within 10% , you MUST replace the power supply.

- if you can't get into the mboard's bios Setup, try temporarily connecting a power supply from another working system, if you can.


Report •

Related Solutions

#4
April 22, 2012 at 05:25:22
Keyboard functions properly in setup and safe mode. He's attempting to do the restore windows in safe mode right now. It is in fact a desktop. And when it closed down in the middle of programs it wasn't always a complete shut down. It was a restart it would do. He said he also checked the other user accounts and the problems were still there with the driver issues I mentioned. Port, keyboard, and CD/DVD drivers missing. He also noticed that checking his internet connections shows his IP address info all had been wiped. No information listed. The files that avast claimed were dirty and had a trojan attached where windows/system files. It asked him what he wanted to do delete or ignore. He wasn't thinking and clicked on the delete button. He said he thought that was what he had to do to get rid of the virus. I'm wondering if there isn't a combination of issues that had hit his computer all at the same time. Power supply failure and maleware issues. And to add to the problem he deletes important system files? Is that possible? From the sounds of him in the other room, he's not having much luck with the system restore :( And I know he's freaking out.

Report •

#5
April 22, 2012 at 05:32:42
He said no luck with the system restore in safe mode. Problems still persist. Drivers still missing. Though keyboard works in safe mode it does not outside of it. CD/DVD and port drives do not work at all in either mode.

Report •

#6
April 22, 2012 at 07:34:51
Create a Rescue CD, boot off it & clean the system.

http://www.avg.com/us-en/avg-rescue-cd

http://support.kaspersky.com/viruse...

BTW, stay away from Google Chrome.

http://legaltimes.typepad.com/blt/2...


Report •

#7
April 22, 2012 at 08:44:43
"Keyboard functions properly in setup and safe mode. "
"It is in fact a desktop."

Since the keyboard works, the power supply must be supplying what is supposed to be an accurate +5.0 v to the port the keyboard is plugged into, however, the keyboard may still work if that's more than 10% low, the CD / DVD drive(s) may NOT work with the lower voltage.

There should be air obviously blowing out of the back of the case where the power supply is.

Usually there is somewhere where you see the current voltages and fan rpms listed in the bios Setup. E.g. Hardware Monitor.

What is supposed to be an accurate +12.0 v, +5.0 v, and +3.3 v should be within 10% of the nominal values. If any of those are not within 10% , you MUST replace the power supply.

NOTE that some power supplies have more than one +12.0 v output section. In that case, there is more than one +12 v max amperage rating on the label on the power supply. We HAVE seen the situation where one of the +12v output sections is NOT working, and in that case, anything attached to the power connectors for that cannot work. That may NOT be shown in the bios Setup.
CD / DVD drives require both of an accurate +12.0 v and +5.0 v .

"Though keyboard works in safe mode it does not outside of it."

That indicates the built in generic keyboard drivers Windows has built into it have NOT been deleted and the keyboard SHOULD work if he loads the built in Administrator user in that mode ! That user has no password by default - just press Enter.

"CD/DVD and port drives do not work at all in either mode."

The keyboard cannot work if the port it's plugged into does not work.

USB ports will not work if the bios Setup has been set to disable the USB controllers. They're enabled by default.
Loading bios defaults in the bios Setup, saving bios settings will enable the USB controllers (and, usually, set all drive connections so they Auto detect drives that are connected to a data header properly).

"port drives" ?

Even if there is a problem with the software on the hard drive regarding the CD / DVD drive(s) or the generic drivers have been deleted for it / them, if there's nothing wrong with the power supply and the power connection and data cable connection of the CD/DVD drive(s), and if the bios Setup is set to detect drives by the Auto method for all possible connections....

- it / they should show up in the bios Setup as being detected, or if it's an older computer, the model(s) of the drive(s) should show up on the black screen while booting the computer (you may need to disable showing a Logo screen, or disable Quick boot or similar, to see that) Press the Pause key if you need to do that to freeze what it says on the screen, any other key or Enter to continue the boot sequence.

- when the computer is running, the CD / DVD drive(s) should eject / retract the tray when you press the button for that on the front of the drive(s), and the led on the front of the drive should come on briefly when it retracts. That should work even when only the power connector is plugged into the drive.

- if you have a bootable disk to insert, and if the bios Setup Boot Order or similar settings have CD drive or similar listed before hard drive (and network adapter if that's there), when you have a bootable disk in the drive, then you boot the computer, you should see "Press any key to boot from CD." or similar while booting, and pressing the specified key while that line is on the screen should load the CD's or DVD's files.

If those things work......
- the easiest way to fix his problems, without losing the personal data he's added, assuming essential files have been deleted, is to try running a Repair installation of Windows procedure

See this FIRST if you have a SATA drive controller on the mboard:
Installing XP and SATA drive controllers, SATA drives; the SATA drive controller bios settings.
See response 2:
http://www.computing.net/answers/ha...

See response 5:
http://www.computing.net/answers/ha...


Report •

#8
April 22, 2012 at 08:46:19
Reload the entire OS from OEM media, you'd have had it fixed by now.

Text, talk, drive...CRASH.

Hang up and drive @#$%^^


Report •

#9
April 22, 2012 at 09:25:29
Trying running a Repair installation of Windows procedure takes a little less time than running Setup from scratch and DOES NOT delete the personal data, Windows Updates, and programs, etc., you've added.
.....

Installing just Windows from scratch, or installing the original software that was instaled on a brand name computer, will cure your problems, by that's VERY SHORT SIGHTED if you don't actually NEED to do that.
It doesn't take long to do those things, BUT.....

- you will LOSE ALL of the data you have added, at the very least on the partition Windows was originally installed on, unless you COPY the personal data you don't want to lose to elsewhere BEFORE you do those things.
If you can't get into Windows, or if you can but it won't work well enough, you can boot the computer from a disk that has an operating system on it and can read all the files, e.g. a Linux CD or the Ultimate Boot CD, and do the copying with that. You don't need to be concerned about copying the data for programs that you can easily install again, from your own disks, or from downloads you get from the web, etc. .

- it can take the equivalent of DAYS of your time to get Windows fully updated and all the programs you want to use installed.
Automatic Update will download updates automatically if set to default settings , but it doesn't install them until you select Turn off Computer and Turn off. It can't install SP1, SP1a, SP2, or SP3 Windows updates automatically

- Even if you don't use IE, all versions of XP come with IE 6, and that's no longer supported by many web sites,
You should install IE 8. There are files that are installed when you do that that other internet browsers benefit from.

In any case, there are some things you can only do in IE - e.g. use the Microsoft Update or Windows Update web page on the Microsoft web site. Getting your updates there will greatly speed up how long it takes for them to be installed.


Report •

#10
April 22, 2012 at 09:55:22
A repair installation is the thing to try as mentioned in Response #9. All you should have to replace are the windows updates, all else should be intact.

Some HELP in posting on Computing.net plus free progs and instructions 7 Golds


Report •

#11
April 22, 2012 at 10:04:59
"A repair installation is the thing to try as mentioned in Response #9. All you should have to replace are the windows updates, all else should be intact."

See the info at the end of response 7.

If the Windows CD you use does not have SP3 updates embedded into it, you will have to install SP3 updates, and possibly older Windows SP updates before you install those, in Windows after the Repair installation of Windows procedure has finished. However, most if not all other Windows updates will still be there. In any case, far fewer updates will need to be installed in comparison to installing just Windows or the original software installtion from scratch.

Note that you MAY get error messages from some programs, some programs MAY not work properly, until the SPx updates have been installed !

After the procedure has finished, RIGHT click on My Computer, select Properties.
On the right side of the resulting window,

- if NO Service Pack is mentioned, you must install SP1a updates, then SP3 updates

- if it says Service Pack 1 or Service Pack 2, you must install SP3 updates.

Windows XP Service Pack 1a Express Install (32-Bit) for End Users
http://www.microsoft.com/download/e...

Windows XP Service Pack 3 Network Installation Package for IT Professionals and Developers
http://www.microsoft.com/download/e...

Ignore this.....
DO NOT CLICK DOWNLOAD IF YOU ARE UPDATING JUST ONE COMPUTER
...unless you have a dial-up internet connection, in which case, go here
http://www.update.microsoft.com/mic...
and let Microsoft Update find the smaller SP3 updates download for you

Note that Microsoft Update won't find the SP3 updates until you have installed some other updates.
....

NOTE that's it's VERY important to do this BEFORE you install SPx Windows updates !!


NOTE that sometimes the resident module(s) of anti-malware programs - a part that runs all the time scanning for suspicious activity - will interfere with the proper installation of third party software, or major Microsoft updates that cannot be installed automatically by Automatic Update, the software will not install properly, and you may get no indication of that at all while installing the software.
To avoid that possibilty, you should always DISABLE the resident module(s) of anti-malware programs, BEFORE you install third party software (software other than most Microsoft Updates, etc., that did not come with Windows ), especially when it's a major or complicated software package.
E.g. if you are using the free or paid version of AVG, you should disable the Resident Shield in AVG's 's settings in Windows (in AVG 2012 that's done under the title AntiVirus). In Norton (Symantec) products, there may be several things you need to disable, or set so they don't load for a specific short amount of time.
If you don't know how to do that, tell us which anti-malware software you are using.
When you are sure the software has installed correctly, re-enable the resident module(s).

Further info...

How to disable your security applications
http://www.techsupportforum.com/for...
.......

If you end up installing Windows or the original software installtion from scratch, install this, even if you don't use IE.

In any case, there are some things you can only do in IE - e.g. use the Microsoft Update or Windows Update web page on the Microsoft web site.

Download Internet Explorer 8
http://windows.microsoft.com/en-US/...


Report •

#12
April 22, 2012 at 15:08:50
Rayanniah
Please ignore this response and #13 below.
I was just seeking clarification on a minor point, which no longer applies.

[Thanks Tubesandwires]


Report •

#13
April 22, 2012 at 16:05:35
Derek
Oops - you're right - it should be response 7 - I'll fix that
Thanks.

Report •

Ask Question