Question about Computers & Internet

1 Answer

Smells like a virus but nav and avg can't find it.

As of yesterday, suddenly if my external drive (300g usb drive) is connected while I'm booting, I get locked out of my computer - winxp (sp3) comes up with the logon screen and asks me for a password for my user name (also admin) but there is none.  so I just click thru and it says it can't continue because it needs a password.  so I turn off the computer (or simply restart), disconnect the "g" drive and it loads just fine.  then I can reconnect the drive and have access to it, if I want.  I was running norton a/v but it didn't find anything.  I unloaded and installed avg virus and it didn't find anything either.  I mostly use the g drive to store files - photos, docs, movie fies, extra font files, there are a few executable files (like cab file backups of files for my cel phone) but I run NO programs from.  I've gone back to a previous restore point, cleaned & compacted my registry, so I have no idea what this is.  could it be some corruption on the hard drive or something damage on the computer side when the drive is connected?  but it sure smells like a virus - but why reside on an external drive?

Posted by on

  • 7 more comments 
  • rwd3 May 15, 2009

    I also ran chkdsk on it and found no error on the drive.


  • rwd3 May 15, 2009

    I have a toshiba satellite u400


  • rwd3 May 15, 2009

    I have a toshiba satellite u400


  • rwd3 May 15, 2009

    am running the malware as we speak, but before that I also swapped out the external hard drive for a different one, same problem -- as long as any external hard drive is connected I get the "unable to logon due to account restriction" message. as to your point, the registry cleaning was done after the problem began, so it's not a culprit.  I've done some research and the problem may be in the bios -- specifically that it's looking at the external drive for some reason at boot.  after malware program runs, I'll check that. 


  • rwd3 May 16, 2009

    no.  I am runnng pro and the user has full admin rights.  

    hard drive has no password protection.

    I isolated that it was indeed just the fact that there was an external hard drive attached.  I swapped like I said for another hard drive, same problem, so it's not that particular hard drive, just that there's a hard drive attached.  

    but here's the crazy thing -- I solved the problem.  how?  I had one usb hub (#1) that was going to the computer with the printer & hard drive attached to it.  I plugged the printer directly into the port (not thru the hub) and disconnected the mouse which was attached to the 2nd hub (#2), plugged that into hub #1 with the hard drive which was then connected to hub #2 (are you following this) which also had a dvd burner and keyboard.  so now all the peripherals, minus the printer were going into the computer thru hub #2 (with the mouse & hard drive in #1 connected to #2) going into one port on the computer and the printer connected directly to a another port (note it didn't matter whether it was the printer or not, it could have been the mouse on its own).  the point was that it must have rearranged the order that the computer loads the usb devices and that solved the problem.  don't ask me, but it worked.  if you have some sort of theory, would love to hear it.

  • rwd3 May 16, 2009

    let me also clarify that it was only when the hard drive was attached during boot-up.  once the computer was booted, I could connect the drive and it worked fine - that's how I isolated that it was the hard drive that was causing the issue. 

    but why rearranging the plug-ins made a difference - I even moved them to various usb ports just in case the ports on the computer were causing the problem.  didn't matter.  crazy!

  • rwd3 May 16, 2009

    one more thing -- the only configuration that didn't work was if the hard drive was plugged directly into a port, not thru the hub with the other peripherals.


  • rwd3 May 22, 2009

    okay.  last post on this...

    the problem came back and I wound up on the horn with toshiba for a couple of hours, uninstalling root hubs, etc., but nothing seemed to work.  a few hours later, I decided to back up the computer (just in case) and downloaded and reinstalling sp3.  that did the trick.  I'm assuming it reconstructed the registry, fixed all the files that were apparently corrupt, and everything is beautiful again.  hope this helps anyone else who encounters such issues.  took me a week and a half, but there it is.

  • rwd3 May 22, 2009

    actually one more.  when the problem returned after I had rearranged the usb ports, I was getting these generic host processing crashes whenever any peripheral (usb or firewire) was connected during startup (this in addition to having to disconnect the external hard drive during bootup).  but like I said, reinstalling sp3 solved it all!


×

Ad

1 Answer

  • Level 3:

    An expert who has achieved level 3 by getting 1000 points

    All-Star:

    An expert that got 10 achievements.

    MVP:

    An expert that got 5 achievements.

    President:

    An expert whose answer got voted for 500 times.

  • Master
  • 1,996 Answers

There's a lot of malware out there these days that will slip past your AV, or get inadvertently installed when you download or install something else. The best program for scanning for this stuff at the moment is Malwarebytes AntiMalware, available for free download from www.malwarebytes.com. Download and install it, update it, and then scan your system. You should allow it to fix any problems it finds..
This problem you are describing, however, sounds like something that could be caused by a corrupted user profile. Here's a link to an MS article that might help you, and another at Kelly's Korner.. Also see this link, and consider googling logon problem + corrupt user profile + password.
You mention that you cleaned the registry, and that sets off some warning bells in my mind. Registry cleaners are known to have caused a lot of problems by cleaning areas where things were best left alone...see this article.
If you want to check the hard drive, you could run chkdsk after you get logged on...see here and here.

I hope this information allows you to resolve this issue. If you need further assistance, please post back with a comment to this thread.
If I've managed to answer your question or solve a problem, please take just a moment to rate this post....thanks!



Posted on May 15, 2009

  • 1 more comment 
  • efs_perpends
    efs_perpends May 15, 2009

    are you running xp pro or home editon?

  • efs_perpends
    efs_perpends May 15, 2009

    Please have a look at this article and this link to see if they help you to understand this situation.
    All I can surmise is that the hard drive wants to be run from an administrative account, but you are not logging into an account with full admin rights? Are you running xp home? Is the hard drive itself set up with password protection? I can't figure it out...there are some security protocols on xp that are designed to trigger this behavior, but I can't understand why this situation would be one of them, unless there's sometning on that drive that is trying to hide beneath windows and want's to be booted beforehand...
    That might explain why it will work when you plug it in after booting up though.
    The only other good hit I got was related to remote desktop logons, and they can trigger that error message. You could try disabling this if you have it turned on and see what happens...link here and here.
    Best of luck working this one out...


  • efs_perpends
    efs_perpends May 16, 2009

    Glad to hear you made it work; that's the goal after all.
    Now as to explaining it,,,,that's probably beyond my current abilities.
    I suspect it has something to do with the way the usb host controller enumerates the devices connected to the ports at boot, and the drivers and/or filters that are installed for those various devices. There may be some kind of interrupt or I/O conflict with the hard drive when it is plugged directly into the usb port on the laptop, that is resolved by the hub when the hub acts as an intermediary between the hard drive and the host computer. That's just a guess, though.
    For further reading see the protocol section of this link, the USB process section of this link, and possibly the FAQ and hub design sections of this link.
    Finally, there seem to be some issues with XP and the lack of support for selective suspend features of some USB based input devices (like mouse or keyboard). This problem is resolved bydisabling the power management features of the USB root hub in device manager. This seems to have affected startup and shutdown for some users, and may contribute in some way remote way to your issue, but I can't see any direct links. I was trying to understand what would trigger that logon error. I only mention it as an issue to be aware of, something to check like a shot in the dark. If interested, see links here and here and here. And a great post on general USB troubleshooting here.
    Thanks for letting us know how you worked it out! It's bound to help somebody else one of these days...


×

Ad

1 Suggested Answer

6ya6ya
  • 2 Answers

SOURCE: I have freestanding Series 8 dishwasher. Lately during the filling cycle water hammer is occurring. How can this be resolved

Hi,
a 6ya expert can help you resolve that issue over the phone in a minute or two.
Best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.
the service is completely free and covers almost anything you can think of.(from cars to computers, handyman, and even drones)
click here to download the app (for users in the US for now) and get all the help you need.
Goodluck!

Posted on Jan 02, 2017

Ad

Add Your Answer

Uploading: 0%

my-video-file.mp4

Complete. Click "Add" to insert your video. Add

×

Loading...
Loading...

Related Questions:

1 Answer

HDD Locked due to Brontok Virus


Download a copy of the AVG Rescue CD (ISO image file or USB image) and burn this to a blank CD (or USB stick) then use this to boot the computer with the virus.

Run the AVG virus scanner and let it remove all detected virus activity.

Jan 12, 2012 | Computers & Internet

3 Answers

All folder of my external hard disk became shortcut. When i try to open a folder I got the message "vaookix.exe is missing or removed. Do you want to continue? Yes / No " If I press Yes the...


Download and install Malwarebytes. It's a free malware removal utility that works great.

Two important notes:

1. For it to be completely effective you'll need to update it prior to running a scan.
2. Many malware programs actually prevent the installation of these types of programs, it may be necessary to start your PC in safe mode (F8 during the boot process) to get it installed.

Finally, once the malware is removed, you can download a free personal version of AVG anti-virus to help protect your machine in the future.

http://www.malwarebytes.org/
http://free.avg.com

May 03, 2011 | Computers & Internet

1 Answer

Hi, i have the ramnit-g virus on my samsung nc10 which is spreading itself all over my laptop and causing avast to constantly block the contaminated files, which is causing most programs to fail, and...


The Samsung NC10 can boot from a USB memory stick - you may have to press the F12 key to select to boot from USB rather than the internal disk drive....If you go to http://www.avg.com/gb-en/avg-rescue-cd you can download a copy of the AVG Rescue CD which comes in 2 versions, one for CD and one for USB - download the USB version and follow the instructions on the AVG web site for how to put this on the USB memory stick.....Boot the netbook from the AVG USB memory stick and use that to help remove the virus infection.

Apr 05, 2011 | Samsung NC10-14GW Notebook

1 Answer

500GiG External no longer working


put avg on your PC now ! its free or some type of anit virus and go to download.com and download (A squared) virus removal tool, then download (Ccleaner) PC optmizer program will need it to keep you clean from the net next get
PC Inspector File Recovery data recovery tool Our Rating: 40star.gif (Very Good)
PC Inspector File Recovery is a data recovery program with support for FAT 12/16/32 and NTFS file systems. It recovers files with the original time and date stamp, even when a header entry is no longer available. On FAT systems, the programs finds partitions automatically, even if the boot sector or FAT has been erased or damaged. PC Inspector File Recovery offers an easy to use interface that will scan your drive and automatically make files that can be recovered available from a "Deleted" folder in an Explorer Style navigation tree.
Pros: Good recovery options; support for formatted drives
Cons: Confusing interface design; no image file previews

run to get your stuff back then reformat the drive and your good to go

the fixist good luck and have a nice day

Jul 01, 2010 | Iomega (33275) 500 GB USB Hard Drive

1 Answer

Dear ... I have recently purchased Seagate's Freeagent External Hard Drive (500 GB Capacity). It was working all right for about 10 Days, but now I face a peculiar Problem. This drive does not show in the...


Plug it back in and try this. Right click my computer and click "Manage"
When the window opens select "Disc Management". In the bottom of the screen you will see all the Disk drives installed on you computer. Right click on your drive and select "Properties". When the window open click the "Tools" tab and finally Run the Error Checking Tool. It will scan and fix any issues with the disk. Cheers :)

Jun 27, 2010 | Seagate FreeAgent Pro - 500GB, 7200 RPM,...

1 Answer

I HAVE AN ASUS EEE PC 900 WITH WINDOWS XP AND NO CD ROM IT HAS A VIRUS AND I AM TRYING TO REBOOST FIRST SO I WILL BE ABLE TO GO ONLINE TO DOWNLOAD NORTON 360


Have you tried booting safe mode? If you boot safe mode and cannot get rid of the virus, you NEED an external cd rom or a USB jump drive so you can boot from it and use something like ERD Commander, Hiren Boot USB, etc.
Or open the eee pc and remove the SATA hard drive and connect it ot another computer and run the virus scan, remove the virus and put it in again.
I hope this helps.

May 17, 2010 | ASUS Computers & Internet

3 Answers

Antivirus software


you can download one of the internet,, there is a free one i use and i recommend to everyone its avg,, click the link I'm posting below and you will be able to download it,,

http://free.avg.com/us-en/download-avg-anti-virus-free

there are 3 version there the one your intrested in is the free one..

if you wanna use cd's on your netbook get and external USB cd drive..


Apr 23, 2010 | Acer Aspire One PC Notebook

1 Answer

I can't open the files on my SimpleDrive 500gb external hard drive. It only shows the one file, $AVG8.VAULT$, which is only 24 bytes, but Poroperties indicates it has 112 of 465 GB of Free Space.


The file you mention is used by AVG antivirus. Probably for quarantine purposes and so on.
You will find that file on all drives if you are using AVG.

This should not affect any other files on the disk, unless they were infected with a virus and have been placed inside the VAULT file.

You really need to use AVG to access the file and its contents if possible.

Apr 16, 2009 | Western Digital 250GB MyBook External USB...

1 Answer

Cannot access the drive


did you use anti spyware also?! or try another anti virus!

Mar 29, 2007 | Argosy 1 Bay HD-360U (DSARGHD360U2) USB...

Not finding what you are looking for?
Computers & Internet Logo

Related Topics:

155 people viewed this question

Ask a Question

Usually answered in minutes!

Top Computers & Internet Experts

Doctor PC
Doctor PC

Level 3 Expert

7733 Answers

kakima

Level 3 Expert

102366 Answers

David Payne
David Payne

Level 3 Expert

14161 Answers

Are you a Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Manuals & User Guides

Loading...