Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Driverstore, WinSxS, and Chkdsk


  • Please log in to reply
13 replies to this topic

#1 Isaactoo

Isaactoo

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 29 June 2013 - 06:05 PM

To begin with, I turned on my laptop today (it was off, and I have hybrid-boot turned off as well), logged in, and walked away. Over 5 mins later I came back and it was still logging in with the "Welcome" and rotating icon. I waited a minute or two, then held down the power button until it turned off, and then started the computer back up. It started up fine and I logged in fine. I scheduled chkdsk to run with the \R parameter.

 

Chkdsk replaced bad clusters in two files, one is in the Driverstore folder and the other is in WinSxS folder. Since these are system files, I would like to replace them with good copies or perhaps verify with a SHA512 hash. However, the file in the WinSxS folder is no-where to be seen and I don't know where to look for a replacement for the file in the Driverstore folder.

 

From searching the internet, it seems like WinSxS is mainly a backup store for the Windows system, and I wonder if Windows was smart enough to trash the file that had the error and grab a new copy (and name it yet another ambigous name).

I'm not sure what exactly the Driverstore is. But I was wondering if there was some way of looking up what the file is associated with using the registry (what file does it replace).

 

Thanks for any help

 

Here is the chkdsk \R log:

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
  379648 file records processed.                                          File verification completed.
  4484 large file records processed.                                      0 bad file records processed.                                      
CHKDSK is verifying indexes (stage 2 of 5)...
  488886 index entries processed.                                         Index verification completed.
  0 unindexed files scanned.                                           0 unindexed files recovered.                                       
CHKDSK is verifying security descriptors (stage 3 of 5)...
Cleaning up 499 unused index entries from index $SII of file 0x9.
Cleaning up 499 unused index entries from index $SDH of file 0x9.
Cleaning up 499 unused security descriptors.
Security descriptor verification completed.
  54620 data files processed.                                            CHKDSK is verifying Usn Journal...
  37331320 USN bytes processed.                                             Usn Journal verification completed.

CHKDSK is verifying file data (stage 4 of 5)...
Windows replaced bad clusters in file 50225
of name \Windows\System32\DRIVER~1\FILERE~1\PRNCAC~4.INF\Amd64\CNBJ2530.DPB.
Windows replaced bad clusters in file 366731
of name \Windows\WinSxS\Backup\X8AE85~1.DLL.
  379632 files processed.                                                 File data verification completed.

CHKDSK is verifying free space (stage 5 of 5)...
  78624510 free clusters processed.                                         Free space verification is complete.
CHKDSK discovered free space marked as allocated in the volume bitmap.

Windows has made corrections to the file system.
No further action is required.

 420615167 KB total disk space.
 105456236 KB in 320382 files.
    160704 KB in 54621 indexes.
         0 KB in bad sectors.
    500183 KB in use by the system.
     65536 KB occupied by the log file.
 314498044 KB available on disk.

      4096 bytes in each allocation unit.
 105153791 total allocation units on disk.
  78624511 allocation units available on disk.

Internal Info:
00 cb 05 00 e7 b8 05 00 c1 1f 0a 00 00 00 00 00  ................
2b 0f 00 00 2b 00 00 00 00 00 00 00 00 00 00 00  +...+...........
00 00 66 14 aa 00 00 00 04 00 00 00 00 00 00 00  ..f.............

Windows has finished checking your disk.
Please wait while your computer restarts.

Here is also a CrystalDiskInfo report (I removed the identify device section):

----------------------------------------------------------------------------
CrystalDiskInfo 5.6.2 (C) 2008-2013 hiyohiyo
                                Crystal Dew World : http://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 8  [6.2 Build 9200] (x64)
  Date : 2013/06/29 18:01:53

-- Controller Map ----------------------------------------------------------
 + Intel(R) 7 Series Chipset Family SATA AHCI Controller [ATA]
   - ST500LM012 HN-M500MBB
   - HL-DT-ST DVDRAM GT50N
 - Microsoft Storage Spaces Controller [SCSI]

-- Disk List ---------------------------------------------------------------
 (1) ST500LM012 HN-M500MBB : 500.1 GB [0/0/0, pd1] - st

----------------------------------------------------------------------------
 (1) ST500LM012 HN-M500MBB
----------------------------------------------------------------------------
           Model : ST500LM012 HN-M500MBB
        Firmware : 2AR10002
   Serial Number : S2TVJ9HC800757
       Disk Size : 500.1 GB (8.4/137.4/500.1/500.1)
     Buffer Size : 8192 KB
     Queue Depth : 32
    # of Sectors : 976773168
   Rotation Rate : 5400 RPM
       Interface : Serial ATA
   Major Version : ATA8-ACS
   Minor Version : ATA8-ACS version 6
   Transfer Mode : SATA/300
  Power On Hours : 382 hours
  Power On Count : 143 count
     Temparature : 32 C (89 F)
   Health Status : Good
        Features : S.M.A.R.T., APM, AAM, 48bit LBA, NCQ
       APM Level : 0080h [OFF]
       AAM Level : FE80h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 100 100 _51 000000000000 Read Error Rate
02 252 252 __0 000000000000 Throughput Performance
03 _91 _91 _25 000000000B31 Spin-Up Time
04 100 100 __0 00000000007D Start/Stop Count
05 252 252 _10 000000000000 Reallocated Sectors Count
07 252 252 _51 000000000000 Seek Error Rate
08 252 252 _15 000000000000 Seek Time Performance
09 100 100 __0 00000000017E Power-On Hours
0A 252 252 _51 000000000000 Spin Retry Count
0B 100 100 __0 000000000003 Recalibration Retries
0C 100 100 __0 00000000008F Power Cycle Count
BF 100 100 __0 000000000003 G-Sense Error Rate
C0 252 252 __0 000000000000 Power-off Retract Count
C2 _64 _48 __0 003400160020 Temperature
C3 100 100 __0 000000000000 Hardware ECC recovered
C4 252 252 __0 000000000000 Reallocation Event Count
C5 252 252 __0 000000000000 Current Pending Sector Count
C6 252 252 __0 000000000000 Uncorrectable Sector Count
C7 200 200 __0 000000000000 UltraDMA CRC Error Count
C8 100 100 __0 000000000000 Write Error Rate
DF 100 100 __0 000000000003 Load/Unload Retry Count
E1 _99 _99 __0 0000000036D9 Load/Unload Cycle Count
FE 252 252 __0 000000000000 Free Fall Protection

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 64 64 00 00 00 00 00 00 00 02 26
010: 00 FC FC 00 00 00 00 00 00 00 03 23 00 5B 5B 31
020: 0B 00 00 00 00 00 04 32 00 64 64 7D 00 00 00 00
030: 00 00 05 33 00 FC FC 00 00 00 00 00 00 00 07 2E
040: 00 FC FC 00 00 00 00 00 00 00 08 24 00 FC FC 00
050: 00 00 00 00 00 00 09 32 00 64 64 7E 01 00 00 00
060: 00 00 0A 32 00 FC FC 00 00 00 00 00 00 00 0B 32
070: 00 64 64 03 00 00 00 00 00 00 0C 32 00 64 64 8F
080: 00 00 00 00 00 00 BF 22 00 64 64 03 00 00 00 00
090: 00 00 C0 22 00 FC FC 00 00 00 00 00 00 00 C2 02
0A0: 00 40 30 20 00 16 00 34 00 00 C3 3A 00 64 64 00
0B0: 00 00 00 00 00 00 C4 32 00 FC FC 00 00 00 00 00
0C0: 00 00 C5 32 00 FC FC 00 00 00 00 00 00 00 C6 30
0D0: 00 FC FC 00 00 00 00 00 00 00 C7 36 00 C8 C8 00
0E0: 00 00 00 00 00 00 C8 2A 00 64 64 00 00 00 00 00
0F0: 00 00 DF 32 00 64 64 03 00 00 00 00 00 00 E1 32
100: 00 63 63 D9 36 00 00 00 00 00 FE 32 00 FC FC 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 C8 19 00 5B
170: 03 00 01 00 02 6E 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DA

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 00 00 00 00 00 00 00 00 00 00 02 00
010: 00 00 00 00 00 00 00 00 00 00 03 19 00 00 00 00
020: 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00
030: 00 00 05 0A 00 00 00 00 00 00 00 00 00 00 07 33
040: 00 00 00 00 00 00 00 00 00 00 08 0F 00 00 00 00
050: 00 00 00 00 00 00 09 00 00 00 00 00 00 00 00 00
060: 00 00 0A 33 00 00 00 00 00 00 00 00 00 00 0B 00
070: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
080: 00 00 00 00 00 00 BF 00 00 00 00 00 00 00 00 00
090: 00 00 C0 00 00 00 00 00 00 00 00 00 00 00 C2 00
0A0: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
0B0: 00 00 00 00 00 00 C4 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 C8 00 00 00 00 00 00 00 00 00
0F0: 00 00 DF 00 00 00 00 00 00 00 00 00 00 00 E1 00
100: 00 00 00 00 00 00 00 00 00 00 FE 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3D

Edit1: Corrected spelling mistake.


Edited by Isaactoo, 29 June 2013 - 06:11 PM.


BC AdBot (Login to Remove)

 


#2 slgrieb

slgrieb

  • Members
  • 270 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas Panhandle
  • Local time:10:20 AM

Posted 29 June 2013 - 09:48 PM

To cut to the chase, you almost certainly have a hard drive that's failing. Run your HDD manufacturer's diagnostics to confirm, but I've been there and done that many, many times. No worries. After you replace the drive you can just restore your latest backup, and all's good.


Yes, Mr. Death... I'll play you a game! But not CHESS !!! BAH... FOOEY! My game is... 
WIFFLEBALL!

 


#3 Isaactoo

Isaactoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 29 June 2013 - 10:13 PM

First off, CrystalDiskInfo says my drive is "Good" which I know doesn't mean everything...but I'm hoping that perhaps I bumped my laptop and one of the Hard-Drive's heads damaged only a little data.

Second, I tried SeaTools for Windows, and Windows pops up a message saying "this program has compatibility issues."

Should I try the SeaTools for DOS? It is a bootable ISO (I'm guessing I'll have to switch off UEFI). I've actually used it before on an XP machine, but thought I'd get a second opinion since I'm here and Windows 8 has some quirks different than other Windows versions.

Thanks :)


Edited by Isaactoo, 29 June 2013 - 10:14 PM.


#4 slgrieb

slgrieb

  • Members
  • 270 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas Panhandle
  • Local time:10:20 AM

Posted 29 June 2013 - 10:37 PM

SeaTools for DOS should run fine, and you really can't  disable UEFI, since it's a replacement for BIOS based systems. SecureBoot won't prevent booting a diagnostic disk. If your system is under warranty, don't be shy about contacting the manufacturer's support line. All OEMs, even small system builder like me, are obligated to provide support for your system. If you have a computer in warranty, use the free support from the manufacturer.


Yes, Mr. Death... I'll play you a game! But not CHESS !!! BAH... FOOEY! My game is... 
WIFFLEBALL!

 


#5 Anshad Edavana

Anshad Edavana

  • Members
  • 2,805 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:50 PM

Posted 30 June 2013 - 12:47 AM

 

SecureBoot won't prevent booting a diagnostic disk

 

 

Secureboot will prevent booting from a non signed boot-loader like Freedos used in  Saetool for DOS. If it allow booting non signed boot loaders, what security it provides ?

 

Yes, turning off Secureboot and enable CSM mode is necessary to boot from Seatool CD.



#6 Isaactoo

Isaactoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 01 July 2013 - 01:43 PM

Well, I tried booting the Seatools for DOS with UEFI with Secureboot both disabled and enabled - both times telling me something like "No Operating System Found."

 

I also tried booting it with Secureboot disabled using Legacy Boot instead, which allowed Seatools to boot, but it could not find any hard-drives.

 

So, right now I'm thinking I'll just try to keep backing up my important files and use CrystalDiskInfo, Chkdsk, and maybe a CRC tool like Rapid CRC Unicode to monitor my hard-drive.

 

It would really be nice though if some-one could give some info about the Driverstore...or even better, how to find out what this file is associated with so I could replace it with what I know is a good copy - "C:\Windows\System32\DriverStore\FileRepository\prncacla.inf_amd64_b353adcdce8a187f\Amd64\CNBJ2530.DPB"

 

Thanks for the help


Edited by Isaactoo, 01 July 2013 - 01:44 PM.


#7 Anshad Edavana

Anshad Edavana

  • Members
  • 2,805 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:50 PM

Posted 01 July 2013 - 11:15 PM

Hi

 

DOS based programs may have difficulty in accessing HDD drives configured in AHCI mode. Check in your BIOS for an option to change SATA mode to IDE from AHCI. Then Seatool will be able to see your hard drive.

 

Another way to test the HDD is to run the OEM diagnostics built in the laptop firmware. HP and DELL provides this option and it is a handy feature to test RAM and HDD. If your laptop is either HP or DELL, please post the exact model number and i will post the instructions to run OEM diagnostics.

 

To your question about driverstore :  Starting with Windows Vista, the driver store is a trusted collection of inbox and third-party driver packages. The operating system maintains this collection in a secure location on the local hard disk. Only the driver packages in the driver store can be installed for a device.

 

When you add a new hardware, Windows will first search in this folder for compatible drivers and automatically install if one available.

 

http://www.msigeek.com/322/driver-store-in-windows-7-and-vista



#8 Isaactoo

Isaactoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 03 July 2013 - 04:55 PM

I couldn't find those settings in my Laptop's BIOS (unless it would be under the secure boot settings, it seemed like I had to erase the settings before it would let me view them, so I didn't mess with those)...there aren't very many settings compared to the desktop PC's I've used.

I ran the VAIO Hardware Diagnostics on the Hard Drive and it passed the test(s). I also ran chkdsk again and it found no errors (other than cleaning up security descriptors).

 

I went up one folder from where the file in the driverstore was and saw the inf file, and apparently the whole folder is for Canon Inkjet Printer Driver for Microsoft Windows. Then I tried using these instructions http://technet.microsoft.com/en-us/library/cc730875.aspx and the closest thing I can find to it is the "printers" driver, but it is by Microsoft. I tried removing it with the normal removal command with -d, but it said it was in use.

The more I think about it, I don't think the Cannon driver is in the list I get with the -e parameter. I know all the folders in the driverstore FileRepository aren't listed when I use the command...there are 678 folders, but the pnputil.exe -e command only brings up only 32 entries...so I'm thinking the driver is probably not in use at all, and is just waiting there in case I want to install it. I'm thinking I'll probably just zip up the folder for backup and then delete the whole directory. Does this sound safe to you guys too?


Edited by Isaactoo, 03 July 2013 - 04:59 PM.


#9 Anshad Edavana

Anshad Edavana

  • Members
  • 2,805 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:50 PM

Posted 03 July 2013 - 11:31 PM

Hi

 

Please don't modify or delete the driver store folder. Windows won't actively use any drivers in that folder. It is just a store to backup signed drivers. Just leave it alone and you will be fine.



#10 Isaactoo

Isaactoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 03 July 2013 - 11:58 PM

I don't mean to remove the DriverStore folder, I want to remove a folder C:\Windows\System32\DriverStore\FileRepository\prncacla.inf_amd64_b353adcdce8a187f\

 

I feel I should remove it somehow. There is a fair chance it is now corrupt. (chkdsk tried its best to fix it, but I'd rather not leave it to chance). If Windows were to use it, I might start using a corrupt driver...and with the privaleges a driver has, it could especially do nasty things to the system.

 

Do you know any way to remove it more officially?

 

Will it do any harm to delete the folder?

 

Thank you



#11 Anshad Edavana

Anshad Edavana

  • Members
  • 2,805 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:50 PM

Posted 04 July 2013 - 01:39 AM

Hi

 

Manually removing it is not recommended. There is an easy way to remove the corrupted driver without breaking the Windows.

 

Please download and install the driverstore explorer from the below link.

 

http://driverstoreexplorer.codeplex.com/downloads/get/595557

 

 

Run the tool and you will find a window similar to this.

 

driverstore-explorer.png 

 

 

 

Select the offending driver from the list and click Delete package

 

Home page of the tool : http://driverstoreexplorer.codeplex.com/



#12 Isaactoo

Isaactoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 08 July 2013 - 07:46 PM

Thanks, but when I ran it, it only showed the same number of entries as the pnputil.exe -e command shows...I'm thinking the program is a nice GUI front-end for the pnputil program.

I noticed that it was only tested in Windows 7 (not Windows 8) and is no longer being maintained, so I ran it sandboxed in sandboxie with no administrator rights so I wouldn't run any risks there.

I'm thinking I'll probably search the registry for the folder name I want to remove ("prncacla.inf_amd64_b353adcdce8a187f" without the quotes) and maybe use a grep utility to search all the .ini files on my system for that name...and if nothing seems to be using it, back it up, and delete the folder.

 

Are there any other places on the system I should search? Or any other utilities out there for manipulating the DriverStore?


Edited by Isaactoo, 08 July 2013 - 07:47 PM.


#13 Anshad Edavana

Anshad Edavana

  • Members
  • 2,805 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:09:50 PM

Posted 08 July 2013 - 11:05 PM

Hi

 

If that entry is not shown in the driverstore driver's list, you don't have to worry as it is never going to be used in the system. In my understanding, Windows removed that driver from the list when it got corrupted. You don't have to fix something that is not broken.



#14 Isaactoo

Isaactoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 13 July 2013 - 02:55 PM

There are now 689 folders in my "C:\Windows\System32\DriverStore\FileRepository" folder, and each one seems to have an .ini file in it...many of the ones I looked into say what driver it installs. Running pnputil.exe -e in the command prompt only shows 36 drivers.

 

I'm pretty sure the DriverStore holds driver installation packages of drivers the user has never installed as well as drivers the user has installed (hence why there seem to be 689 driver packages in my driverstore, and only 36 of them installed). Therefore there is good reason to remove the driver installation package folder that had the corrupt file.

 

Also, if Windows did remove the driver in the list because it was broken, why wouldn't it remove the entire package from the driverstore? (Or at least the file in it that was corrupt)...then again...Microsoft does seem to have Windows do unexpected things sometimes...

 

As I understand it, the DriverStore is not the place Windows stores driver files being used by the system...it just stores install packages used for installing drivers so that the system can install/re-install (and I think even roll-back) drivers without having to download them from the internet.

 

Anyways, I searched my registry with RegEdit for prncacla.inf_amd64_b353adcdce8a187f and it only found it under a couple of "TypedPaths" because I went there with Windows Explorer. I used grepWin to search all the *.ini|*.inf|*.pnf|*.cat|*.txt files on my Laptop for the folder as well and nothing seems to be referencing it...so unless there is somewhere else I should look, I'm thinking I'll back it up, and delete it.


Edited by Isaactoo, 13 July 2013 - 03:19 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users