Virus that disables system restore and hardware device manager?

In summary, a PC user's desktop appearance changed to a white Windows classic start taskbar, but music playback failed with an error. Next, a virus scan found no viruses, but all previous restore points were gone. System Restore could not restore previous restore points, indicating that the computer was infected with a virus.
  • #1
arunbg
594
0
Hi,
My PC runs on Windows XP Professional SP2.
Today when I turned on my PC, I found that my desktop appearance had changed, more specifically the start taskbar was the white Windows classic version, not the usual blue XP version. But I didn't take it much seriously, thinking somebody else might have changed settings before me.

But then when I tried to play music in Windows media player, the program signalled an error, stating that my sound card or drivers(Realtek audio) were not properly connected or were malfunctioning. I tried to play in other media players, but was not able to get audio output. So I checked my device manager, to confirm whether the soundcard was detected. I was shocked to find that the list of devices was empty. But almost all other hardware except the sound card, seem to be working fine!

I was now suspecting a virus, although there had been no recent downloads or installations from unknown sources. So I ran a virus scan(Norton) and still nothing showed up.

Then as a last resort, I tried System Restore and got my second shock, when I found that all previous restore points including the ones I set manually, were gone! I have run out of options :mad:

Has anyone had any experience or knows of anything similar? Is a reloading of the operating sysytem the only way out?

Thanks in advance.
 
Computer science news on Phys.org
  • #2
It sounds like maybe the computer started up in safe mode.

Run the msconfig, go to the startup tab, and make sure a box isn't checked that says "startup in safe mode".
 
  • #3
It works

As you said, I ran msconfig, and as I thought the selective start option(just to uncheck all those pesky messenger sevices from startup; all drivers were checked) was checked, not diagnostic. For the sake of it, I clicked normal startup, loading all services and drivers(I should have thought of all this ages ago). On restart, voila everything was back to normal again. Well almost, system restore still hasn't got any previous restore points, but atleast all hardware has been detected and are functioning properly :approve:
It was as if safe mode was running without the computer(and me) knowing it! With system restore hoodwinked as well, should I still suspect a virus?

BTW, thanks a ton Crosson for your timely help.
 
  • #4
I'm afraid it's not something you did.
My lap top just got hte same virus. My device manager has been erased and the computer won't read my restore disk and all my restore points are gone as well.
 
  • #5


As a scientist, my first response would be to gather more information about the situation. It is important to understand the specific symptoms and behaviors of the virus in order to effectively combat it.

Based on the description provided, it appears that the virus has targeted and disabled certain system components, specifically the system restore and hardware device manager. This could be a sign of a sophisticated and targeted attack, as these are critical components that can be used to restore a system to a previous state or troubleshoot hardware issues.

In order to address this issue, I would recommend taking the following steps:

1. Run a thorough scan with a reputable antivirus software: Since the virus was not detected by the initial scan with Norton, it is possible that it is a new or unknown virus. Running a scan with a different antivirus software may help to identify and remove the virus.

2. Research the specific symptoms and behaviors of the virus: This can help to identify the type of virus and potential solutions that have worked for others who have encountered it.

3. Check for any recent downloads or installations: It is possible that the virus was downloaded or installed unknowingly. Look for any suspicious files or programs and remove them if necessary.

4. Consider seeking professional help: If the virus cannot be removed or the system cannot be restored, it may be necessary to seek help from a professional computer technician.

In terms of your specific situation, reloading the operating system may be a last resort option if all other attempts to remove the virus have failed. However, this should only be done as a last resort and with caution, as it will result in the loss of all data and programs on the computer.

In the future, it is important to regularly back up important files and keep antivirus software up to date to prevent and mitigate the impact of potential viruses.
 

1. What is a virus that disables system restore and hardware device manager?

A virus that disables system restore and hardware device manager is a type of malware that is designed to prevent users from restoring their system to a previous state, as well as disabling the ability to manage hardware devices on their computer.

2. How does this virus disable system restore and hardware device manager?

This virus typically works by modifying system files and settings, preventing the system restore function from working properly and blocking access to the device manager. It can also disable or delete critical system files, making it difficult to remove.

3. What are the potential consequences of having this type of virus on my computer?

The consequences of having this virus on your computer can vary, but some potential risks include losing important data, being unable to use certain hardware devices, and having your system become vulnerable to other types of malware.

4. How can I protect my computer from this type of virus?

To protect your computer from this type of virus, it is important to have up-to-date antivirus software installed. You should also be cautious when downloading and opening files from unknown sources, as well as regularly backing up your important data.

5. How can I remove this virus from my computer?

Removing this virus can be a complicated and challenging process, as it often requires specialized software and knowledge. It is recommended to seek the help of a professional computer technician or use reputable antivirus software to remove the virus and repair any damage it may have caused.

Similar threads

What are underlying "system hardware devices" in computer systems?
    • Computing and Technology
Replies
8
Views
2K
Printer/Server Compatibility Woes
    • Computing and Technology
Replies
12
Views
1K
Losing Wifi hotspot when connecting to signal
    • Computing and Technology
2
Replies
43
Views
3K
Find Free Software to Log Disk Usage & Monitor Processes
    • Computing and Technology
Replies
30
Views
2K
Looking for suggestions for software on a new tablet
    • Computing and Technology
Replies
9
Views
2K
Bluetooth malfunctioning in Ubuntu 20.04 laptop
    • Computing and Technology
Replies
15
Views
4K
Have you faced these odd problems with Windows 10 Professional v1909?
    • Computing and Technology
Replies
5
Views
1K
Upgrading Win 7 32 bit to Win 10 64 bit
    • Computing and Technology
2
Replies
37
Views
5K
Modern Digital Audio: Understanding Dither and Oversampling in Hi-Res Age"
    • Computing and Technology
Replies
9
Views
1K
Should I Wait for the Next Generation GPUs to Rebuild My Computer?
    • Computing and Technology
Replies
4
Views
2K

Hot Threads

Recent Insights

Back
Top