I believe I have already trapped one of these three drivers, as I get the
BSOD on re-boot when one of these three drivers is ticked in the Driver
Verifier... Does this not mean there is aprobelm/corruption with one of
these drivers?
Sorry if I miss the point - the links you kindly provided seem to suggest
starting at a more general position - but I believe I have gone through this
route...?
Please advise.
:
First we should reduce the chances of malicious software by running
some scans.
Download, install, update and do a full scan with these free malware
detection programs:
Malwarebytes (MBAM):
http://malwarebytes.org/
SUPERAntiSpyware: (SAS):
http://www.superantispyware.com/
These can be uninstalled later if desired.
Those files fall under the watchful eye of Windows File Protection, so
if they are ever deleted, XP will replace them for you for a backup
copy (if it can). This doesn't mean they could have been replaced
with some bad version by some malicious software, but they are a
pretty boring target...
If you navigate to c:\windows\system32\drivers you will find the
files. If you rename or delete one/all of the suspicious ones (so it
does not exist), WFP will quickly and silently replace it for you from
the c:\windows\system32\dllcache folder and log an event similar to
this in the System section of the Event Log with the Source being
Windows File protection for each file it replaces:
Event Type: Information
Event Source: Windows File Protection
Event Category: None
Event ID: 64002
Description:
File replacement was attempted on the protected system file c:\windows
\system32\drivers\usbhub.sys. This file was restored to the original
version to maintain system stability. The file version of the system
file is 5.1.2600.5512.
Does this work properly?
To operate the Event Viewer:
Click Start, Settings, Control Panel, Administrative Tools, Event
Viewer.
A shortcut to Event Viewer is to click Start, Run and in the box
enter:
%SystemRoot%\system32\eventvwr.msc /s
Click OK to launch the Event Viewer.
Reboot and test.
It is curious that they are all USB something or another, so look in
your Device Manger for clues:
To operate the Device Manager:
Right click My Computer, Properties, Hardware, Device Manager.
A shortcut to the Device Manager is to click Start, Run and in the box
enter:
devmgmt.msc
Click OK and look a the Universal Serial Bus Controller section for
any yellow question marks and red Xs and report back. Do you see the
word Enhanced anywhere in the USB section?
To your knowledge, has anything changed with your USB devices/drivers
before the problem?
Just what USB device are hooked up, are any of them new/changed, if
you unplug them from the system, do you still have the problem?
Can you reproduce the problem at will and if yes, how?
Do you have a bootable XP installation CD? (this is not the same as a
manufacturers system recovery CD).
If there is still a problem, provide more information about your
system:
Click Start, Run and in the box enter:
msinfo32
Click OK, and when the System Summary info appears, click Edit, Select
All, Copy and then paste the information back here.
There will be some personal information (like System Name and User
Name), and whatever appears to be private information to you, just
delete from the pasted information.
This will minimize back and forth Q&A and eliminate guesswork.
