Jump to content

Windows 8.1 not booting after uninstalling antivirus


Recommended Posts

After  uninstalling antivirus my windows 8.1 laptop not booting..........................................FRS scan is as follows ......................

Please help me out ...........

-----------------------------------------------------------------------------------------------------------------------------------------------------------------

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:18-04-2016
Ran by SYSTEM on MININT-O2UF3L8 (21-04-2016 16:04:42)
Running from M:\
Platform: Windows 8.1 Single Language (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-30] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-16] (Dell Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95536 2014-03-04] (Sensible Vision )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2014-03-04] (Sensible Vision )
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [133760 2014-01-08] (Qualcomm®Atheros®)
HKU\Chithira P R\...\Run: [Google Update] => C:\Users\Chithira P R\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\Chithira P R\...\Run: [Dropbox Update] => C:\Users\Chithira P R\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\Chithira P R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-15]
ShortcutTarget: Dropbox.lnk -> C:\windows\system32\config\systemprofile\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [318592 2014-01-08] (Windows (R) Win 7 DDK provider)
S2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
S2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [202488 2016-03-10] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [139328 2014-02-19] (Aviata, Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-26] (Dell Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-21] (SoftThinks SAS)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-03-14] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S3 BthHFSrv; %SystemRoot%\System32\BthHFSrv.dll [X]
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 secdrv; no ImagePath
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44024 2015-02-03] (Microsoft Corporation)
S0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [264000 2015-02-03] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 1394ohci; \SystemRoot\System32\drivers\1394ohci.sys [X]
S0 3ware; System32\drivers\3ware.sys [X]
S0 ACPI; System32\drivers\ACPI.sys [X]
S3 acpipagr; \SystemRoot\System32\drivers\acpipagr.sys [X]
S3 AcpiPmi; \SystemRoot\System32\drivers\acpipmi.sys [X]
S3 acpitime; \SystemRoot\System32\drivers\acpitime.sys [X]
S0 ADP80XX; System32\drivers\ADP80XX.SYS [X]
S0 agp440; System32\drivers\agp440.sys [X]
S3 AmdK8; \SystemRoot\System32\drivers\amdk8.sys [X]
S3 AmdPPM; \SystemRoot\System32\drivers\amdppm.sys [X]
S0 amdsata; System32\drivers\amdsata.sys [X]
S0 amdsbs; System32\drivers\amdsbs.sys [X]
S0 amdxata; System32\drivers\amdxata.sys [X]
S0 arcsas; System32\drivers\arcsas.sys [X]
S0 atapi; System32\drivers\atapi.sys [X]
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 athr; \SystemRoot\system32\DRIVERS\athwbx.sys [X]
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S1 BasicDisplay; \SystemRoot\System32\drivers\BasicDisplay.sys [X]
S1 BasicRender; \SystemRoot\System32\drivers\BasicRender.sys [X]
S3 bcmfn2; \SystemRoot\System32\drivers\bcmfn2.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
S3 BtFilter; \SystemRoot\system32\DRIVERS\btfilter.sys [X]
S3 BthAvrcpTg; \SystemRoot\System32\drivers\BthAvrcpTg.sys [X]
S3 BthEnum; \SystemRoot\System32\drivers\BthEnum.sys [X]
S3 BthHFEnum; \SystemRoot\System32\drivers\bthhfenum.sys [X]
S3 bthhfhid; \SystemRoot\System32\drivers\BthHFHid.sys [X]
S3 BthLEEnum; \SystemRoot\system32\DRIVERS\BthLEEnum.sys [X]
S3 BTHMODEM; \SystemRoot\System32\drivers\bthmodem.sys [X]
S3 BthMtpEnum; \SystemRoot\system32\DRIVERS\BthMtpEnum.sys [X]
S3 BthPan; \SystemRoot\System32\drivers\bthpan.sys [X]
S3 BTHPORT; \SystemRoot\System32\Drivers\BTHport.sys [X]
S3 BTHUSB; \SystemRoot\System32\Drivers\BTHUSB.sys [X]
S1 cdrom; \SystemRoot\System32\drivers\cdrom.sys [X]
S3 circlass; \SystemRoot\System32\drivers\circlass.sys [X]
S1 CLVirtualDrive; \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys [X]
S3 CmBatt; \SystemRoot\System32\drivers\CmBatt.sys [X]
S3 CompositeBus; \SystemRoot\System32\drivers\CompositeBus.sys [X]
S3 DDDriver; \SystemRoot\system32\drivers\DDDriver64Dcsa.sys [X]
S3 DellProf; \SystemRoot\system32\drivers\DellProf.sys [X]
S3 DellRbtn; \SystemRoot\System32\drivers\DellRbtn.sys [X]
S0 disk; System32\drivers\disk.sys [X]
S3 dmvsc; \SystemRoot\System32\drivers\dmvsc.sys [X]
S3 drmkaud; \SystemRoot\system32\drivers\drmkaud.sys [X]
S0 ebdrv; System32\drivers\evbda.sys [X]
S0 EhStorTcgDrv; System32\drivers\EhStorTcgDrv.sys [X]
S3 ErrDev; \SystemRoot\System32\drivers\errdev.sys [X]
S3 facap; \SystemRoot\system32\DRIVERS\facap.sys [X]
S3 fdc; \SystemRoot\System32\drivers\fdc.sys [X]
S3 flpydisk; \SystemRoot\System32\drivers\flpydisk.sys [X]
S3 FxPPM; \SystemRoot\System32\drivers\fxppm.sys [X]
S0 gagp30kx; System32\drivers\gagp30kx.sys [X]
S3 gencounter; \SystemRoot\System32\drivers\vmgencounter.sys [X]
S3 HdAudAddService; \SystemRoot\system32\drivers\HdAudio.sys [X]
S3 HDAudBus; \SystemRoot\System32\drivers\HDAudBus.sys [X]
S3 HidBatt; \SystemRoot\System32\drivers\HidBatt.sys [X]
S3 HidBth; \SystemRoot\System32\drivers\hidbth.sys [X]
S3 hidi2c; \SystemRoot\System32\drivers\hidi2c.sys [X]
S3 HidIr; \SystemRoot\System32\drivers\hidir.sys [X]
S3 HidUsb; \SystemRoot\System32\drivers\hidusb.sys [X]
S0 HpSAMD; System32\drivers\HpSAMD.sys [X]
S3 hyperkbd; \SystemRoot\System32\drivers\hyperkbd.sys [X]
S3 HyperVideo; \SystemRoot\system32\DRIVERS\HyperVideo.sys [X]
S3 i8042prt; \SystemRoot\System32\drivers\i8042prt.sys [X]
S3 iaLPSSi_GPIO; \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys [X]
S3 iaLPSSi_I2C; \SystemRoot\System32\drivers\iaLPSSi_I2C.sys [X]
S0 iaStorA; System32\drivers\iaStorA.sys [X]
S0 iaStorAV; System32\drivers\iaStorAV.sys [X]
S0 iaStorV; System32\drivers\iaStorV.sys [X]
S3 igfx; \SystemRoot\system32\DRIVERS\igdkmd64.sys [X]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
S3 IntcDAud; \SystemRoot\system32\DRIVERS\IntcDAud.sys [X]
S0 intelide; System32\drivers\intelide.sys [X]
S0 intelpep; System32\drivers\intelpep.sys [X]
S3 intelppm; \SystemRoot\System32\drivers\intelppm.sys [X]
S3 IPMIDRV; \SystemRoot\System32\drivers\IPMIDrv.sys [X]
S0 isapnp; System32\drivers\isapnp.sys [X]
S3 iScsiPrt; \SystemRoot\System32\drivers\msiscsi.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
S3 kbdclass; \SystemRoot\System32\drivers\kbdclass.sys [X]
S3 kbdhid; \SystemRoot\System32\drivers\kbdhid.sys [X]
S3 kdnic; \SystemRoot\system32\DRIVERS\kdnic.sys [X]
S0 LSI_SAS; System32\drivers\lsi_sas.sys [X]
S0 LSI_SAS2; System32\drivers\lsi_sas2.sys [X]
S0 LSI_SAS3; System32\drivers\lsi_sas3.sys [X]
S0 LSI_SSS; System32\drivers\lsi_sss.sys [X]
S2 McMPFSvc; no ImagePath
S0 megasas; System32\drivers\megasas.sys [X]
S0 megasr; System32\drivers\megasr.sys [X]
S3 MEIx64; \SystemRoot\System32\drivers\TeeDriverx64.sys [X]
S3 monitor; \SystemRoot\System32\drivers\monitor.sys [X]
S3 mouclass; \SystemRoot\System32\drivers\mouclass.sys [X]
S3 mouhid; \SystemRoot\System32\drivers\mouhid.sys [X]
S3 msgpiowin32; \SystemRoot\System32\drivers\msgpiowin32.sys [X]
S0 msisadrv; System32\drivers\msisadrv.sys [X]
S1 mssmbios; \SystemRoot\System32\drivers\mssmbios.sys [X]
S3 MTConfig; \SystemRoot\System32\drivers\MTConfig.sys [X]
S3 mtkmbim; \SystemRoot\system32\DRIVERS\mtkmbim7_x64.sys [X]
S0 mvumis; System32\drivers\mvumis.sys [X]
S3 netvsc; \SystemRoot\System32\drivers\netvsc63.sys [X]
S1 npsvctrig; \SystemRoot\System32\drivers\npsvctrig.sys [X]
S0 nvraid; System32\drivers\nvraid.sys [X]
S0 nvstor; System32\drivers\nvstor.sys [X]
S0 nv_agp; System32\drivers\nv_agp.sys [X]
S3 Parport; \SystemRoot\System32\drivers\parport.sys [X]
S0 pci; System32\drivers\pci.sys [X]
S0 pciide; System32\drivers\pciide.sys [X]
S0 pcmcia; System32\drivers\pcmcia.sys [X]
S3 Processor; \SystemRoot\System32\drivers\processr.sys [X]
S3 rdpbus; \SystemRoot\System32\drivers\rdpbus.sys [X]
S3 RFCOMM; \SystemRoot\System32\drivers\rfcomm.sys [X]
S3 RSUSBVSTOR; \SystemRoot\System32\Drivers\RtsUVStor.sys [X]
S3 RTL8168; \SystemRoot\system32\DRIVERS\Rt630x64.sys [X]
S3 s3cap; \SystemRoot\System32\drivers\vms3cap.sys [X]
S0 sbp2port; System32\drivers\sbp2port.sys [X]
S3 sdbus; \SystemRoot\System32\drivers\sdbus.sys [X]
S3 sdstor; \SystemRoot\System32\drivers\sdstor.sys [X]
S3 Serenum; \SystemRoot\System32\drivers\serenum.sys [X]
S3 Serial; \SystemRoot\System32\drivers\serial.sys [X]
S3 sermouse; \SystemRoot\System32\drivers\sermouse.sys [X]
S3 sfloppy; \SystemRoot\System32\drivers\sfloppy.sys [X]
S0 SiSRaid2; System32\drivers\SiSRaid2.sys [X]
S0 SiSRaid4; System32\drivers\sisraid4.sys [X]
S0 spaceport; System32\drivers\spaceport.sys [X]
S0 stexstor; System32\drivers\stexstor.sys [X]
S0 storahci; System32\drivers\storahci.sys [X]
S0 storflt; System32\drivers\vmstorfl.sys [X]
S0 stornvme; System32\drivers\stornvme.sys [X]
S0 storvsc; System32\drivers\storvsc.sys [X]
S3 swenum; \SystemRoot\System32\drivers\swenum.sys [X]
S3 SynRMIHID; \SystemRoot\system32\DRIVERS\SynRMIHID.sys [X]
S3 SynTP; \SystemRoot\system32\DRIVERS\SynTP.sys [X]
S3 terminpt; \SystemRoot\System32\drivers\terminpt.sys [X]
S3 TPM; \SystemRoot\system32\drivers\tpm.sys [X]
S3 TsUsbGD; \SystemRoot\System32\drivers\TsUsbGD.sys [X]
S0 uagp35; System32\drivers\uagp35.sys [X]
S3 UASPStor; \SystemRoot\System32\drivers\uaspstor.sys [X]
S3 UCX01000; \SystemRoot\System32\drivers\ucx01000.sys [X]
S3 UEFI; \SystemRoot\System32\drivers\UEFI.sys [X]
S0 uliagpkx; System32\drivers\uliagpkx.sys [X]
S3 umbus; \SystemRoot\System32\drivers\umbus.sys [X]
S3 UmPass; \SystemRoot\System32\drivers\umpass.sys [X]
S3 usbccgp; \SystemRoot\System32\drivers\usbccgp.sys [X]
S3 usbcir; \SystemRoot\System32\drivers\usbcir.sys [X]
S3 usbehci; \SystemRoot\System32\drivers\usbehci.sys [X]
S3 usbhub; \SystemRoot\System32\drivers\usbhub.sys [X]
S3 USBHUB3; \SystemRoot\System32\drivers\UsbHub3.sys [X]
S3 usbohci; \SystemRoot\System32\drivers\usbohci.sys [X]
S3 usbprint; \SystemRoot\System32\drivers\usbprint.sys [X]
S3 USBSTOR; \SystemRoot\System32\drivers\USBSTOR.SYS [X]
S3 usbuhci; \SystemRoot\System32\drivers\usbuhci.sys [X]
S3 usbvideo; \SystemRoot\System32\Drivers\usbvideo.sys [X]
S3 USBXHCI; \SystemRoot\System32\drivers\USBXHCI.SYS [X]
S0 vdrvroot; System32\drivers\vdrvroot.sys [X]
S3 vhdmp; \SystemRoot\System32\drivers\vhdmp.sys [X]
S0 viaide; System32\drivers\viaide.sys [X]
S0 vmbus; System32\drivers\vmbus.sys [X]
S3 VMBusHID; \SystemRoot\System32\drivers\VMBusHID.sys [X]
S0 volmgr; System32\drivers\volmgr.sys [X]
S0 volsnap; System32\drivers\volsnap.sys [X]
S3 vpci; \SystemRoot\System32\drivers\vpci.sys [X]
S0 vsmraid; System32\drivers\vsmraid.sys [X]
S0 VSTXRAID; System32\drivers\vstxraid.sys [X]
S3 vwifibus; \SystemRoot\System32\drivers\vwifibus.sys [X]
S3 WacomPen; \SystemRoot\System32\drivers\wacompen.sys [X]
S3 wdf_usb; \SystemRoot\system32\DRIVERS\usb2ser.sys [X]
S3 WinUsb; \SystemRoot\System32\drivers\WinUsb.sys [X]
S3 WmiAcpi; \SystemRoot\System32\drivers\wmiacpi.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-21 16:04 - 2016-04-21 16:04 - 00000000 ____D C:\FRST
2016-04-20 20:06 - 2016-04-21 15:47 - 00000000 _____ C:\Recovery.txt
2016-04-20 05:57 - 2016-04-20 05:57 - 00000000 ____D C:\Windows\System32\NgBase
2016-04-15 06:38 - 2016-04-15 06:39 - 02495819 _____ C:\Users\Chithira P R\Downloads\shang2016.pdf
2016-04-15 06:32 - 2016-04-15 06:32 - 00136702 _____ C:\Users\Chithira P R\Downloads\document(10).pdf
2016-04-14 22:59 - 2016-04-14 22:59 - 00274300 _____ C:\Users\Chithira P R\Desktop\Presentation1.pptx
2016-04-13 02:55 - 2016-04-13 02:55 - 00000000 __HDC C:\ProgramData\{05EE3202-A879-4F9D-895C-AC535855E0A9}
2016-04-13 02:01 - 2016-04-14 01:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-07 07:10 - 2016-04-07 07:10 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2016-04-07 07:10 - 2016-04-07 07:10 - 00000000 ____D C:\Program Files\Dell Support Center
2016-04-06 09:16 - 2016-04-06 09:16 - 00289443 _____ C:\Users\Chithira P R\Downloads\experiment 19.zip
2016-04-05 02:24 - 2016-04-05 02:24 - 00734784 _____ (Oracle Corporation) C:\Users\Chithira P R\Downloads\jre-8u77-windows-i586-iftw.exe
2016-04-04 04:32 - 2016-04-04 04:32 - 00483209 _____ C:\Users\Chithira P R\Desktop\uv.pptx
2016-04-04 04:12 - 2016-04-04 04:26 - 00483208 _____ C:\Users\Chithira P R\Documents\uv.pptx
2016-03-31 05:49 - 2016-03-31 05:49 - 00671470 _____ C:\Users\Chithira P R\Downloads\1202.6335(1).pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-20 05:57 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\winevt
2016-04-20 05:57 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\spool
2016-04-20 05:57 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\setup
2016-04-20 05:57 - 2013-08-22 06:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-20 05:57 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\System32\Sysprep
2016-04-20 05:57 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\System32\SMI
2016-04-20 05:57 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\System32\oobe
2016-04-20 05:56 - 2014-08-06 09:01 - 00000000 ____D C:\Windows\System32\MRT
2016-04-20 05:56 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\MUI
2016-04-20 05:56 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\MsDtc
2016-04-20 05:55 - 2015-06-30 01:44 - 00000964 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1565150037-3136838556-3098224691-1001UA.job
2016-04-20 05:55 - 2015-04-29 02:41 - 00000000 ____D C:\Windows\System32\GWX
2016-04-20 05:54 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\Com
2016-04-20 05:53 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\Inf
2016-04-20 05:43 - 2014-10-23 03:25 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1565150037-3136838556-3098224691-1001UA1cfeeb4dfdf318.job
2016-04-20 05:30 - 2014-09-18 17:38 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1565150037-3136838556-3098224691-1001UA.job
2016-04-20 01:00 - 2014-08-05 06:27 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-19 23:01 - 2014-08-09 04:37 - 00000000 ___RD C:\Users\Chithira P R\Dropbox
2016-04-19 10:32 - 2014-08-05 02:30 - 00000000 ____D C:\users\Chithira P R
2016-04-19 10:20 - 2014-08-11 06:59 - 00000000 ____D C:\Users\Chithira P R\Documents\Origin User Files
2016-04-16 10:47 - 2014-08-05 09:32 - 00000000 ____D C:\Users\Chithira P R\AppData\Roaming\vlc
2016-04-15 02:48 - 2016-02-16 22:57 - 00309248 ___SH C:\Users\Chithira P R\Desktop\Thumbs.db
2016-04-15 02:48 - 2014-08-09 04:30 - 00000000 ____D C:\Users\Chithira P R\AppData\Roaming\Dropbox
2016-04-14 22:43 - 2014-09-18 17:38 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1565150037-3136838556-3098224691-1001Core.job
2016-04-14 04:15 - 2014-08-05 09:27 - 00000000 ____D C:\Users\Chithira P R\AppData\Local\CrashDumps
2016-04-14 01:49 - 2014-05-20 10:46 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-04-14 01:39 - 2014-08-05 06:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-13 23:51 - 2014-09-19 23:54 - 03279872 ___SH C:\Users\Chithira P R\Downloads\Thumbs.db
2016-04-12 09:08 - 2013-08-22 05:25 - 00262144 _____ C:\Windows\System32\config\BBI
2016-04-11 19:02 - 2014-08-05 06:30 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-11 19:02 - 2014-08-05 06:30 - 00002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2016-04-11 02:38 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-09 07:55 - 2015-06-30 01:44 - 00000912 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1565150037-3136838556-3098224691-1001Core.job
2016-04-07 07:08 - 2014-05-20 10:41 - 00000000 ____D C:\ProgramData\PCDr
2016-04-06 21:14 - 2014-08-05 02:31 - 00000000 ____D C:\Users\Chithira P R\AppData\Roaming\Atheros
2016-04-06 03:11 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\LiveKernelReports
2016-04-05 02:29 - 2015-11-02 09:10 - 00000000 ____D C:\ProgramData\Oracle
2016-04-05 02:29 - 2015-11-02 09:10 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-05 02:28 - 2015-11-02 09:11 - 00000000 ____D C:\Users\Chithira P R\.oracle_jre_usage
2016-04-05 02:27 - 2015-11-02 09:11 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-04 20:50 - 2015-09-23 21:20 - 00000000 ____D C:\Users\Chithira P R\Desktop\IIT samples ESR & TEM

Some files in TEMP:
====================
C:\Users\Chithira P R\AppData\Local\Temp\cdo30984957.dll
C:\Users\Chithira P R\AppData\Local\Temp\jre-8u77-windows-au.exe


==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe
[2015-04-25 04:57] - [2014-10-28 17:22] - 0572416 ____A (Microsoft Corporation) EC498BAE1F0D3E0E401C963F8D76C437

C:\Windows\System32\wininit.exe
[2015-04-24 21:55] - [2014-10-28 17:25] - 0145920 ____A (Microsoft Corporation) A570A64292214C43E0BA50E6A72A6380

C:\Windows\explorer.exe
[2015-03-11 02:02] - [2015-01-27 15:47] - 2501368 ____A (Microsoft Corporation) C10A66189DC8C090E7C84873EDCEBC88

C:\Windows\SysWOW64\explorer.exe
[2015-03-11 02:02] - [2015-01-27 15:41] - 2207488 ____A (Microsoft Corporation) 91E24273FCA076EA9E65DAFA98901225

C:\Windows\System32\svchost.exe
[2015-04-24 21:53] - [2014-10-28 20:11] - 0038792 ____A (Microsoft Corporation) E3A2AD05E24105B35E986CF9CB38EC47

C:\Windows\SysWOW64\svchost.exe
[2015-04-24 21:53] - [2014-10-28 19:17] - 0033088 ____A (Microsoft Corporation) D0ABC231C0B3E88C6B612B28ABBF734D

C:\Windows\System32\services.exe
[2015-05-12 21:02] - [2015-04-08 14:55] - 0410128 ____A (Microsoft Corporation) E0C7813A97CA7947FF5C18A8F3B61A45

C:\Windows\System32\User32.dll
[2015-04-25 05:05] - [2014-10-28 20:00] - 1540696 ____A (Microsoft Corporation) 25026E350BC3BE37631634EC72B10BD5

C:\Windows\SysWOW64\User32.dll
[2015-04-25 05:05] - [2014-10-28 17:04] - 1376256 ____A (Microsoft Corporation) 76C5CF09F53A3B089B5581B9938F8CAE

C:\Windows\System32\userinit.exe
[2015-04-24 21:50] - [2014-10-28 17:28] - 0026112 ____A (Microsoft Corporation) 5C131534A3EA4A461A793FB507A8004F

C:\Windows\SysWOW64\userinit.exe
[2015-04-24 21:51] - [2014-10-28 17:05] - 0022528 ____A (Microsoft Corporation) D10643FC0095434C819316CA6CD748C0

C:\Windows\System32\rpcss.dll
[2015-04-25 05:03] - [2014-10-28 17:19] - 0817664 ____A (Microsoft Corporation) A6F17C299A03BAFEFB9257C462A19E00

C:\Windows\System32\dnsapi.dll
[2015-04-25 05:02] - [2014-10-28 17:30] - 0657920 ____A (Microsoft Corporation) A5675939CF0F99B20B5A3CFCC3C1B46A

C:\Windows\SysWOW64\dnsapi.dll
[2015-04-25 05:00] - [2014-10-28 17:06] - 0498688 ____A (Microsoft Corporation) BD9C7A068C46053F8747CEA73B5930AB

C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION
C:\Windows\System32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION

==================== EXE Association (Whitelisted) =============


==================== Restore Points =========================

Restore point date: 2016-03-31 06:13
Restore point date: 2016-04-08 09:49
Restore point date: 2016-04-20 05:51
Restore point date: 2016-04-20 05:51

==================== Memory info =========================== 

Percentage of memory in use: 22%
Total physical RAM: 4000.18 MB
Available physical RAM: 3091.96 MB
Total Virtual: 4000.18 MB
Available Virtual: 3117.59 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:103.42 GB) (Free:48.65 GB) NTFS
Drive d: (PBR Image) (Fixed) (Total:10.92 GB) (Free:0.7 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:86.36 GB) (Free:62.98 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:117.19 GB) (Free:73.2 GB) NTFS
Drive h: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.3 GB) NTFS
Drive j: (DIAGS) (Fixed) (Total:0.04 GB) (Free:0.04 GB) FAT32
Drive k: (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
Drive l: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.3 GB) NTFS
Drive m: (CHITHIRA) (Removable) (Total:14.92 GB) (Free:14.92 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.49 GB) (Free:0.49 GB) NTFS
Drive z: (New Volume) (Fixed) (Total:146.48 GB) (Free:132.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 29D6986C)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 14.9 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=14.9 GB) - (Type=0C)


LastRegBack: 2016-04-13 02:48

==================== End of FRST.txt ============================

 

P_20160421_160818_p.jpg

FRST.txt

Link to post
Share on other sites

Hello CHITHIRA and welcome to Malwarebytes,

My screen name is kevinf80, I will work with you and clean up your PC

Save the attached file fixlist.txt to your flash drive, same place as FRST.
Now please enter System Recovery Options as you did to get the log.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
 
Re-boot your system when complete, any improvement?
 
Thanks,
 
Kevin.....

fixlist.txt

Link to post
Share on other sites

Hi

Thank for your reply. the way you told i did it. but no improvement. again i am attaching the FRST.txt file.  please have a look. 

thank you. Fixlog.txt

here is the  Fixlog.txt....

 

Fix result of Farbar Recovery Scan Tool (x64) Version:28-11-2015
Ran by SYSTEM (2016-04-23 12:34:00) Run:1
Running from D:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
Start
LastRegBack: 2016-04-13 02:48 
end


*****************

DEFAULT => copied successfully to System32\config\HiveBackup
DEFAULT => restored successfully from registry back up
SAM => copied successfully to System32\config\HiveBackup
SAM => restored successfully from registry back up
SECURITY => copied successfully to System32\config\HiveBackup
SECURITY => restored successfully from registry back up
SOFTWARE => copied successfully to System32\config\HiveBackup
SOFTWARE => restored successfully from registry back up
SYSTEM => copied successfully to System32\config\HiveBackup
SYSTEM => restored successfully from registry back up

==== End of Fixlog 12:34:05 ====

 

 

 

Link to post
Share on other sites

Hi

Thank for your reply. the way you told i did it. but no improvement. again i am attaching the FRST.txt file.  please have a look. 

thank you. Fixlog.txt

here is the  Fixlog.txt....

 

Fix result of Farbar Recovery Scan Tool (x64) Version:28-11-2015
Ran by SYSTEM (2016-04-23 12:34:00) Run:1
Running from D:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
Start
LastRegBack: 2016-04-13 02:48 
end


*****************

DEFAULT => copied successfully to System32\config\HiveBackup
DEFAULT => restored successfully from registry back up
SAM => copied successfully to System32\config\HiveBackup
SAM => restored successfully from registry back up
SECURITY => copied successfully to System32\config\HiveBackup
SECURITY => restored successfully from registry back up
SOFTWARE => copied successfully to System32\config\HiveBackup
SOFTWARE => restored successfully from registry back up
SYSTEM => copied successfully to System32\config\HiveBackup
SYSTEM => restored successfully from registry back up

==== End of Fixlog 12:34:05 ====

 

Fixlog.txt

FRST.txt

Link to post
Share on other sites

Hi,

 here is the  scan with FRST and the fresh log...

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-11-2015
Ran by SYSTEM on MININT-J1K0END (23-04-2016 13:45:09)
Running from D:\
Platform: Windows 8.1 Single Language (X64) Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
Default: ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7510232 2014-01-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1374936 2014-01-13] (Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Realtek\Audio\HDA\WavesSvc64.exe [285272 2013-12-30] (Waves Audio Ltd.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3777696 2014-01-16] (Dell Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [FAStartup] => [X]
HKLM-x32\...\Run: [FATrayAlert] => C:\Program Files (x86)\Sensible Vision\Fast Access\FATrayMon.exe [95536 2014-03-04] (Sensible Vision )
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-13] (Avast Software s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\FastAccess: C:\Program Files (x86)\Sensible Vision\Fast Access\FALogNot.dll [2014-03-04] (Sensible Vision )
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [133760 2014-01-08] (Qualcomm®Atheros®)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\Chithira P R\...\Run: [Google Update] => C:\Users\Chithira P R\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\Chithira P R\...\Run: [Dropbox Update] => C:\Users\Chithira P R\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-30] (Dropbox, Inc.)
Lsa: [Notification Packages] scecli FAPassSync
Startup: C:\Users\Chithira P R\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-15]
ShortcutTarget: Dropbox.lnk -> C:\windows\system32\config\systemprofile\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [318592 2014-01-08] (Windows (R) Win 7 DDK provider)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-22] (Avast Software s.r.o.)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-04-22] (Avast Software)
S2 Dell Customer Connect; C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [137968 2015-09-22] (Dell Inc.)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2572024 2016-03-10] (Dell Inc.)
S3 DellProdRegManager; C:\Program Files (x86)\Dell Product Registration\regmgrsvc.exe [139328 2014-02-19] (Aviata, Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-26] (Dell Inc.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; c:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2013-07-29] (CyberLink)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1915920 2013-11-21] (SoftThinks SAS)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [31928 2016-03-14] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
S3 BthHFSrv; %SystemRoot%\System32\BthHFSrv.dll [X]
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 aswRvrt; no ImagePath
S0 aswVmm; no ImagePath
S2 secdrv; no ImagePath
S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-04-22] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44024 2015-02-03] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [264000 2015-02-03] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
S3 1394ohci; \SystemRoot\System32\drivers\1394ohci.sys [X]
S0 3ware; System32\drivers\3ware.sys [X]
S0 ACPI; System32\drivers\ACPI.sys [X]
S3 acpipagr; \SystemRoot\System32\drivers\acpipagr.sys [X]
S3 AcpiPmi; \SystemRoot\System32\drivers\acpipmi.sys [X]
S3 acpitime; \SystemRoot\System32\drivers\acpitime.sys [X]
S0 ADP80XX; System32\drivers\ADP80XX.SYS [X]
S0 agp440; System32\drivers\agp440.sys [X]
S3 AmdK8; \SystemRoot\System32\drivers\amdk8.sys [X]
S3 AmdPPM; \SystemRoot\System32\drivers\amdppm.sys [X]
S0 amdsata; System32\drivers\amdsata.sys [X]
S0 amdsbs; System32\drivers\amdsbs.sys [X]
S0 amdxata; System32\drivers\amdxata.sys [X]
S0 arcsas; System32\drivers\arcsas.sys [X]
S2 aswHwid; \SystemRoot\system32\drivers\aswHwid.sys [X]
S2 aswMonFlt; \SystemRoot\system32\drivers\aswMonFlt.sys [X]
S1 aswRdr; \SystemRoot\system32\drivers\aswRdr2.sys [X]
S1 aswSnx; \SystemRoot\system32\drivers\aswSnx.sys [X]
S1 aswSP; \SystemRoot\system32\drivers\aswSP.sys [X]
S2 aswStm; \SystemRoot\system32\drivers\aswStm.sys [X]
S0 atapi; System32\drivers\atapi.sys [X]
S3 AthBTPort; \SystemRoot\system32\DRIVERS\btath_flt.sys [X]
S3 athr; \SystemRoot\system32\DRIVERS\athwbx.sys [X]
S0 b06bdrv; System32\drivers\bxvbda.sys [X]
S1 BasicDisplay; \SystemRoot\System32\drivers\BasicDisplay.sys [X]
S1 BasicRender; \SystemRoot\System32\drivers\BasicRender.sys [X]
S3 bcmfn2; \SystemRoot\System32\drivers\bcmfn2.sys [X]
S3 BTATH_A2DP; \SystemRoot\system32\drivers\btath_a2dp.sys [X]
S3 btath_avdt; \SystemRoot\system32\drivers\btath_avdt.sys [X]
S3 BTATH_BUS; \SystemRoot\System32\drivers\btath_bus.sys [X]
S3 BTATH_HCRP; \SystemRoot\System32\drivers\btath_hcrp.sys [X]
S3 BTATH_LWFLT; \SystemRoot\system32\DRIVERS\btath_lwflt.sys [X]
S3 BTATH_RCP; \SystemRoot\System32\drivers\btath_rcp.sys [X]
S3 BtFilter; \SystemRoot\system32\DRIVERS\btfilter.sys [X]
S3 BthAvrcpTg; \SystemRoot\System32\drivers\BthAvrcpTg.sys [X]
S3 BthEnum; \SystemRoot\System32\drivers\BthEnum.sys [X]
S3 BthHFEnum; \SystemRoot\System32\drivers\bthhfenum.sys [X]
S3 bthhfhid; \SystemRoot\System32\drivers\BthHFHid.sys [X]
S3 BthLEEnum; \SystemRoot\system32\DRIVERS\BthLEEnum.sys [X]
S3 BTHMODEM; \SystemRoot\System32\drivers\bthmodem.sys [X]
S3 BthMtpEnum; \SystemRoot\system32\DRIVERS\BthMtpEnum.sys [X]
S3 BthPan; \SystemRoot\System32\drivers\bthpan.sys [X]
S3 BTHPORT; \SystemRoot\System32\Drivers\BTHport.sys [X]
S3 BTHUSB; \SystemRoot\System32\Drivers\BTHUSB.sys [X]
S1 cdrom; \SystemRoot\System32\drivers\cdrom.sys [X]
S3 circlass; \SystemRoot\System32\drivers\circlass.sys [X]
S1 CLVirtualDrive; \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys [X]
S3 CmBatt; \SystemRoot\System32\drivers\CmBatt.sys [X]
S3 CompositeBus; \SystemRoot\System32\drivers\CompositeBus.sys [X]
S3 DDDriver; \SystemRoot\system32\drivers\DDDriver64Dcsa.sys [X]
S3 DellProf; \SystemRoot\system32\drivers\DellProf.sys [X]
S3 DellRbtn; \SystemRoot\System32\drivers\DellRbtn.sys [X]
S0 disk; System32\drivers\disk.sys [X]
S3 dmvsc; \SystemRoot\System32\drivers\dmvsc.sys [X]
S3 drmkaud; \SystemRoot\system32\drivers\drmkaud.sys [X]
S0 ebdrv; System32\drivers\evbda.sys [X]
S0 EhStorTcgDrv; System32\drivers\EhStorTcgDrv.sys [X]
S3 ErrDev; \SystemRoot\System32\drivers\errdev.sys [X]
S3 facap; \SystemRoot\system32\DRIVERS\facap.sys [X]
S3 fdc; \SystemRoot\System32\drivers\fdc.sys [X]
S3 flpydisk; \SystemRoot\System32\drivers\flpydisk.sys [X]
S3 FxPPM; \SystemRoot\System32\drivers\fxppm.sys [X]
S0 gagp30kx; System32\drivers\gagp30kx.sys [X]
S3 gencounter; \SystemRoot\System32\drivers\vmgencounter.sys [X]
S3 HdAudAddService; \SystemRoot\system32\drivers\HdAudio.sys [X]
S3 HDAudBus; \SystemRoot\System32\drivers\HDAudBus.sys [X]
S3 HidBatt; \SystemRoot\System32\drivers\HidBatt.sys [X]
S3 HidBth; \SystemRoot\System32\drivers\hidbth.sys [X]
S3 hidi2c; \SystemRoot\System32\drivers\hidi2c.sys [X]
S3 HidIr; \SystemRoot\System32\drivers\hidir.sys [X]
S3 HidUsb; \SystemRoot\System32\drivers\hidusb.sys [X]
S0 HpSAMD; System32\drivers\HpSAMD.sys [X]
S3 hyperkbd; \SystemRoot\System32\drivers\hyperkbd.sys [X]
S3 HyperVideo; \SystemRoot\system32\DRIVERS\HyperVideo.sys [X]
S3 i8042prt; \SystemRoot\System32\drivers\i8042prt.sys [X]
S3 iaLPSSi_GPIO; \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys [X]
S3 iaLPSSi_I2C; \SystemRoot\System32\drivers\iaLPSSi_I2C.sys [X]
S0 iaStorA; System32\drivers\iaStorA.sys [X]
S0 iaStorAV; System32\drivers\iaStorAV.sys [X]
S0 iaStorV; System32\drivers\iaStorV.sys [X]
S3 igfx; \SystemRoot\system32\DRIVERS\igdkmd64.sys [X]
S3 intaud_WaveExtensible; \SystemRoot\system32\drivers\intelaud.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
S3 IntcDAud; \SystemRoot\system32\DRIVERS\IntcDAud.sys [X]
S0 intelide; System32\drivers\intelide.sys [X]
S0 intelpep; System32\drivers\intelpep.sys [X]
S3 intelppm; \SystemRoot\System32\drivers\intelppm.sys [X]
S3 IPMIDRV; \SystemRoot\System32\drivers\IPMIDrv.sys [X]
S0 isapnp; System32\drivers\isapnp.sys [X]
S3 iScsiPrt; \SystemRoot\System32\drivers\msiscsi.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
S3 kbdclass; \SystemRoot\System32\drivers\kbdclass.sys [X]
S3 kbdhid; \SystemRoot\System32\drivers\kbdhid.sys [X]
S3 kdnic; \SystemRoot\system32\DRIVERS\kdnic.sys [X]
S0 LSI_SAS; System32\drivers\lsi_sas.sys [X]
S0 LSI_SAS2; System32\drivers\lsi_sas2.sys [X]
S0 LSI_SAS3; System32\drivers\lsi_sas3.sys [X]
S0 LSI_SSS; System32\drivers\lsi_sss.sys [X]
S2 McMPFSvc; no ImagePath
S0 megasas; System32\drivers\megasas.sys [X]
S0 megasr; System32\drivers\megasr.sys [X]
S3 MEIx64; \SystemRoot\System32\drivers\TeeDriverx64.sys [X]
S3 monitor; \SystemRoot\System32\drivers\monitor.sys [X]
S3 mouclass; \SystemRoot\System32\drivers\mouclass.sys [X]
S3 mouhid; \SystemRoot\System32\drivers\mouhid.sys [X]
S3 msgpiowin32; \SystemRoot\System32\drivers\msgpiowin32.sys [X]
S0 msisadrv; System32\drivers\msisadrv.sys [X]
S1 mssmbios; \SystemRoot\System32\drivers\mssmbios.sys [X]
S3 MTConfig; \SystemRoot\System32\drivers\MTConfig.sys [X]
S3 mtkmbim; \SystemRoot\system32\DRIVERS\mtkmbim7_x64.sys [X]
S0 mvumis; System32\drivers\mvumis.sys [X]
S3 netvsc; \SystemRoot\System32\drivers\netvsc63.sys [X]
S1 npsvctrig; \SystemRoot\System32\drivers\npsvctrig.sys [X]
S0 nvraid; System32\drivers\nvraid.sys [X]
S0 nvstor; System32\drivers\nvstor.sys [X]
S0 nv_agp; System32\drivers\nv_agp.sys [X]
S3 Parport; \SystemRoot\System32\drivers\parport.sys [X]
S0 pci; System32\drivers\pci.sys [X]
S0 pciide; System32\drivers\pciide.sys [X]
S0 pcmcia; System32\drivers\pcmcia.sys [X]
S3 Processor; \SystemRoot\System32\drivers\processr.sys [X]
S3 rdpbus; \SystemRoot\System32\drivers\rdpbus.sys [X]
S3 RFCOMM; \SystemRoot\System32\drivers\rfcomm.sys [X]
S3 RSUSBVSTOR; \SystemRoot\System32\Drivers\RtsUVStor.sys [X]
S3 RTL8168; \SystemRoot\system32\DRIVERS\Rt630x64.sys [X]
S3 s3cap; \SystemRoot\System32\drivers\vms3cap.sys [X]
S0 sbp2port; System32\drivers\sbp2port.sys [X]
S3 sdbus; \SystemRoot\System32\drivers\sdbus.sys [X]
S3 sdstor; \SystemRoot\System32\drivers\sdstor.sys [X]
S3 Serenum; \SystemRoot\System32\drivers\serenum.sys [X]
S3 Serial; \SystemRoot\System32\drivers\serial.sys [X]
S3 sermouse; \SystemRoot\System32\drivers\sermouse.sys [X]
S3 sfloppy; \SystemRoot\System32\drivers\sfloppy.sys [X]
S0 SiSRaid2; System32\drivers\SiSRaid2.sys [X]
S0 SiSRaid4; System32\drivers\sisraid4.sys [X]
S0 spaceport; System32\drivers\spaceport.sys [X]
S0 stexstor; System32\drivers\stexstor.sys [X]
S0 storahci; System32\drivers\storahci.sys [X]
S0 storflt; System32\drivers\vmstorfl.sys [X]
S0 stornvme; System32\drivers\stornvme.sys [X]
S0 storvsc; System32\drivers\storvsc.sys [X]
S3 swenum; \SystemRoot\System32\drivers\swenum.sys [X]
S3 SynRMIHID; \SystemRoot\system32\DRIVERS\SynRMIHID.sys [X]
S3 SynTP; \SystemRoot\system32\DRIVERS\SynTP.sys [X]
S3 terminpt; \SystemRoot\System32\drivers\terminpt.sys [X]
S3 TPM; \SystemRoot\system32\drivers\tpm.sys [X]
S3 TsUsbGD; \SystemRoot\System32\drivers\TsUsbGD.sys [X]
S0 uagp35; System32\drivers\uagp35.sys [X]
S3 UASPStor; \SystemRoot\System32\drivers\uaspstor.sys [X]
S3 UCX01000; \SystemRoot\System32\drivers\ucx01000.sys [X]
S3 UEFI; \SystemRoot\System32\drivers\UEFI.sys [X]
S0 uliagpkx; System32\drivers\uliagpkx.sys [X]
S3 umbus; \SystemRoot\System32\drivers\umbus.sys [X]
S3 UmPass; \SystemRoot\System32\drivers\umpass.sys [X]
S3 usbccgp; \SystemRoot\System32\drivers\usbccgp.sys [X]
S3 usbcir; \SystemRoot\System32\drivers\usbcir.sys [X]
S3 usbehci; \SystemRoot\System32\drivers\usbehci.sys [X]
S3 usbhub; \SystemRoot\System32\drivers\usbhub.sys [X]
S3 USBHUB3; \SystemRoot\System32\drivers\UsbHub3.sys [X]
S3 usbohci; \SystemRoot\System32\drivers\usbohci.sys [X]
S3 usbprint; \SystemRoot\System32\drivers\usbprint.sys [X]
S3 USBSTOR; \SystemRoot\System32\drivers\USBSTOR.SYS [X]
S3 usbuhci; \SystemRoot\System32\drivers\usbuhci.sys [X]
S3 usbvideo; \SystemRoot\System32\Drivers\usbvideo.sys [X]
S3 USBXHCI; \SystemRoot\System32\drivers\USBXHCI.SYS [X]
S0 vdrvroot; System32\drivers\vdrvroot.sys [X]
S3 vhdmp; \SystemRoot\System32\drivers\vhdmp.sys [X]
S0 viaide; System32\drivers\viaide.sys [X]
S0 vmbus; System32\drivers\vmbus.sys [X]
S3 VMBusHID; \SystemRoot\System32\drivers\VMBusHID.sys [X]
S0 volmgr; System32\drivers\volmgr.sys [X]
S0 volsnap; System32\drivers\volsnap.sys [X]
S3 vpci; \SystemRoot\System32\drivers\vpci.sys [X]
S0 vsmraid; System32\drivers\vsmraid.sys [X]
S0 VSTXRAID; System32\drivers\vstxraid.sys [X]
S3 vwifibus; \SystemRoot\System32\drivers\vwifibus.sys [X]
S3 WacomPen; \SystemRoot\System32\drivers\wacompen.sys [X]
S3 wdf_usb; \SystemRoot\system32\DRIVERS\usb2ser.sys [X]
S3 WinUsb; \SystemRoot\System32\drivers\WinUsb.sys [X]
S3 WmiAcpi; \SystemRoot\System32\drivers\wmiacpi.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-23 12:34 - 2016-04-23 12:34 - 00000000 ____D C:\Windows\System32\config\HiveBackup
2016-04-21 16:04 - 2016-04-23 12:40 - 00000000 ____D C:\FRST
2016-04-20 20:06 - 2016-04-21 15:47 - 00000000 _____ C:\Recovery.txt
2016-04-20 05:57 - 2016-04-20 05:57 - 00000000 ____D C:\Windows\System32\NgBase
2016-04-15 06:38 - 2016-04-15 06:39 - 02495819 _____ C:\Users\Chithira P R\Downloads\shang2016.pdf
2016-04-15 06:32 - 2016-04-15 06:32 - 00136702 _____ C:\Users\Chithira P R\Downloads\document(10).pdf
2016-04-14 22:59 - 2016-04-14 22:59 - 00274300 _____ C:\Users\Chithira P R\Desktop\Presentation1.pptx
2016-04-13 02:55 - 2016-04-13 02:55 - 00000000 __HDC C:\ProgramData\{05EE3202-A879-4F9D-895C-AC535855E0A9}
2016-04-13 02:01 - 2016-04-14 01:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-07 07:10 - 2016-04-07 07:10 - 00000000 ____D C:\ProgramData\PC-Doctor for Windows
2016-04-07 07:10 - 2016-04-07 07:10 - 00000000 ____D C:\Program Files\Dell Support Center
2016-04-06 09:16 - 2016-04-06 09:16 - 00289443 _____ C:\Users\Chithira P R\Downloads\experiment 19.zip
2016-04-05 02:24 - 2016-04-05 02:24 - 00734784 _____ (Oracle Corporation) C:\Users\Chithira P R\Downloads\jre-8u77-windows-i586-iftw.exe
2016-04-04 04:32 - 2016-04-04 04:32 - 00483209 _____ C:\Users\Chithira P R\Desktop\uv.pptx
2016-04-04 04:12 - 2016-04-04 04:26 - 00483208 _____ C:\Users\Chithira P R\Documents\uv.pptx
2016-03-31 05:49 - 2016-03-31 05:49 - 00671470 _____ C:\Users\Chithira P R\Downloads\1202.6335(1).pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-04-20 05:57 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\winevt
2016-04-20 05:57 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\spool
2016-04-20 05:57 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\setup
2016-04-20 05:57 - 2013-08-22 06:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-20 05:57 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\System32\Sysprep
2016-04-20 05:57 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\System32\SMI
2016-04-20 05:57 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\System32\oobe
2016-04-20 05:56 - 2014-08-06 09:01 - 00000000 ____D C:\Windows\System32\MRT
2016-04-20 05:56 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\MUI
2016-04-20 05:56 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\MsDtc
2016-04-20 05:55 - 2015-06-30 01:44 - 00000964 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1565150037-3136838556-3098224691-1001UA.job
2016-04-20 05:55 - 2015-04-29 02:41 - 00000000 ____D C:\Windows\System32\GWX
2016-04-20 05:54 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\System32\Com
2016-04-20 05:53 - 2013-08-22 05:36 - 00000000 ____D C:\Windows\Inf
2016-04-20 05:43 - 2014-10-23 03:25 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1565150037-3136838556-3098224691-1001UA1cfeeb4dfdf318.job
2016-04-20 05:30 - 2014-09-18 17:38 - 00000954 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1565150037-3136838556-3098224691-1001UA.job
2016-04-20 01:00 - 2014-08-05 06:27 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-19 23:01 - 2014-08-09 04:37 - 00000000 ___RD C:\Users\Chithira P R\Dropbox
2016-04-19 10:32 - 2014-08-05 02:30 - 00000000 ____D C:\users\Chithira P R
2016-04-19 10:20 - 2014-08-11 06:59 - 00000000 ____D C:\Users\Chithira P R\Documents\Origin User Files
2016-04-16 10:47 - 2014-08-05 09:32 - 00000000 ____D C:\Users\Chithira P R\AppData\Roaming\vlc
2016-04-15 02:48 - 2016-02-16 22:57 - 00309248 ___SH C:\Users\Chithira P R\Desktop\Thumbs.db
2016-04-15 02:48 - 2014-08-09 04:30 - 00000000 ____D C:\Users\Chithira P R\AppData\Roaming\Dropbox
2016-04-14 22:43 - 2014-09-18 17:38 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1565150037-3136838556-3098224691-1001Core.job
2016-04-14 04:15 - 2014-08-05 09:27 - 00000000 ____D C:\Users\Chithira P R\AppData\Local\CrashDumps
2016-04-14 01:49 - 2014-05-20 10:46 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2016-04-14 01:39 - 2014-08-05 06:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-13 23:51 - 2014-09-19 23:54 - 03279872 ___SH C:\Users\Chithira P R\Downloads\Thumbs.db
2016-04-12 09:08 - 2013-08-22 05:25 - 00262144 _____ C:\Windows\System32\config\BBI
2016-04-11 19:02 - 2014-08-05 06:30 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-11 19:02 - 2014-08-05 06:30 - 00002205 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2016-04-11 02:38 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-09 07:55 - 2015-06-30 01:44 - 00000912 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1565150037-3136838556-3098224691-1001Core.job
2016-04-07 07:08 - 2014-05-20 10:41 - 00000000 ____D C:\ProgramData\PCDr
2016-04-06 21:14 - 2014-08-05 02:31 - 00000000 ____D C:\Users\Chithira P R\AppData\Roaming\Atheros
2016-04-06 03:11 - 2013-08-22 07:36 - 00000000 ____D C:\Windows\LiveKernelReports
2016-04-05 02:29 - 2015-11-02 09:10 - 00000000 ____D C:\ProgramData\Oracle
2016-04-05 02:29 - 2015-11-02 09:10 - 00000000 ____D C:\Program Files (x86)\Java
2016-04-05 02:28 - 2015-11-02 09:11 - 00000000 ____D C:\Users\Chithira P R\.oracle_jre_usage
2016-04-05 02:27 - 2015-11-02 09:11 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-04-04 20:50 - 2015-09-23 21:20 - 00000000 ____D C:\Users\Chithira P R\Desktop\IIT samples ESR & TEM

Some files in TEMP:
====================
C:\Users\Chithira P R\AppData\Local\Temp\cdo30984957.dll
C:\Users\Chithira P R\AppData\Local\Temp\jre-8u77-windows-au.exe


==================== Known DLLs (Whitelisted) =========================


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe
[2015-04-25 04:57] - [2014-10-28 17:22] - 0572416 ____A (Microsoft Corporation) EC498BAE1F0D3E0E401C963F8D76C437

C:\Windows\System32\wininit.exe
[2015-04-24 21:55] - [2014-10-28 17:25] - 0145920 ____A (Microsoft Corporation) A570A64292214C43E0BA50E6A72A6380

C:\Windows\explorer.exe
[2015-03-11 02:02] - [2015-01-27 15:47] - 2501368 ____A (Microsoft Corporation) C10A66189DC8C090E7C84873EDCEBC88

C:\Windows\SysWOW64\explorer.exe
[2015-03-11 02:02] - [2015-01-27 15:41] - 2207488 ____A (Microsoft Corporation) 91E24273FCA076EA9E65DAFA98901225

C:\Windows\System32\svchost.exe
[2015-04-24 21:53] - [2014-10-28 20:11] - 0038792 ____A (Microsoft Corporation) E3A2AD05E24105B35E986CF9CB38EC47

C:\Windows\SysWOW64\svchost.exe
[2015-04-24 21:53] - [2014-10-28 19:17] - 0033088 ____A (Microsoft Corporation) D0ABC231C0B3E88C6B612B28ABBF734D

C:\Windows\System32\services.exe
[2015-05-12 21:02] - [2015-04-08 14:55] - 0410128 ____A (Microsoft Corporation) E0C7813A97CA7947FF5C18A8F3B61A45

C:\Windows\System32\User32.dll
[2015-04-25 05:05] - [2014-10-28 20:00] - 1540696 ____A (Microsoft Corporation) 25026E350BC3BE37631634EC72B10BD5

C:\Windows\SysWOW64\User32.dll
[2015-04-25 05:05] - [2014-10-28 17:04] - 1376256 ____A (Microsoft Corporation) 76C5CF09F53A3B089B5581B9938F8CAE

C:\Windows\System32\userinit.exe
[2015-04-24 21:50] - [2014-10-28 17:28] - 0026112 ____A (Microsoft Corporation) 5C131534A3EA4A461A793FB507A8004F

C:\Windows\SysWOW64\userinit.exe
[2015-04-24 21:51] - [2014-10-28 17:05] - 0022528 ____A (Microsoft Corporation) D10643FC0095434C819316CA6CD748C0

C:\Windows\System32\rpcss.dll
[2015-04-25 05:03] - [2014-10-28 17:19] - 0817664 ____A (Microsoft Corporation) A6F17C299A03BAFEFB9257C462A19E00

C:\Windows\System32\dnsapi.dll
[2015-04-25 05:02] - [2014-10-28 17:30] - 0657920 ____A (Microsoft Corporation) A5675939CF0F99B20B5A3CFCC3C1B46A

C:\Windows\SysWOW64\dnsapi.dll
[2015-04-25 05:00] - [2014-10-28 17:06] - 0498688 ____A (Microsoft Corporation) BD9C7A068C46053F8747CEA73B5930AB

C:\Windows\System32\Drivers\volsnap.sys IS MISSING <==== ATTENTION
C:\Windows\System32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION

==================== EXE Association (Whitelisted) =============


==================== Restore Points =========================

Restore point date: 2016-03-31 06:13
Restore point date: 2016-04-08 09:49
Restore point date: 2016-04-20 05:51
Restore point date: 2016-04-20 05:51

==================== Memory info =========================== 

Percentage of memory in use: 21%
Total physical RAM: 4000.18 MB
Available physical RAM: 3150.52 MB
Total Virtual: 4000.18 MB
Available Virtual: 3175.59 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:103.42 GB) (Free:48.56 GB) NTFS
Drive d: () (Removable) (Total:7.45 GB) (Free:7.45 GB) FAT32
Drive e: (New Volume) (Fixed) (Total:86.36 GB) (Free:62.98 GB) NTFS
Drive f: (New Volume) (Fixed) (Total:117.19 GB) (Free:73.2 GB) NTFS
Drive g: (New Volume) (Fixed) (Total:146.48 GB) (Free:132.32 GB) NTFS
Drive i: (PBR Image) (Fixed) (Total:10.92 GB) (Free:0.7 GB) NTFS
Drive j: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.3 GB) NTFS
Drive l: (DIAGS) (Fixed) (Total:0.04 GB) (Free:0.04 GB) FAT32
Drive m: (ESP) (Fixed) (Total:0.48 GB) (Free:0.46 GB) FAT32
Drive n: (WINRETOOLS) (Fixed) (Total:0.73 GB) (Free:0.3 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 29D6986C)

Partition: GPT.

========================================================
Disk: 1 (Size: 7.5 GB) (Disk ID: 00000000)

Partition: GPT.


LastRegBack: 2016-04-13 02:48

==================== End of FRST.txt ============================

FRST.txt

Link to post
Share on other sites

Hi,

search of  volsnap.sys is.............. search.txt is also attached. 

Farbar Recovery Scan Tool (x64) Version:28-11-2015
Ran by SYSTEM (2016-04-24 10:14:25)
Running from M:\
Boot Mode: Recovery

================== Search Files: "volsnap.sys" =============

C:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.17215_none_06c1ae9bcfd2737b\volsnap.sys
[2014-09-14 09:05][2014-06-18 18:13] 0310080 ____C (Microsoft Corporation) 64CA2B4A49A8EAF495E435623ECCE7DB

C:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.17041_none_069d39e3cfee67a4\volsnap.sys
[2014-08-18 07:56][2014-09-16 14:59] 0031490 ____A () 50C79EDB89463E12CA94E0840DFD0932

C:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.17031_none_06a809cfcfe64bb3\volsnap.sys
[2014-05-20 10:35][2014-09-06 19:46] 0033436 ____A () A24CC4ADEC9998D129FB7F5A1D1BA606

C:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.16384_none_0675178bd00c0141\volsnap.sys
[2013-08-22 03:40][2014-09-06 19:46] 0043661 ____A () 0BEEEDD2D3CD2A33EDD3C32B89881486

X:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.17031_none_06a809cfcfe64bb3\volsnap.sys
[2014-03-03 06:46][2014-03-03 06:46] 0311640 ____A (Microsoft Corporation) 3595FBDF25F8BA6256072D103937D7D6

X:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.16384_none_0675178bd00c0141\volsnap.sys
[2013-08-22 05:45][2013-08-22 05:45] 0312160 ____A (Microsoft Corporation) 9F9CE33B50611A1C61A46B8911E0B30B

X:\Windows\System32\DriverStore\FileRepository\volume.inf_amd64_ca725530fc64c561\volsnap.sys
[2014-03-03 06:46][2014-03-03 06:46] 0311640 ____A (Microsoft Corporation) 3595FBDF25F8BA6256072D103937D7D6

X:\Windows\System32\DriverStore\FileRepository\volume.inf_amd64_50d690313539fa92\volsnap.sys
[2013-08-22 05:45][2013-08-22 05:45] 0312160 ____A (Microsoft Corporation) 9F9CE33B50611A1C61A46B8911E0B30B

X:\Windows\System32\drivers\volsnap.sys
[2014-03-03 06:46][2014-03-03 06:46] 0311640 ____A (Microsoft Corporation) 3595FBDF25F8BA6256072D103937D7D6

====== End of Search ======

Search.txt

Link to post
Share on other sites

hi, 

here is fixlog but no improvement . 

Fix result of Farbar Recovery Scan Tool (x64) Version:28-11-2015
Ran by SYSTEM (2016-04-24 15:10:25) Run:2
Running from D:\
Boot Mode: Recovery
==============================================

fixlist content:
*****************
Start
Replace: C:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.17215_none_06c1ae9bcfd2737b\volsnap.sys C:\Windows\System32\Drivers\volsnap.sys
cmd: sfc /scannow
end


*****************

"C:\Windows\System32\Drivers\volsnap.sys" => not found
C:\Windows\WinSxS\amd64_volume.inf_31bf3856ad364e35_6.3.9600.17215_none_06c1ae9bcfd2737b\volsnap.sys copied successfully to C:\Windows\System32\Drivers\volsnap.sys

=========  sfc /scannow =========

   
 B e g i n n i n g   s y s t e m   s c a n .     T h i s   p r o c e s s   w i l l   t a k e   s o m e   t i m e .    
   
     
 T h e r e   i s   a   s y s t e m   r e p a i r   p e n d i n g   w h i c h   r e q u i r e s   r e b o o t   t o   c o m p l e t e .     R e s t a r t      
 W i n d o w s   a n d   r u n   s f c   a g a i n .    
 
========= End of CMD: =========


==== End of Fixlog 15:10:27 ====

Fixlog.txt

Link to post
Share on other sites

Hold down the "shift key" and boot your PC, windows will open to "Choose an Option" from that window select "TroubleShoot" from that window select "Command Prompt"

At the prompt type or copy paste sfc /scannow /offbootdir=C:\ /offwindir=C:\windows hit the enter key,

Let the scan complete then type [bexit[/b] hit the enter key..

Re-boot, any good?

 

Link to post
Share on other sites

but in  "Refresh" all data will go.. there is no other way ?

and another file is missing in FRST 

C:\Windows\System32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION 

....................................................................................................................................................

for this nothing can be done? 

Link to post
Share on other sites

Yes I notice that entry is missing, usually that file would be created again when the system re-boots normally, I do not believe the system would have a backup if we try a search. Maybe you can try a search and see what result comes back...

Your system has major registry damage, we`ve tried several fixes to no avail. Can you maybe create a Linux CD or similar and recover all important data before a refresh is done...

Try a search first:

Boot to System Recovery Options and run FRST as you did to get the log.

Type the following in the edit box after "Search:".

Bootcat.cache

Click Search button and post the log (Search.txt) it makes to your reply.

 

Link to post
Share on other sites

Hey kevin,

Thanks for your reply. then we should backup registry regularly. what is the best way to backup OS  registry

 here is the search result. ....

Farbar Recovery Scan Tool (x64) Version:28-11-2015
Ran by SYSTEM (2016-04-24 17:27:13)
Running from D:\
Boot Mode: Recovery

================== Search Files: "Bootcat.cache" =============

====== End of Search ======

Search.txt

Link to post
Share on other sites

The best way forward for backups is to create a "Custom Refresh" image. When refresh is normally used many entries such as apps, programs, data files, etc will be lost, to combat that a created custom image will work ok.... Instructions are at the following link:

http://www.eightforums.com/tutorials/3610-refresh-windows-8-create-use-custom-recovery-image.html

it is also beneficial to save that created image to somewhere diffrent to the drive that holds the operating system....

For normal registry backups I recommend the following:

Tweaking.com Registry Backup

  • Download Tweaking.com Registry Backup from here, and save tweaking.com_registry_backup_portable.zip to your desktop.
  • Now we need to create a new folder to extract the zipped contents into. Right click on the zipped folder you just downloaded and select "Extract All".
  • Click the "Browse" button and from the list, expand "Computer", then expand "Windows (C:)", and click the "Make New Folder" button.
  • Call this folder something you will remember...like "RegBackup" then click "Ok", and then click "Extract".
  • From the newly extracted files, right click on hPxdDvj.png and select Run as Administrator (XP users just double click) to start Tweaking.com Registry Backup.
    (Windows Vista/7/8/10 users: Accept UAC warning if it is enabled.)
  • A screen like this should appear:
    60piPeq.png
  • Type a custom name in Backup Name if you want, then choose Backup Now.
  • If backup is successful, a message will appear at the lower half of the screen with an option to view logs.
  • The registry backup will be created in %WindowsDrive%\RegBackup by default. You can customize the path in Settings.
  • Close Tweaking.com Registry Backup when done.

==================================================

Restore backup with Tweaking.com Registry Backup

  • Save your work and close all open windows before proceeding.
  • Please reopen hPxdDvj.png from its folder.
  • When the main window appears, choose Restore Registry at the top.
  • Click the white bar next to Select Backup to Restore and select the backup made earlier.
    mm6dEx7.png
  • Place a checkmark in Restart/Shutdown System When Finished, and choose Restart System.
  • Ensure that all files are checkmarked, then click Restore Now. When prompted to confirm, click Yes.
  • Tweaking.com Registry Backup will reboot the computer when it finished restoring the registry.

What are you doing next, are you going to run Refresh?

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.