我有1TB 希捷便携式外置硬盘 STAX1000102。当我将它 (USB) 连接到装有 Windows XP 2002 SP3 版的笔记本电脑 (Dell Latitude D530) 时,操作系统进入了奇怪的状态。我无法运行 Total Commander 等简单应用程序,甚至无法执行简单的操作,无法浏览已启动的 Web 浏览器,我什么都做不了 - 一切都需要很长时间。我甚至无法关闭计算机 - 必须通过笔记本电脑的开/关按钮才能关闭。它不会消耗大量 CPU 或硬盘 - 似乎操作系统本身不知何故被锁定了。
只需只需运行 msconfig,我禁用了启动选项卡中,所有非 Microsoft 项目服务选项卡,问题仍然存在!我还尝试禁用一些 Microsoft 服务,但也没有用。唯一有帮助的是在安全模式下运行 Windows。
该硬盘在许多其他笔记本电脑和台式电脑上运行良好。
你知道是什么原因导致这个问题吗?
编辑-@STTR 脚本的结果:
我已经运行了您的脚本 (usbrest.cmd),但不幸的是它没有帮助。以下是输出(不幸的是,我已经本地化了 Win,我将尝试在需要的地方进行翻译):
C:\Documents and Settings\Tomas> C:\Documents and Settings\Tomas>REG DELETE "HKLM\SYSTEM\CurrentControlSet\Contro l\Class\{36FC9E60-C465-11CF-8056-444553540000}" /v LowerFilters /f
Chyba: Systém nenalezl zadaný klíč registru nebo požadovanou hodnotu.
(translation: error: registry key or value not found)
C:\Documents and Settings\Tomas>REG DELETE "HKLM\SYSTEM\CurrentControlSet\Contro l\Class\{36FC9E60-C465-11CF-8056-444553540000}" /v UpperFilters /f
Chyba: Systém nenalezl zadaný klíč registru nebo požadovanou hodnotu.
(translation: error: registry key or value not found)
C:\Documents and Settings\Tomas>REG DELETE "HKLM\SYSTEM\CurrentControlSet\Contro l\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}" /v LowerFilters /f
Chyba: Systém nenalezl zadaný klíč registru nebo požadovanou hodnotu.
(translation: error: registry key or value not found)
C:\Documents and Settings\Tomas>del /F /A:- %windir%\inf\INFCACHE.1
C:\Documents and Settings\Tomas>sc config stisvc start= auto [SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start stisvc
SERVICE_NAME: stisvc
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 2 START_PENDING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x7d0
PID : 1540
FLAGS :
C:\Documents and Settings\Tomas>sc config ShellHWDetection start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start ShellHWDetection
[SC] StartService FAILED 1056:
Instance tÚto slu
我也一直在查看您提到的注册表项,但没有找到LowerFilters值UpperFilters。
编辑2,STTR脚本的输出getusb-file.cmd:
C:\Documents and Settings\Tomas>dir /B /A:- %windir%\system32\Drivers\usb*
usb8023.sys
usb8023x.sys
usbcamd.sys
usbcamd2.sys
usbccgp.sys
usbd.sys
usbehci.sys
usbhub.sys
usbintel.sys
usbohci.sys
usbport.sys
usbstor.sys
usbuhci.sys
usbvideo.sys
C:\Documents and Settings\Tomas>dir /B /A:- %windir%\inf\usb* | find /i ".inf"
usb.inf
usbport.inf
usbprint.inf
usbstor.inf
usbvideo.inf
C:\Documents and Settings\Tomas>
编辑3:
C:\Documents and Settings\Tomas>wmic BASEBOARD get Product, SerialNumber, Version, Manufacturer
Chyba: (= error)
Kód = 0x80070422
Popis = Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení. (= The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.)
Prostředek = Win32
F:\sw\pstools>REG QUERY "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE103??18}" /v UpperFilters
Chyba: Systém nenalezl zadaný klíč registru nebo požadovanou hodnotu.
(= registry key or value was not found)
我已经倾倒了整个HKLM\SYSTEM\CurrentControlSet\Control\Class 注册表让你明白。
编辑4
以下是 RestoreServiceSetting.cmd 的输出(存在一些错误):
C:\Documents and Settings\Tomas>::HID Input Service
C:\Documents and Settings\Tomas>sc config HidServ start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start HidServ
[SC] StartService FAILED 1056:
Instance tÚto slu
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Shell Hardware Detection
C:\Documents and Settings\Tomas>sc config ShellHWDetection start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start ShellHWDetection
[SC] StartService FAILED 1056:
Instance tÚto slu
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Windows Image Acquisition (WIA)
C:\Documents and Settings\Tomas>sc config stisvc start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start stisvc
[SC] StartService FAILED 1056:
Instance tÚto slu
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Windows Management Instrumentation
C:\Documents and Settings\Tomas>sc config winmgmt start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start winmgmt
SERVICE_NAME: winmgmt
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 2 START_PENDING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x7d0
PID : 1796
FLAGS :
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Remote Registry
C:\Documents and Settings\Tomas>sc config RemoteRegistry start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start RemoteRegistry
SERVICE_NAME: RemoteRegistry
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 2 START_PENDING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x7d0
PID : 2000
FLAGS :
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Logical Disk Manager
C:\Documents and Settings\Tomas>sc config dmserver start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start dmserver
SERVICE_NAME: dmserver
TYPE : 20 WIN32_SHARE_PROCESS
STATE : 2 START_PENDING
(NOT_STOPPABLE,NOT_PAUSABLE,IGNORES_SHUTDOWN)
WIN32_EXIT_CODE : 0 (0x0)
SERVICE_EXIT_CODE : 0 (0x0)
CHECKPOINT : 0x0
WAIT_HINT : 0x7d0
PID : 1796
FLAGS :
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Logical Disk Manager Administrative Service
C:\Documents and Settings\Tomas>sc config dmadmin start= demand
[SC] ChangeServiceConfig SUCCESS
重启后:
C:\Documents and Settings\Tomas>wmic BASEBOARD get Product, SerialNumber, Version, Manufacturer
Manufacturer Product SerialNumber Version
Dell Inc. 0HP728 .721HP3J.CN4864383F5721.
编辑5:
运行后secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose我
secedit /configure /cfg %windir%\repair\secDC.inf /db secDC.sdb /verbose得到了这个输出(翻译,注释):
C:\Documents and Settings\Tomas>secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose
Úloha je dokončena. Některé soubory uvedené v konfiguraci nebyly v tomto systému
nalezeny, nelze tedy nastavit ani zjišťovat zabezpečení. Zprávu můžete ignorova
t.
Podrobnosti naleznete v souboru %windir%\security\logs\scesrv.log.
(task is finished. Some of the files were not found so the security level cannot be
found out. You can ignore this. Details in the scesrv.log -- actually this command
took quite a long time, showing progress in percent)
C:\Documents and Settings\Tomas>secedit /configure /cfg %windir%\repair\secDC.inf /db secDC.sdb /verbose
Systém nemůže nalézt uvedený soubor.
Úloha byla dokončena s chybou.
Podrobnosti naleznete v souboru %windir%\security\logs\scesrv.log.
(File was not found -- the secDC.in does not exist. THis terminated immediatelly.
The log file just said that the secDC.inf file could not be found.)
然后我重启了,问题仍然存在。所以我硬重启并再次尝试了 RestoreServiceSetting.cmd 脚本,但出现了与上次运行类似的错误:
C:\Documents and Settings\Tomas>::HID Input Service
C:\Documents and Settings\Tomas>sc config HidServ start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start HidServ
[SC] StartService FAILED 1056:
Instance tÚto slu
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Shell Hardware Detection
C:\Documents and Settings\Tomas>sc config ShellHWDetection start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start ShellHWDetection
[SC] StartService FAILED 1056:
Instance tÚto slu
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Windows Image Acquisition (WIA)
C:\Documents and Settings\Tomas>sc config stisvc start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start stisvc
[SC] StartService FAILED 1056:
Instance tÚto slu
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Windows Management Instrumentation
C:\Documents and Settings\Tomas>sc config winmgmt start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start winmgmt
[SC] StartService FAILED 1056:
Instance tÚto slu
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Remote Registry
C:\Documents and Settings\Tomas>sc config RemoteRegistry start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start RemoteRegistry
[SC] StartService FAILED 1056:
Instance tÚto slu
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Logical Disk Manager
C:\Documents and Settings\Tomas>sc config dmserver start= auto
[SC] ChangeServiceConfig SUCCESS
C:\Documents and Settings\Tomas>sc start dmserver
[SC] StartService FAILED 1056:
Instance tÚto slu
C:\Documents and Settings\Tomas>
C:\Documents and Settings\Tomas>::Logical Disk Manager Administrative Service
C:\Documents and Settings\Tomas>sc config dmadmin start= demand
[SC] ChangeServiceConfig SUCCESS
我再次连接了驱动器,但问题仍然存在。
编辑:今天我尝试使用 USB 适配器连接普通(内部)硬盘,它确实以同样的方式锁定了计算机。
答案1
最有可能的问题出在 Keys 上:
HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}
HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}
LowerFilters,UpperFilters价值。
及其变体:
挂载点:
mountvol /L | find "\\"
挂载点、注册表:
HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices
删除不需要的条目挂载点:
USB ID 设备:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USBSTOR
Windows XP:
备份注册表并运行:
usbrest.cmd:
REG DELETE "HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}" /v LowerFilters /f
REG DELETE "HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}" /v UpperFilters /f
REG DELETE "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}" /v LowerFilters /f
del /F /A:- %windir%\inf\INFCACHE.1
sc config stisvc start= auto
sc start stisvc
sc config ShellHWDetection start= auto
sc start ShellHWDetection
需要重新启动。
usbdevice-删除-全部.cmd:
REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USB" /f
REG DELETE "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\USBSTOR" /f
删除设备上的所有 USB:
psexec -i -d -s usbdevice-delete-all.cmd
执行
需要重新启动。
运行cmdgetusb-file.cmd
获取usb文件.cmd:
dir /B /A:- %windir%\system32\Drivers\usb*
dir /B /A:- %windir%\inf\usb* | find /i ".inf"
运行cmd获取UpperFilters磁盘设备:
REG QUERY "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}" /v UpperFilters
运行cmd,获取系统板信息:
wmic BASEBOARD get Product, SerialNumber, Version, Manufacturer
输出:
Manufacturer Product SerialNumber Version
ASUSTeK Computer INC. P5Q MS1C8CBKC500124 Rev 1.xx
恢复服务设置.cmd:
::HID Input Service
sc config HidServ start= auto
sc start HidServ
::Shell Hardware Detection
sc config ShellHWDetection start= auto
sc start ShellHWDetection
::Windows Image Acquisition (WIA)
sc config stisvc start= auto
sc start stisvc
::Windows Management Instrumentation
sc config winmgmt start= auto
sc start winmgmt
::Remote Registry
sc config RemoteRegistry start= auto
sc start RemoteRegistry
::Logical Disk Manager
sc config dmserver start= auto
sc start dmserver
::Logical Disk Manager Administrative Service
sc config dmadmin start= demand
usbrest2.cmd:
REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}" /v UpperFilters /t REG_MULTI_SZ /d PartMgr\0 /f
禁用新卷的自动安装:
mountvol /N
重新启用新卷的自动安装:
mountvol /E
恢复默认注册表和文件系统设置:
secedit /configure /cfg %windir%\repair\secsetup.inf /db secsetup.sdb /verbose
secedit /configure /cfg %windir%\repair\secDC.inf /db secDC.sdb /verbose
查看eventlog磁盘事件:
powershell Get-Eventlog system -Source Disk
查看最后 10 个磁盘错误:
powershell Get-Eventlog system -newest 10 -EntryType Error -Source Disk