Windows Anti-Virus turns itself off

Discussion in 'Windows 10 Help and Support' started by hww1955, Nov 11, 2015.

  1. hww1955

    hww1955 Senior Member

    Joined:
    Oct 18, 2011
    Messages:
    23
    Likes Received:
    0
    After inserting a hot swap drive, Windows Anti-Virus turns itself off. What causes this?
     
  2. BIGBEARJEDI

    BIGBEARJEDI Honorable Member
    Premium Supporter

    Joined:
    Jan 28, 2013
    Messages:
    1,798
    Likes Received:
    219
    Hi there hww:

    I'm afraid we'd need more information than that to even propose a solution. What is the Make/Model of the computer you are using. Is it a Desktop PC or a laptop? If a Desktop PC is it an OEM (DELL, HP, ACER), or a self-built PC? If a self-built rig, what are your hardware & Mobo specs?

    Is the hot-swap drive part of a RAID array? Or USB? or Firewire? or eSATA? What is the Make/Model of the drive you are attempting to hot-swap?

    Did this computer or laptop come with Win10 on it? Or did you upgrade it from an earlier version of Windows such as XP/VISTA/WIN7/WIN8/WIN8.1/WIN8.1.1?

    If you're using a RAID controller, is it SCSI? What Make/Model is the SCSI RAID controller?

    I have yet to use a RAID config on Win10, and no one I know has tried this yet.

    Based on the lack of information you provided--I could hazard a guess tho': If you upgraded your PC from an earlier version of Windows to W10, and you didn't have that Hot Swap drive plugged in, the RAID controller might not be recognizing it due to an incompatible or outdated version the RAID controller driver. It's possible that you'll need to back up whatever is on that drive to external media; wipe it clean, insert it back into the RAID controller array and resync it. If the RAID hardware and it's W10 driver are working it should resync. Once that's done, you should uninstall and reinstall the Windows AV, which should be Windows Defender. It's possible that this would fix it.

    There are also a number of software tools that you can use to monitor services and processes to look and see what W10 device or process is knocking the Defender offline.

    Post back some answers and we'll look into it further.

    <<<BIGBEARJEDI>>>
     
  3. hww1955

    hww1955 Senior Member

    Joined:
    Oct 18, 2011
    Messages:
    23
    Likes Received:
    0
    My computer is a desktop that I built. No RAID in use. Clean install of Windows 10. Asus Crosshair V Formula-Z. AMD 9590 H2O cooled. 32 GB of ram @2100 non-overclocked. 1TB Samsung 850 EVO. 2 6TB HD, 1 3TB HD, and last the HD I was trying to insert, 2TB all of the HD's are from Seagate. My thought was that the drive I was inserting might have been infected.
     
  4. MikeHawthorne

    MikeHawthorne Essential Member
    Microsoft Community Contributor

    Joined:
    May 25, 2009
    Messages:
    6,052
    Likes Received:
    303
    Hi

    Have you run Malwarebytes with the drive connected?
    If not I'd give that a try, and see if there is some kind of malware on the drive.

    Mike
     
  5. BIGBEARJEDI

    BIGBEARJEDI Honorable Member
    Premium Supporter

    Joined:
    Jan 28, 2013
    Messages:
    1,798
    Likes Received:
    219
    Hi,
    That helps a little bit; but doesn't tell me EXACTLY how you have all those drives hooked up. Are you telling me that the 1TB SamsungEVO drive (SSD?) is hooked up to the Motherboard as you C: bootdrive? And that the other 4 drives are also hooked up to SATA ports on the Motherboard? And those other 4 drives are PHYSICALLY inside your computer case in various drive bays?

    Maybe you could send us a picture?

    Let's assume for a moment that all your drives are hookded directly to the Motherboard, including the 2TB spare drive; and not to the Motherboard via any other port methods as I mentioned above (USB, Fireware, eSATA). In this case, it's certainly possible the drive is infected, it's more likely the drive has failed or is failing. Did you attempt to run SEATOOLS drive diagnostic available for free at seagate.com on that 2TB drive? Make sure to run BOTH short and long tests on that drive. If SEATOOLS returns any errors that drive has failed and must be replaced. I also suggest that you disconnect ALL your drives from your Motherboard for this test. The 2TB Seagate drive should be the only drive connected to the Motherboard when you run your SEATOOLS test. All other drives must be physically removed or uncabled from the Motherboard. You can leave your other drives in their drive bays, as long as you disconnect both power and data cables from each and every drive. (of course this scenario only works if I'm understanding how your drives are all hooked up; as I said there is a myriad of choices to do this).

    In any case, you mention that you did a "HOT-SWAP" with this 2TB drive into the computer Motherboard? Is this correct, because, if so, you are using the wrong terminology!! And if you did insert the power and data cables for this 2TB drive on a SATA Motherboard port, you probably fried that drive!! Motherboard storage ports do NOT SUPPORT "HOT-SWAP", unless your Motherboard has an embedded RAID controller chip and supporting circuitry on the storage ports to do this. This type of setup is not normally available on consumer Motherboards. The embedded technology exists on high-performance server machines, and blade-servers in data centers only. Also, "HOT-SWAP", indicates that you are REMOVING another drive; which drive did you remove, and from which SATA port (SATA0? SATA1? SATA2? SATA3, SATA4, etc.) did you remove that drive from. Further "HOT-SWAP" also means that when you removed the old drive from your Motherboard, that it was live, and running, and powered up, and that you reinserted the new drive within 60 seconds of removing the old drive. This is quite tricky to do with drives unless your new drive was already in a drive bay and you just did a quicky cable swap.

    It sounds to me like you don't understand what "HOT-SWAP" really means. If you did do what I stated in the paragraph just above this one, you most likely damaged the old drive (if it wasn't dead or faulty already; possibly the reason you were replacing it anyway), and most certainly damaged the new drive while you were trying to connect in the new drive into your Motherboard. These are NOT things you can do while your PC is powered on!!! Unless I'm misunderstanding your hardware setup, what you did to your new drive was BAD, BAD, BAD!!!

    Please understand your communication method of sparse information leaves us guessing on how things are really setup. It prevents us from figuring out what, if anything you did to your computer to scramble that 2TB drive. If you wouldn't mind providing us with a little more detail, or again, a picture (you could use your Cell. phone for that and post back here), would really help. Based on what you told us, your new drive failed because you tried to plug it into a Motherboard that does not have embedded RAID circuitry technology to support true "HOT-SWAP", nor a discrete RAID controller card which does the same thing. So you understand further, "HOT-SWAP" is only a feature of "RAID" or mirroring configuration of hard drives which uses both special hardware and software. Here's a wikipedia article for you: Hot swapping - Wikipedia, the free encyclopedia

    Based on the explanation in the above linked wikipedia article, they also include USB as "hot-swappable", BUT, in the practical world, USB has proven not to be truly "hot-swappable" as intended. Computer techs rarely, if ever, attempt to "HOT-SWAP" USB drives while the computer is powered up, due to frequent catastrophic data loss. So, if this is actually what you meant you were doing [unplugging a live drive from a usb cable, and then plugging in another drive onto that same usb cable, technically, this is a type of "HOT-SWAP" but, not a very reliable one, and certainly one that involves high risk to your data. Most trained Techs would at least use the System Tray usb icon to "DISCONNECT" the old drive, and not just unplug the old drive and plug in the new drive. Guessing this is what you did not do. This would be slightly safer. Perhaps this is what you did, and you did use Windows to disconnect the old drive and then plug in the new drive to the cable. Either way, that's much riskier than powering down your computer and disconnecting a drive and then reconnecting a new drive into the USB port or SATA port or whatever.

    You can also plug in that 2TB drive to another computer, and see if the other computer can read it's file structure (folders and files and capacity used look right). If that's scrambled or erased, it's a pretty good chance you messed up that drive. As above testing it with SEATOOLS can tell you that. If it turns out this 2TB drive was connected to the Motherboard via USB, the next time you do this with any other drive, it's safest to power down first.

    >>>BBJ>>>
     
  6. BIGBEARJEDI

    BIGBEARJEDI Honorable Member
    Premium Supporter

    Joined:
    Jan 28, 2013
    Messages:
    1,798
    Likes Received:
    219
    >>>Just finished explaining to OP, that's it's probably not a virus, he tried to unplug his drive from a Motherboard port while the PC was powered on. That will usually kill the drive, or at the least scramble the file table (MFT). However, it's not a bad idea to scan it once he has it hooked up as the only drive on that PC, or take to another computer and scan it.<<<
    BBJ
     

Share This Page

Loading...