[SOLVED] SFCFix reporting files not fixed automatically

[Jim Wells]

Hi,

New member here ... please be gentle!

I’m hoping you’ll be able to help with some problems revealed by sfc / SFCFix.

Background
I’m trying to sort out a laptop for a family member. Its main symptom is constant hard disk churn. I’m told it does eventually (hours after start up) stop, and the laptop become usable but I’ve never got that far – there is clearly something wrong. It is a relatively new laptop running Windows 8.1, and the hard disk is nowhere near full.

Some research elsewhere led me to run sfc /scannow. This reported some corruptions. Googling one of the filenames bought me to this forum, and this thread specially: https://www.sysnative.com/forums/wi...prncacla-inf-corruptions-windows-8-8-1-a.html

I ran SFCFix, which fixed one problem and found 9 others that it could not fix.

I do not know that these corrupt files are the cause of the hard disk churn, but they certainly aren't healthy.

I think (but I not sure) that the corrupt files might be connected to a Windows update. If I remember rightly the Windows update Diagnostic utility has reported a failed Windows update, which I have not been able to correct. I am wondering whether these might be connected.

The contents of SCFFix.txt is pasted below. I am having some problems attaching the Zip of the CBS folder, so will try the large file uploader next.


Any assistance you can offer would be much appreciated.

Thanks

Jim



SFCFix version 2.4.5.0 by niemiro.
Start time: 2015-11-11 21:16:29.885
Microsoft Windows 8.1 Update 3 - amd64
Not using a script file.








AutoAnalysis::
FIXED: Performed DISM repair on file Amd64\CNBJ2530.DPB of version 6.3.9600.17415.


CORRUPT: C:\windows\winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\setupcompat.dll
CORRUPT: C:\windows\winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\DVDPlaybackCompat.dll
CORRUPT: C:\windows\winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat64.txt
CORRUPT: C:\windows\winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat32.txt
CORRUPT: C:\windows\winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\SBCompatPlugin.dll
CORRUPT: C:\windows\winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\TouchCompat.dll
CORRUPT: C:\windows\winsxs\amd64_microsoft-windows-font-truetype-batang_31bf3856ad364e35_6.3.9600.16384_none_a8a7ec243a41e55e\batang.ttc
CORRUPT: C:\windows\winsxs\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.3.9600.17415_none_fc74be0622d72c91\wmploc.DLL
CORRUPT: C:\windows\winsxs\wow64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.3.9600.17415_none_06c968585737ee8c\wmploc.DLL




SUMMARY: Some corruptions could not be fixed automatically. Seek advice from helper or sysnative.com.
CBS & SFC total detected corruption count: 9
CBS & SFC total unimportant corruption count: 0
CBS & SFC total fixed corruption count: 1
SURT total detected corruption count: 0
SURT total unimportant corruption count: 0
SURT total fixed corruption count: 0
AutoAnalysis:: directive completed successfully.








Successfully processed all directives.
SFCFix version 2.4.5.0 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2015-11-11 21:38:51.987
----------------------EOF-----------------------

 

[LogBot]

Logfile submission from Jim Wells

Logfile submission from Jim Wells.

The logfiles are available at: https://www.sysnative.com/niemiro/fileDistribution/2015-11/6761.zip

 

[Jim Wells]

A couple of things I need to add ...

I have been using the laptop in safe mode, to be able to use it at all.

This thread was started from another PC, using files copied from the problem laptop. When I couldn't upload the CBS directory Zip file using the attachments function and needed to do it using the large file uploader, I had to turn the problem laptop on ... and it would not start from the harddisk. I had to boot it from a bootable flash drive. Could I have done damage by running SFCFiX (as described in the linked thread) yesterday? I've not had issues starting the laptop from the HD, the only thing that has changed (as far as I can tell) is that yesterday I ran sfc /scannow and SFCFix.

Jim

 

[BrianDrab]

Hi Jim -

Your issues sound to be much more than Windows Update issues. Anything is possible but it's not likely that running SFCFix caused more damage. At this point I assume you are unable to boot the laptop normally or through Safe Mode correct? Is your bootable USB flash drive a Windows 8 image? Just trying to get the state of things before we decide next steps.

 

[Jim Wells]

Hi Brian,

Thank you for your reply.

At this point I assume you are unable to boot the laptop normally or through Safe Mode correct?

This is correct. I've not started the laptop in "normal" (ie. other than in safe mode) for a while. I've set it to start in safe mode in MSConfig, so every start up is in safe mode at the moment. I cannot start it from the hard disk.

Is your bootable USB flash drive a Windows 8 image? Just trying to get the state of things before we decide next steps.

Yes, it is Windows 8.1, created via control panel on my PC, which is also running Windows 8.1


Once I have the laptop started, I can access the hard disk - suggesting that whatever has gone wrong, it is not total HD failure.

It may be relevant to note that the laptop's owner tried to restore back to a point before the problems occurred, but this failed: "System restore did not complete successfully. Your computer's system files and settings were not changed." I tried the previous restore point, and that failed too.


Any advice you can offer would be very welcome!

Thanks

Jim

 

[BrianDrab]

Thanks for the info. Do you know how to boot the computer into the Advanced Options and get to the Command Prompt? Please do this and follow the instructions below.

Step#1 - FRST Scan
1. Please download Farbar Recovery Scan Tool and save it to a USB flash drive using a working machine.
Note: You need to run the 64-bit version
2. Plug in the USB drive into your sick computer.
3. In the command window type the word notepad and press Enter.
4. Notepad opens. Under the File menu select Open.
5. Select "Computer" and find out what your USB drive letter is and then close notepad.
6. In the command window type e:\frst64 and press Enter
Note: Replace letter e with the drive letter of your USB drive that you identified in step#5.
7. The tool will start to run.
8. When the tool opens click Yes to disclaimer.
9. Press Scan button.
10. It will make a log (FRST.txt) on the USB drive. Please plug in the USB drive into your working computer and copy and paste the contents of it into your reply.

Items for your next post
1. Contents of the FRST log.

 

[Jim Wells]

Hi Brian,

I've done as advised. The contents of FRST.txt is below.

Jim



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
Ran by Jacqui (administrator) on FREDERIKA (15-11-2015 08:59:32)
Running from F:\Jacqui laptop issues nov 2015
Loaded Profiles: Jacqui (Available Profiles: Jacqui)
Platform: Windows 8.1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum


==================== Processes (Whitelisted) =================


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(Microsoft Corporation) C:\Windows\HelpPane.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files\mcafee\virusscan\McVsShld.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe




==================== Registry (Whitelisted) ===========================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6842000 2012-09-25] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1230992 2012-09-28] (Realtek Semiconductor)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [5757328 2012-10-19] (Dell Inc.)
HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM\...\Run: [DellWPF] => C:\Program Files\Synaptics\SynTP\DellTouchpad.exe [5023984 2013-11-22] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [143888 2012-06-02] (CyberLink Corp.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [518496 2015-06-24] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231776 2015-06-24] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [641504 2015-08-21] (McAfee, Inc.)
Startup: C:\Users\Jacqui\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-01-04]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)


==================== Internet (Whitelisted) ====================


(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


Tcpip\Parameters: [DhcpNameServer] 62.24.139.8 78.151.235.132
Tcpip\..\Interfaces\{0D1FE901-20B9-4390-9DD5-749E1975A772}: [DhcpNameServer] 62.24.139.8 78.151.235.132
Tcpip\..\Interfaces\{3AA3674C-AD30-41F0-9663-FE4C664301B3}: [DhcpNameServer] 62.24.139.8 78.151.235.132


Internet Explorer:
==================
HKU\S-1-5-21-3078863444-2335533330-1158759817-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bbc.co.uk/
HKU\S-1-5-21-3078863444-2335533330-1158759817-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com
SearchScopes: HKU\S-1-5-21-3078863444-2335533330-1158759817-1001 -> DefaultScope {955D4115-8EC4-45DE-AEB4-0AD8C1A72FD3} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=C011GB105D20150215&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3078863444-2335533330-1158759817-1001 -> {955D4115-8EC4-45DE-AEB4-0AD8C1A72FD3} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=C011GB105D20150215&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-22] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-22] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-22] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-22] (McAfee, Inc.)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2015-08-21] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2015-08-21] (McAfee, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2015-06-24] (Citrix Systems, Inc.)


FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2015-06-24] (Citrix Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2015-08-21] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-07-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-08-13] [not signed]


Chrome:
=======
CHR DefaultSearchURL: Default -> hxxps://uk.search.yahoo.com/search?fr=mcafee&type=C211GB105D20150215&p={searchTerms}
CHR DefaultSearchKeyword: Default -> mcafee
CHR Profile: C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-08]
CHR Extension: (Google Docs) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-08]
CHR Extension: (Google Drive) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (Rapport) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2015-07-04]
CHR Extension: (YouTube) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Google Sheets) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-08]
CHR Extension: (SiteAdvisor) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-04]
CHR Extension: (Google Docs Offline) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-23]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Gmail) - C:\Users\Jacqui\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-10-04]
CHR HKU\S-1-5-21-3078863444-2335533330-1158759817-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2015-10-04]


==================== Services (Whitelisted) ========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


S2 CCALib8; C:\Program Files (x86)\Canon\CAL\CALMAIN.exe [96341 2005-09-30] (Canon Inc.) [File not signed]
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2552528 2015-01-30] (Dell Inc.)
S2 DellUpdate; C:\Program Files (x86)\Dell Update\DellUpService.exe [237272 2015-08-27] (Dell Inc.)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [157928 2015-09-22] (McAfee, Inc.)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [782608 2015-08-21] (McAfee, Inc.)
S3 McAWFwk; C:\Program Files\mcafee\msc\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
S2 mcbootdelaystartsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S4 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.3.374.0\McCSPServiceHost.exe [422632 2015-01-22] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [639456 2015-07-17] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232656 2015-06-29] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [373704 2015-07-06] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [254792 2015-06-29] (McAfee, Inc.)
S2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [368048 2015-07-21] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2255128 2015-09-16] (IBM Corp.)
S2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-25] ()
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-08-31] (Realtek Semiconductor)
S2 SftService; C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [1914728 2012-11-26] (SoftThinks SAS)
S2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [20648 2015-06-11] (Dell Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)
S2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; "C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe" [X]


===================== Drivers (Whitelisted) ==========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [77536 2015-07-02] (McAfee, Inc.)
S1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
S3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2012-08-05] (OSR Open Systems Resources, Inc.)
R0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207208 2015-05-19] (McAfee, Inc.)
S3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [412440 2015-07-02] (McAfee, Inc.)
S3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [347800 2015-07-02] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80920 2015-07-02] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [496888 2015-07-02] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [875928 2015-07-02] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [529080 2015-06-28] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109728 2015-06-28] (McAfee, Inc.)
S3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [37960 2015-09-22] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [344704 2015-07-02] (McAfee, Inc.)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
S1 RapportCerberus_1507072; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507072.sys [959416 2015-09-21] (IBM Corp.)
S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [500184 2015-09-16] (IBM Corp.)
S0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [139896 2015-09-16] (IBM Corp.)
S0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [394584 2015-09-16] (IBM Corp.)
S1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [489240 2015-09-16] (IBM Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-21] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-11-22] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 btmhsf; \SystemRoot\system32\DRIVERS\btmhsf.sys [X]


==================== NetSvcs (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)




==================== One Month Created files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2015-11-15 08:59 - 2015-11-15 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2015-11-15 08:59 - 2015-11-15 08:59 - 00000000 ____D C:\FRST
2015-11-15 02:09 - 2015-11-15 02:09 - 00000000 _____ C:\Recovery.txt
2015-11-12 20:22 - 2015-11-12 20:22 - 00000014 _____ C:\Users\Jacqui\Downloads\SFCFixScript.txt
2015-11-12 20:22 - 2015-11-12 20:22 - 00000014 _____ C:\Users\Jacqui\Desktop\SFCFixScript.txt
2015-11-12 20:20 - 2015-11-12 20:23 - 01319424 _____ (niemiro) C:\Users\Jacqui\Desktop\SFCFix.exe
2015-11-12 19:29 - 2015-11-12 19:30 - 14722867 _____ C:\Users\Jacqui\Desktop\CBS.zip
2015-11-12 19:29 - 2015-11-12 19:29 - 00000000 ____D C:\Users\Jacqui\Desktop\CBS
2015-11-11 21:38 - 2015-11-12 20:27 - 00000912 _____ C:\Users\Jacqui\Desktop\SFCFix.txt
2015-11-11 21:38 - 2015-11-11 21:38 - 00000000 ____D C:\SFCFix
2015-11-11 20:39 - 2015-11-11 20:39 - 00089117 _____ C:\Users\Jacqui\Desktop\sfcdetails.txt
2015-10-25 20:45 - 2015-10-25 20:48 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-10-25 20:44 - 2015-10-25 20:44 - 00001120 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-10-25 20:44 - 2015-10-25 20:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-25 20:44 - 2015-10-25 20:44 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-25 20:44 - 2015-10-25 20:44 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-10-25 20:44 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamchameleon.sys
2015-10-25 20:44 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2015-10-25 20:44 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2015-10-25 20:40 - 2015-10-25 20:42 - 22908888 _____ (Malwarebytes ) C:\Users\Jacqui\Downloads\mbam-setup-2.2.0.1024.exe
2015-10-25 14:26 - 2015-10-25 18:11 - 00007608 _____ C:\Users\Jacqui\AppData\Local\resmon.resmoncfg
2015-10-25 14:17 - 2015-10-25 14:17 - 00000000 ____D C:\windows\pss
2015-10-21 06:33 - 2015-10-21 06:33 - 00000000 __SHD C:\found.000
2015-10-20 22:29 - 2015-10-20 22:29 - 00010040 ____N C:\bootsqm.dat
2015-10-20 20:01 - 2015-10-20 20:01 - 00000505 _____ C:\Users\Jacqui\Desktop\Devices and Printers - Shortcut.lnk


==================== One Month Modified files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2015-11-15 08:58 - 2014-03-18 10:03 - 00865472 _____ C:\windows\system32\PerfStringBackup.INI
2015-11-11 21:36 - 2014-08-25 21:58 - 01413617 _____ C:\windows\WindowsUpdate.log
2015-11-11 21:36 - 2012-07-26 07:59 - 00000000 ____D C:\windows\CbsTemp
2015-11-10 19:34 - 2013-08-22 13:25 - 00262144 ___SH C:\windows\system32\config\BBI
2015-11-10 17:44 - 2013-08-22 13:25 - 00262144 ___SH C:\windows\system32\config\ELAM
2015-10-26 20:18 - 2014-03-18 09:54 - 00191578 _____ C:\windows\PFRO.log
2015-10-25 18:38 - 2014-12-23 18:38 - 00000922 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-25 18:21 - 2013-08-22 15:36 - 00000000 ____D C:\windows\system32\sru
2015-10-25 18:21 - 2013-05-05 20:02 - 00003598 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3078863444-2335533330-1158759817-1001
2015-10-25 18:17 - 2014-12-23 18:38 - 00000926 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-25 18:06 - 2013-01-04 16:04 - 00000000 ____D C:\Program Files (x86)\Dell Backup and Recovery
2015-10-25 17:18 - 2013-08-22 14:46 - 00310233 _____ C:\windows\setupact.log
2015-10-25 17:18 - 2013-08-22 14:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2015-10-17 13:43 - 2014-08-25 21:42 - 00000000 ____D C:\Users\Jacqui


==================== Files in the root of some directories =======


2015-02-12 09:16 - 2015-03-31 18:30 - 0000093 _____ () C:\Users\Jacqui\AppData\Roaming\ARCompanion.log
2015-10-25 14:26 - 2015-10-25 18:11 - 0007608 _____ () C:\Users\Jacqui\AppData\Local\resmon.resmoncfg
2013-01-04 16:00 - 2013-01-04 16:01 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-01-04 15:56 - 2013-01-04 15:57 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-01-04 15:57 - 2013-01-04 15:59 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-01-04 15:56 - 2013-01-04 15:56 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-01-04 15:59 - 2013-01-04 16:00 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log


Some files in TEMP:
====================
C:\Users\Jacqui\AppData\Local\Temp\ARCompanionForSession1.exe
C:\Users\Jacqui\AppData\Local\Temp\ARCompanionForSession10.exe
C:\Users\Jacqui\AppData\Local\Temp\ARCompanionForSession8.exe




==================== Bamital & volsnap =================


(There is no automatic fix for files that do not pass verification.)


C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed




safeboot: Networkbootmenupolicy Standard
detecthal Yes
=> The system is configured to boot to Safe Mode <===== ATTENTION




LastRegBack: 2015-10-15 22:31


==================== End of FRST.txt ============================

 

[BrianDrab]

Thanks. Please do the following.

Step#1 - ChkDsk Scan
1. Right-click your Start button and select Command Prompt (Admin). Answer Yes to allow if the User Account Control dialog comes up.
2. You should now have a black window open that you can type in to.
3. Please type chkdsk and then press enter.
4. Chkdsk will start to run. Please allow it to finish. You will know it is running when you see text as follows.

5. Download ListChkdskResult.exe by SleepyDude and save it on your desktop. If it's already downloaded to your desktop, just skip this step.
6. Right-click this file and select Run as administrator (Allow if prompted)and a text file will open (and also be saved on the desktop as ListChkdskResult.txt).
Please copy the contents of this file and paste into your next post.

 

[Jim Wells]

Thanks, Brian.

The contents of the text file are below.

Jim


ListChkdskResult by SleepyDude v0.1.7 Beta | 21-09-2013


------< Log generate on 15/11/2015 15:55:05 >------
Category: 0
Computer Name: Frederika
Event Code: 26213
Record Number: 51102
Source Name: Chkdsk
Time Written: 11-15-2015 @ 15:46:38
Event Type: Information
User:
Message: Chkdsk was executed in read-only mode. A volume snapshot was not used. Extra errors and warnings may be reported as the volume may have changed during the chkdsk run.


Checking file system on C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.


WARNING! F parameter not specified.
Running CHKDSK in read-only mode.


Stage 1: Examining basic file system structure ...


366080 file records processed.


File verification completed.


6077 large file records processed.




0 bad file records processed.




Stage 2: Examining file name linkage ...


455616 index entries processed.


Index verification completed.


0 unindexed files scanned.




0 unindexed files recovered.




Stage 3: Examining security descriptors ...
Security descriptor verification completed.


44769 data files processed.


CHKDSK is verifying Usn Journal...


37231048 USN bytes processed.


Usn Journal verification completed.
The Volume Bitmap is incorrect.
Windows has checked the file system and found problems.
Please run chkdsk /scan to find the problems and queue them for repair.


961790975 KB total disk space.
73949004 KB in 312571 files.
185668 KB in 44770 indexes.
128 KB in bad sectors.
500687 KB in use by the system.
65536 KB occupied by the log file.
887155488 KB available on disk.


4096 bytes in each allocation unit.
240447743 total allocation units on disk.
221788872 allocation units available on disk.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 1001
Record Number: 50885
Source Name: Microsoft-Windows-Wininit
Time Written: 11-03-2015 @ 03:19:51
Event Type: Information
User:
Message:


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.


A disk check has been scheduled.
Windows will now check the disk.


Stage 1: Examining basic file system structure ...
366080 file records processed.


File verification completed.
6077 large file records processed.


0 bad file records processed.




Stage 2: Examining file name linkage ...
455594 index entries processed.


Index verification completed.
0 unindexed files scanned.


0 unindexed files recovered.




Stage 3: Examining security descriptors ...
Cleaning up 17 unused index entries from index $SII of file 0x9.
Cleaning up 17 unused index entries from index $SDH of file 0x9.
Cleaning up 17 unused security descriptors.
Security descriptor verification completed.
44758 data files processed.


CHKDSK is verifying Usn Journal...
1181448 USN bytes processed.


Usn Journal verification completed.


Stage 4: Looking for bad clusters in user file data ...
Read failure with status 0xc000009c at offset 0xb6222000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb6230000 for 0x1000 bytes.
Windows replaced bad clusters in file 260649
of name \Windows\System32\wmploc.DLL.
366064 files processed.


File data verification completed.


Stage 5: Looking for bad, free clusters ...
220644994 free clusters processed.


Free space verification is complete.
Read failure with status 0xc000009c at offset 0xb6e6b000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb6e6e000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb6e6f000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb6e7b000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb6fbc000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb6fbe000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb720f000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb721a000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb747b000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb7483000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb7484000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb7484000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb7485000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb7485000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb75b6000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb75b8000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb75c9000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb75cc000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb821d000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb821d000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb797d000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb822e000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb822e000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb871f000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb8722000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb8ab3000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb8ab4000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb8ac5000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb8ac8000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb90b9000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb90c8000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb9489000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb9492000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb9493000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb9494000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb9715000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb971b000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb94a5000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb94ac000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb996c000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb9979000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb9d1a000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb9d1a000 for 0x1000 bytes.
Replacing bad clusters in logfile.
Adding 22 bad clusters to the Bad Clusters File.
Correcting errors in the Volume Bitmap.


Windows has made corrections to the file system.
No further action is required.


961790975 KB total disk space.
78556664 KB in 312635 files.
190476 KB in 44759 indexes.
128 KB in bad sectors.
463815 KB in use by the system.
65536 KB occupied by the log file.
882579892 KB available on disk.


4096 bytes in each allocation unit.
240447743 total allocation units on disk.
220644973 allocation units available on disk.


Internal Info:
00 96 05 00 1d 74 05 00 58 90 0a 00 00 00 00 00 .....t..X.......
ec 19 00 00 4b 27 00 00 00 00 00 00 00 00 00 00 ....K'..........


Windows has finished checking your disk.
Please wait while your computer restarts.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 26213
Record Number: 50876
Source Name: Chkdsk
Time Written: 11-02-2015 @ 23:14:41
Event Type: Information
User:
Message: Chkdsk was executed in read-only mode. A volume snapshot was not used. Extra errors and warnings may be reported as the volume may have changed during the chkdsk run.


Checking file system on C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.


WARNING! F parameter not specified.
Running CHKDSK in read-only mode.


Stage 1: Examining basic file system structure ...


366080 file records processed.


File verification completed.


6077 large file records processed.




0 bad file records processed.




Stage 2: Examining file name linkage ...
Index entry McAfee of index $I30 in file 0x3569b points to unused file 0xdc4.

Index entry McAfee in index $I30 of file 218779 is incorrect.


455592 index entries processed.


Index verification completed.


Errors found. CHKDSK cannot continue in read-only mode.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 1001
Record Number: 50838
Source Name: Microsoft-Windows-Wininit
Time Written: 10-27-2015 @ 00:13:29
Event Type: Information
User:
Message:


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.


A disk check has been scheduled.
Windows will now check the disk.


Stage 1: Examining basic file system structure ...
366080 file records processed.


File verification completed.
6076 large file records processed.


0 bad file records processed.




Stage 2: Examining file name linkage ...
455734 index entries processed.


Index verification completed.
0 unindexed files scanned.


0 unindexed files recovered.




Stage 3: Examining security descriptors ...
Cleaning up 77 unused index entries from index $SII of file 0x9.
Cleaning up 77 unused index entries from index $SDH of file 0x9.
Cleaning up 77 unused security descriptors.
Security descriptor verification completed.
44828 data files processed.


CHKDSK is verifying Usn Journal...
40729032 USN bytes processed.


Usn Journal verification completed.


Stage 4: Looking for bad clusters in user file data ...
Read failure with status 0xc000009c at offset 0x12cf24000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x12cf2d000 for 0x1000 bytes.
Windows replaced bad clusters in file 12155
of name \Users\Jacqui\AppData\Local\Packages\MICROS~1.WIN\LOCALS~1\LiveComm\8776A8~1\120712~1\Att\2000aba7\DSCN80~4.JPG.
Read failure with status 0xc000009c at offset 0xb5aa4000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb5ab2000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb5ab3000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb5ac0000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb5ac1000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb5ac1000 for 0x1000 bytes.
Windows replaced bad clusters in file 86429
of name \PROGRA~2\DELLBA~1\FACTOR~1\SDSSMA~1.DLL.
Read failure with status 0xc000009c at offset 0x3dc44c000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x3dc458000 for 0x1000 bytes.
Windows replaced bad clusters in file 159369
of name \Config.Msi\32489bfa.rbf.
Read failure with status 0xc000009c at offset 0xf0858000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xf085d000 for 0x1000 bytes.
Windows replaced bad clusters in file 189305
of name \Users\Jacqui\Pictures\2030E5~1\IMG_2250.JPG.
Read failure with status 0xc000009c at offset 0xb5bdb000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb5be9000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb5bfa000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb5c01000 for 0x1000 bytes.
Windows replaced bad clusters in file 260649
of name \Windows\System32\wmploc.DLL.
Read failure with status 0xc000009c at offset 0xb4352000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb4354000 for 0x1000 bytes.
Windows replaced bad clusters in file 300858
of name \Windows\WinSxS\AMF569~1.163\batang.ttc.
Read failure with status 0xc000009c at offset 0x178f74000 for 0x7000 bytes.
Read failure with status 0xc000009c at offset 0x178f77000 for 0x1000 bytes.
Windows replaced bad clusters in file 306886
of name \Windows\System32\DRIVER~1\FILERE~1\HDXMB2~1.INF\SRSWOW64.dll.
366064 files processed.


File data verification completed.


Stage 5: Looking for bad, free clusters ...
220653019 free clusters processed.


Free space verification is complete.
Adding 10 bad clusters to the Bad Clusters File.
Correcting errors in the Volume Bitmap.


Windows has made corrections to the file system.
No further action is required.


961790975 KB total disk space.
78524556 KB in 312699 files.
190492 KB in 44829 indexes.
40 KB in bad sectors.
463811 KB in use by the system.
65536 KB occupied by the log file.
882612076 KB available on disk.


4096 bytes in each allocation unit.
240447743 total allocation units on disk.
220653019 allocation units available on disk.


Internal Info:
00 96 05 00 a3 74 05 00 4d 91 0a 00 00 00 00 00 .....t..M.......
e9 19 00 00 4b 27 00 00 00 00 00 00 00 00 00 00 ....K'..........


Windows has finished checking your disk.
Please wait while your computer restarts.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 1001
Record Number: 50517
Source Name: Microsoft-Windows-Wininit
Time Written: 10-20-2015 @ 22:31:09
Event Type: Information
User:
Message:


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.




A disk check has been scheduled.
Windows will now check the disk.


Stage 1: Examining basic file system structure ...
366080 file records processed.


File verification completed.
6071 large file records processed.


0 bad file records processed.




Stage 2: Examining file name linkage ...
455510 index entries processed.


Index verification completed.
0 unindexed files scanned.


0 unindexed files recovered.




Stage 3: Examining security descriptors ...
Cleaning up 15 unused index entries from index $SII of file 0x9.
Cleaning up 15 unused index entries from index $SDH of file 0x9.
Cleaning up 15 unused security descriptors.
Security descriptor verification completed.
44716 data files processed.


CHKDSK is verifying Usn Journal...
2646016 USN bytes processed.


Usn Journal verification completed.


Windows has made corrections to the file system.
No further action is required.


961790975 KB total disk space.
75435980 KB in 211251 files.
143624 KB in 44717 indexes.
0 KB in bad sectors.
466451 KB in use by the system.
65536 KB occupied by the log file.
885744920 KB available on disk.


4096 bytes in each allocation unit.
240447743 total allocation units on disk.
221436230 allocation units available on disk.


Internal Info:
00 96 05 00 eb e7 03 00 af 78 07 00 00 00 00 00 .........x......
e6 19 00 00 4b 27 00 00 00 00 00 00 00 00 00 00 ....K'..........


Windows has finished checking your disk.
Please wait while your computer restarts.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 26226
Record Number: 50348
Source Name: Chkdsk
Time Written: 10-20-2015 @ 20:34:44
Event Type: Information
User:
Message: Chkdsk was executed in scan mode on a volume snapshot.


Checking file system on C:
The type of the file system is NTFS.
A function call was made when the object was in an incorrect state
for that function


A snapshot error occured while scanning this drive. Run an offline scan and fix.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 26213
Record Number: 50347
Source Name: Chkdsk
Time Written: 10-20-2015 @ 20:33:03
Event Type: Information
User:
Message: Chkdsk was executed in read-only mode. A volume snapshot was not used. Extra errors and warnings may be reported as the volume may have changed during the chkdsk run.


Checking file system on C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.


WARNING! F parameter not specified.
Running CHKDSK in read-only mode.


Stage 1: Examining basic file system structure ...
Cleaning up instance tags for file 0x6151.


366080 file records processed.


File verification completed.


6072 large file records processed.




0 bad file records processed.




Stage 2: Examining file name linkage ...


455512 index entries processed.


Index verification completed.
CHKDSK is scanning unindexed files for reconnect to their original directory.
Detected orphaned file amd64_0738d6c2074b860695a21a102cbc322a_31bf3856ad364e35_6.3.9600.16387_none_8c043e7f278845ee.manifest (32636), should be recovered into directory file 232182.
Detected orphaned file 91da6d17d5b6d60854fb52aa7155945e_var_0.png.data (32639), should be recovered into directory file 22044.
Detected orphaned file amd64_072d07931b27de6074e769c16f712ffb_b03f5f7f11d50a3a_6.3.9600.17226_none_97ca112b915d5a0a.manifest (344119), should be recovered into directory file 232182.
Detected orphaned file amd64_17396f7378a7c05147e00cf16bf574cb_31bf3856ad364e35_6.3.9600.17042_none_7bd423ab94e9709c.manifest (357338), should be recovered into directory file 232182.


8 unindexed files scanned.


Detected orphaned file amd64_06c4dd90ee81d4a786c88fdecaa44b90_6595b64144ccf1df_1.1.9600.17056_none_0a112cccd2e27568.manifest (357339), should be recovered into directory file 232182.

CHKDSK is recovering remaining unindexed files.


1 unindexed files recovered.




Stage 3: Examining security descriptors ...
Security descriptor verification completed.


44717 data files processed.


CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
The Volume Bitmap is incorrect.
Windows has checked the file system and found problems.
Please run chkdsk /scan to find the problems and queue them for repair.


961790975 KB total disk space.
75512420 KB in 211528 files.
144804 KB in 44719 indexes.
0 KB in bad sectors.
515167 KB in use by the system.
65536 KB occupied by the log file.
885618584 KB available on disk.


4096 bytes in each allocation unit.
240447743 total allocation units on disk.
221404646 allocation units available on disk.


-----------------------------------------------------------------------

 

[BrianDrab]

As suspected, there are problems with your disk. Please do the following to try and correct. The command is slightly different than the previous one.

Step#1 - ChkDsk Repair
1. Click your Start Orb in the lower left of your computer and type cmd in the search box.
2. Once the cmd program is found, right-click on it with your mouse and select Run as administrator as shown below.

3. Answer Yes when asked to allow.
4. You should now have a black window open that you can type in to.
5. Please type chkdsk /R and then press enter. Note: There is a space after the command chkdsk and before the forward slash
6. You will get a prompt telling you chkdsk cannot run because the volume is in use. Answer Y and hit enter to schedule the run at next boot.
7. Reboot your computer and chkdsk will run. Let it complete please.
8. Right-click ListChkdskResult.exe and select Run as administrator (Allow if prompted)and a text file will open (and also be saved on the desktop as ListChkdskResult.txt).
Please copy the contents of this file and paste into your next post.

 

[Jim Wells]

Hi Brian,

The results from ListChkdskResult.exe after running chkdsk /R are below.

Thanks

Jim


ListChkdskResult by SleepyDude v0.1.7 Beta | 21-09-2013


------< Log generate on 15/11/2015 23:33:10 >------
Category: 0
Computer Name: Frederika
Event Code: 1001
Record Number: 51115
Source Name: Microsoft-Windows-Wininit
Time Written: 11-15-2015 @ 23:25:52
Event Type: Information
User:
Message:


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.


A disk check has been scheduled.
Windows will now check the disk.


Stage 1: Examining basic file system structure ...
366080 file records processed.


File verification completed.
6077 large file records processed.


0 bad file records processed.




Stage 2: Examining file name linkage ...
455618 index entries processed.


Index verification completed.
0 unindexed files scanned.


0 unindexed files recovered.




Stage 3: Examining security descriptors ...
Cleaning up 49 unused index entries from index $SII of file 0x9.
Cleaning up 49 unused index entries from index $SDH of file 0x9.
Cleaning up 49 unused security descriptors.
Security descriptor verification completed.
44770 data files processed.


CHKDSK is verifying Usn Journal...
37297112 USN bytes processed.


Usn Journal verification completed.


Stage 4: Looking for bad clusters in user file data ...
366064 files processed.


File data verification completed.


Stage 5: Looking for bad, free clusters ...
221792040 free clusters processed.


Free space verification is complete.


Windows has scanned the file system and found no problems.
No further action is required.


961790975 KB total disk space.
73936324 KB in 312574 files.
185676 KB in 44771 indexes.
128 KB in bad sectors.
500687 KB in use by the system.
65536 KB occupied by the log file.
887168160 KB available on disk.


4096 bytes in each allocation unit.
240447743 total allocation units on disk.
221792040 allocation units available on disk.


Internal Info:
00 96 05 00 ec 73 05 00 e6 8f 0a 00 00 00 00 00 .....s..........
f5 19 00 00 4b 27 00 00 00 00 00 00 00 00 00 00 ....K'..........


Windows has finished checking your disk.
Please wait while your computer restarts.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 26213
Record Number: 51102
Source Name: Chkdsk
Time Written: 11-15-2015 @ 15:46:38
Event Type: Information
User:
Message: Chkdsk was executed in read-only mode. A volume snapshot was not used. Extra errors and warnings may be reported as the volume may have changed during the chkdsk run.


Checking file system on C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.


WARNING! F parameter not specified.
Running CHKDSK in read-only mode.


Stage 1: Examining basic file system structure ...


366080 file records processed.


File verification completed.


6077 large file records processed.




0 bad file records processed.




Stage 2: Examining file name linkage ...


455616 index entries processed.


Index verification completed.


0 unindexed files scanned.




0 unindexed files recovered.




Stage 3: Examining security descriptors ...
Security descriptor verification completed.


44769 data files processed.


CHKDSK is verifying Usn Journal...


37231048 USN bytes processed.


Usn Journal verification completed.
The Volume Bitmap is incorrect.
Windows has checked the file system and found problems.
Please run chkdsk /scan to find the problems and queue them for repair.


961790975 KB total disk space.
73949004 KB in 312571 files.
185668 KB in 44770 indexes.
128 KB in bad sectors.
500687 KB in use by the system.
65536 KB occupied by the log file.
887155488 KB available on disk.


4096 bytes in each allocation unit.
240447743 total allocation units on disk.
221788872 allocation units available on disk.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 1001
Record Number: 50885
Source Name: Microsoft-Windows-Wininit
Time Written: 11-03-2015 @ 03:19:51
Event Type: Information
User:
Message:


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.


A disk check has been scheduled.
Windows will now check the disk.


Stage 1: Examining basic file system structure ...
366080 file records processed.


File verification completed.
6077 large file records processed.


0 bad file records processed.




Stage 2: Examining file name linkage ...
455594 index entries processed.


Index verification completed.
0 unindexed files scanned.


0 unindexed files recovered.




Stage 3: Examining security descriptors ...
Cleaning up 17 unused index entries from index $SII of file 0x9.
Cleaning up 17 unused index entries from index $SDH of file 0x9.
Cleaning up 17 unused security descriptors.
Security descriptor verification completed.
44758 data files processed.


CHKDSK is verifying Usn Journal...
1181448 USN bytes processed.


Usn Journal verification completed.


Stage 4: Looking for bad clusters in user file data ...
Read failure with status 0xc000009c at offset 0xb6222000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb6230000 for 0x1000 bytes.
Windows replaced bad clusters in file 260649
of name \Windows\System32\wmploc.DLL.
366064 files processed.


File data verification completed.


Stage 5: Looking for bad, free clusters ...
220644994 free clusters processed.


Free space verification is complete.
Read failure with status 0xc000009c at offset 0xb6e6b000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb6e6e000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb6e6f000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb6e7b000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb6fbc000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb6fbe000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb720f000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb721a000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb747b000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb7483000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb7484000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb7484000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb7485000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb7485000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb75b6000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb75b8000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb75c9000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb75cc000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb821d000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb821d000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb797d000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb822e000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb822e000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb871f000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb8722000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb8ab3000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb8ab4000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb8ac5000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb8ac8000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb90b9000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb90c8000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb9489000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb9492000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb9493000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb9494000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb9715000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb971b000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb94a5000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb94ac000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb996c000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb9979000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb9d1a000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb9d1a000 for 0x1000 bytes.
Replacing bad clusters in logfile.
Adding 22 bad clusters to the Bad Clusters File.
Correcting errors in the Volume Bitmap.


Windows has made corrections to the file system.
No further action is required.


961790975 KB total disk space.
78556664 KB in 312635 files.
190476 KB in 44759 indexes.
128 KB in bad sectors.
463815 KB in use by the system.
65536 KB occupied by the log file.
882579892 KB available on disk.


4096 bytes in each allocation unit.
240447743 total allocation units on disk.
220644973 allocation units available on disk.


Internal Info:
00 96 05 00 1d 74 05 00 58 90 0a 00 00 00 00 00 .....t..X.......
ec 19 00 00 4b 27 00 00 00 00 00 00 00 00 00 00 ....K'..........


Windows has finished checking your disk.
Please wait while your computer restarts.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 26213
Record Number: 50876
Source Name: Chkdsk
Time Written: 11-02-2015 @ 23:14:41
Event Type: Information
User:
Message: Chkdsk was executed in read-only mode. A volume snapshot was not used. Extra errors and warnings may be reported as the volume may have changed during the chkdsk run.


Checking file system on C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.


WARNING! F parameter not specified.
Running CHKDSK in read-only mode.


Stage 1: Examining basic file system structure ...


366080 file records processed.


File verification completed.


6077 large file records processed.




0 bad file records processed.




Stage 2: Examining file name linkage ...
Index entry McAfee of index $I30 in file 0x3569b points to unused file 0xdc4.

Index entry McAfee in index $I30 of file 218779 is incorrect.


455592 index entries processed.


Index verification completed.


Errors found. CHKDSK cannot continue in read-only mode.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 1001
Record Number: 50838
Source Name: Microsoft-Windows-Wininit
Time Written: 10-27-2015 @ 00:13:29
Event Type: Information
User:
Message:


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.


A disk check has been scheduled.
Windows will now check the disk.


Stage 1: Examining basic file system structure ...
366080 file records processed.


File verification completed.
6076 large file records processed.


0 bad file records processed.




Stage 2: Examining file name linkage ...
455734 index entries processed.


Index verification completed.
0 unindexed files scanned.


0 unindexed files recovered.




Stage 3: Examining security descriptors ...
Cleaning up 77 unused index entries from index $SII of file 0x9.
Cleaning up 77 unused index entries from index $SDH of file 0x9.
Cleaning up 77 unused security descriptors.
Security descriptor verification completed.
44828 data files processed.


CHKDSK is verifying Usn Journal...
40729032 USN bytes processed.


Usn Journal verification completed.


Stage 4: Looking for bad clusters in user file data ...
Read failure with status 0xc000009c at offset 0x12cf24000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x12cf2d000 for 0x1000 bytes.
Windows replaced bad clusters in file 12155
of name \Users\Jacqui\AppData\Local\Packages\MICROS~1.WIN\LOCALS~1\LiveComm\8776A8~1\120712~1\Att\2000aba7\DSCN80~4.JPG.
Read failure with status 0xc000009c at offset 0xb5aa4000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb5ab2000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb5ab3000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb5ac0000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb5ac1000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb5ac1000 for 0x1000 bytes.
Windows replaced bad clusters in file 86429
of name \PROGRA~2\DELLBA~1\FACTOR~1\SDSSMA~1.DLL.
Read failure with status 0xc000009c at offset 0x3dc44c000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0x3dc458000 for 0x1000 bytes.
Windows replaced bad clusters in file 159369
of name \Config.Msi\32489bfa.rbf.
Read failure with status 0xc000009c at offset 0xf0858000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xf085d000 for 0x1000 bytes.
Windows replaced bad clusters in file 189305
of name \Users\Jacqui\Pictures\2030E5~1\IMG_2250.JPG.
Read failure with status 0xc000009c at offset 0xb5bdb000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb5be9000 for 0x1000 bytes.
Read failure with status 0xc000009c at offset 0xb5bfa000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb5c01000 for 0x1000 bytes.
Windows replaced bad clusters in file 260649
of name \Windows\System32\wmploc.DLL.
Read failure with status 0xc000009c at offset 0xb4352000 for 0x10000 bytes.
Read failure with status 0xc000009c at offset 0xb4354000 for 0x1000 bytes.
Windows replaced bad clusters in file 300858
of name \Windows\WinSxS\AMF569~1.163\batang.ttc.
Read failure with status 0xc000009c at offset 0x178f74000 for 0x7000 bytes.
Read failure with status 0xc000009c at offset 0x178f77000 for 0x1000 bytes.
Windows replaced bad clusters in file 306886
of name \Windows\System32\DRIVER~1\FILERE~1\HDXMB2~1.INF\SRSWOW64.dll.
366064 files processed.


File data verification completed.


Stage 5: Looking for bad, free clusters ...
220653019 free clusters processed.


Free space verification is complete.
Adding 10 bad clusters to the Bad Clusters File.
Correcting errors in the Volume Bitmap.


Windows has made corrections to the file system.
No further action is required.


961790975 KB total disk space.
78524556 KB in 312699 files.
190492 KB in 44829 indexes.
40 KB in bad sectors.
463811 KB in use by the system.
65536 KB occupied by the log file.
882612076 KB available on disk.


4096 bytes in each allocation unit.
240447743 total allocation units on disk.
220653019 allocation units available on disk.


Internal Info:
00 96 05 00 a3 74 05 00 4d 91 0a 00 00 00 00 00 .....t..M.......
e9 19 00 00 4b 27 00 00 00 00 00 00 00 00 00 00 ....K'..........


Windows has finished checking your disk.
Please wait while your computer restarts.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 1001
Record Number: 50517
Source Name: Microsoft-Windows-Wininit
Time Written: 10-20-2015 @ 22:31:09
Event Type: Information
User:
Message:


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.




A disk check has been scheduled.
Windows will now check the disk.


Stage 1: Examining basic file system structure ...
366080 file records processed.


File verification completed.
6071 large file records processed.


0 bad file records processed.




Stage 2: Examining file name linkage ...
455510 index entries processed.


Index verification completed.
0 unindexed files scanned.


0 unindexed files recovered.




Stage 3: Examining security descriptors ...
Cleaning up 15 unused index entries from index $SII of file 0x9.
Cleaning up 15 unused index entries from index $SDH of file 0x9.
Cleaning up 15 unused security descriptors.
Security descriptor verification completed.
44716 data files processed.


CHKDSK is verifying Usn Journal...
2646016 USN bytes processed.


Usn Journal verification completed.


Windows has made corrections to the file system.
No further action is required.


961790975 KB total disk space.
75435980 KB in 211251 files.
143624 KB in 44717 indexes.
0 KB in bad sectors.
466451 KB in use by the system.
65536 KB occupied by the log file.
885744920 KB available on disk.


4096 bytes in each allocation unit.
240447743 total allocation units on disk.
221436230 allocation units available on disk.


Internal Info:
00 96 05 00 eb e7 03 00 af 78 07 00 00 00 00 00 .........x......
e6 19 00 00 4b 27 00 00 00 00 00 00 00 00 00 00 ....K'..........


Windows has finished checking your disk.
Please wait while your computer restarts.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 26226
Record Number: 50348
Source Name: Chkdsk
Time Written: 10-20-2015 @ 20:34:44
Event Type: Information
User:
Message: Chkdsk was executed in scan mode on a volume snapshot.


Checking file system on C:
The type of the file system is NTFS.
A function call was made when the object was in an incorrect state
for that function


A snapshot error occured while scanning this drive. Run an offline scan and fix.


-----------------------------------------------------------------------
Category: 0
Computer Name: Frederika
Event Code: 26213
Record Number: 50347
Source Name: Chkdsk
Time Written: 10-20-2015 @ 20:33:03
Event Type: Information
User:
Message: Chkdsk was executed in read-only mode. A volume snapshot was not used. Extra errors and warnings may be reported as the volume may have changed during the chkdsk run.


Checking file system on C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.


WARNING! F parameter not specified.
Running CHKDSK in read-only mode.


Stage 1: Examining basic file system structure ...
Cleaning up instance tags for file 0x6151.


366080 file records processed.


File verification completed.


6072 large file records processed.




0 bad file records processed.




Stage 2: Examining file name linkage ...


455512 index entries processed.


Index verification completed.
CHKDSK is scanning unindexed files for reconnect to their original directory.
Detected orphaned file amd64_0738d6c2074b860695a21a102cbc322a_31bf3856ad364e35_6.3.9600.16387_none_8c043e7f278845ee.manifest (32636), should be recovered into directory file 232182.
Detected orphaned file 91da6d17d5b6d60854fb52aa7155945e_var_0.png.data (32639), should be recovered into directory file 22044.
Detected orphaned file amd64_072d07931b27de6074e769c16f712ffb_b03f5f7f11d50a3a_6.3.9600.17226_none_97ca112b915d5a0a.manifest (344119), should be recovered into directory file 232182.
Detected orphaned file amd64_17396f7378a7c05147e00cf16bf574cb_31bf3856ad364e35_6.3.9600.17042_none_7bd423ab94e9709c.manifest (357338), should be recovered into directory file 232182.


8 unindexed files scanned.


Detected orphaned file amd64_06c4dd90ee81d4a786c88fdecaa44b90_6595b64144ccf1df_1.1.9600.17056_none_0a112cccd2e27568.manifest (357339), should be recovered into directory file 232182.

CHKDSK is recovering remaining unindexed files.


1 unindexed files recovered.




Stage 3: Examining security descriptors ...
Security descriptor verification completed.


44717 data files processed.


CHKDSK is verifying Usn Journal...
Usn Journal verification completed.
The Volume Bitmap is incorrect.
Windows has checked the file system and found problems.
Please run chkdsk /scan to find the problems and queue them for repair.


961790975 KB total disk space.
75512420 KB in 211528 files.
144804 KB in 44719 indexes.
0 KB in bad sectors.
515167 KB in use by the system.
65536 KB occupied by the log file.
885618584 KB available on disk.


4096 bytes in each allocation unit.
240447743 total allocation units on disk.
221404646 allocation units available on disk.


-----------------------------------------------------------------------

 

[BrianDrab]

Good. Please do the following now.

Step#1 - DISM /RestoreHealth Scan
Warning:this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

1. Right-click on the Start
   
   button and select Command Prompt (Admin)
2. When command prompt opens, Copy (Ctrl+C) and Paste (Right-click > Paste) the following command into it, then press Enter
   Dism /Online /Cleanup-Image /RestoreHealth
3. Once it finishes, copy and paste the following into the command-prompt window and press Enter. If prompted to overwrite the existing file go ahead.
   copy %windir%\logs\cbs\cbs.log "%userprofile%\Desktop\cbs.txt"
   
4. Once this has completed please go to your Desktop and you will find CBS.txt => Please zip/upload to this thread.
   Please Note:: if the file is too big (over 7MB) to upload to your next post, please upload via a service such as Dropbox or One Drive or SendSpace and just provide the link.

 

[Jim Wells]

Hi Brian,

I ran

Dism /Online /Cleanup-Image /RestoreHealth

and it reached 100%, but the it also gave a message suggesting it did not complete as expected. The text of the output is pasted below.

I can't get the file upload facility to work in IE or Chrome, so will explore other options next.

Thank you for your ongoing help.

Jim

---------- Start of output from DISM ----------

C:\windows\system32>Dism /Online /Cleanup-Image /RestoreHealth


Deployment Image Servicing and Management tool
Version: 6.3.9600.17031


Image Version: 6.3.9600.17031


[==========================100.0%==========================]


Error: 0x800f0906


The source files could not be downloaded.
Use the "source" option to specify the location of the files that are required t
o restore the feature. For more information on specifying a source location, see
Configure a Windows Repair Source.


The DISM log file can be found at C:\windows\Logs\DISM\dism.log


C:\windows\system32>



---------- End of output from DISM ----------

 

[BrianDrab]

Uploading it to SendSpace would probably be easiest. See below.

Please Note:: if the file is too big (over 7MB) to upload to your next post, please upload via a service such as Dropbox or One Drive or SendSpace and just provide the link.

 

[Jim Wells]

Link to sipped CBS log file: https://onedrive.live.com/embed?cid...=F226D5DA552DB3DD!806&authkey=AIhRV_TZ8z76zdc

 

[Jim Wells]

Cancel that - I've uploaded the wrong file.

The (hopefully) correct one is attached this post. The unzipped file size should be 2.17MB.

Apologies for confusion.

Jim

View attachment cbs 2015 11 16.zip

 

[BrianDrab]

Thanks. Please do the following.

Step#1 - SFCFix Script
Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

1. Download SFCFix.exe (by niemiro) and save this to your Desktop. If you still have this on your desktop from downloading previously, you don't need to re-download.
2. Download SFCFix.zip, and save this to your Desktop. Ensure that this file is named SFCFix.zip - do not rename it.
3. Save any open documents and close all open windows.
4. On your Desktop, you should see two files: SFCFix.exe and SFCFix.zip.
5. Drag the file SFCFix.zip onto the file SFCFix.exe and release it.
6. SFCFix will now process the script.
7. Upon completion, a file should be created on your Desktop: SFCFix.txt.
8. Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this file into your next post for me to analyse please

Step#2 - DISM /RestoreHealth Scan
Warning:this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.

1. Right-click on the Start
   
   button and select Command Prompt (Admin)
2. When command prompt opens, Copy (Ctrl+C) and Paste (Right-click > Paste) the following command into it, then press Enter
   Dism /Online /Cleanup-Image /RestoreHealth
3. Once it finishes, copy and paste the following into the command-prompt window and press Enter. If prompted to overwrite the existing file go ahead.
   copy %windir%\logs\cbs\cbs.log "%userprofile%\Desktop\cbs.txt"
   
4. Once this has completed please go to your Desktop and you will find CBS.txt => Please zip/upload to this thread.
   Please Note:: if the file is too big (over 7MB) to upload to your next post, please upload via a service such as Dropbox or One Drive or SendSpace and just provide the link.

---

Items for your next post
1. SFCFix.txt
2. CBS.txt

 

[Jim Wells]

Brian,

Contents of SFC.txt is below.

DISM completed with a much more promising message the time: "The restore operation completed successfully. The component store corruption was repaired. The operation completed successfully."

CBS.txt is in the attached zip file ... View attachment cbs 2015 11 16 2152h.zip

Regards,

Jim


SFCFix version 2.4.5.0 by niemiro.
Start time: 2015-11-16 21:26:43.205
Microsoft Windows 8.1 Update 3 - amd64
Using .zip script file at C:\Users\Jacqui\Desktop\SFCFix.zip [0]








PowerCopy::
Successfully took permissions for file or folder C:\windows\Winsxs\amd64_prncacla.inf_31bf3856ad364e35_6.3.9600.17415_none_95dd5540d57f8c01\Amd64\CNBJ2530.DPB
Successfully took permissions for file or folder C:\windows\Winsxs\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.3.9600.17415_none_fc74be0622d72c91\wmploc.DLL
Successfully took permissions for file or folder C:\windows\Winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_11.0.9600.17905_none_3aa2d37ef74f9d54
Successfully took permissions for file or folder C:\windows\Winsxs\amd64_microsoft-windows-font-truetype-batang_31bf3856ad364e35_6.3.9600.16384_none_a8a7ec243a41e55e\batang.ttc
Successfully took permissions for file or folder C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\DVDPlaybackCompat.dll
Successfully took permissions for file or folder C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat32.txt
Successfully took permissions for file or folder C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat64.txt
Successfully took permissions for file or folder C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\SBCompatPlugin.dll
Successfully took permissions for file or folder C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\setupcompat.dll
Successfully took permissions for file or folder C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\TouchCompat.dll


Successfully copied file C:\Users\Jacqui\AppData\Local\niemiro\Archive\Winsxs\amd64_prncacla.inf_31bf3856ad364e35_6.3.9600.17415_none_95dd5540d57f8c01\Amd64\CNBJ2530.DPB to C:\windows\Winsxs\amd64_prncacla.inf_31bf3856ad364e35_6.3.9600.17415_none_95dd5540d57f8c01\Amd64\CNBJ2530.DPB.
Successfully copied file C:\Users\Jacqui\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.3.9600.17415_none_fc74be0622d72c91\wmploc.DLL to C:\windows\Winsxs\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.3.9600.17415_none_fc74be0622d72c91\wmploc.DLL.
Successfully copied file C:\Users\Jacqui\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_11.0.9600.17905_none_3aa2d37ef74f9d54\occache.dll to C:\windows\Winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_11.0.9600.17905_none_3aa2d37ef74f9d54\occache.dll.
Successfully copied file C:\Users\Jacqui\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-font-truetype-batang_31bf3856ad364e35_6.3.9600.16384_none_a8a7ec243a41e55e\batang.ttc to C:\windows\Winsxs\amd64_microsoft-windows-font-truetype-batang_31bf3856ad364e35_6.3.9600.16384_none_a8a7ec243a41e55e\batang.ttc.
Successfully copied file C:\Users\Jacqui\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\DVDPlaybackCompat.dll to C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\DVDPlaybackCompat.dll.
Successfully copied file C:\Users\Jacqui\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat32.txt to C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat32.txt.
Successfully copied file C:\Users\Jacqui\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat64.txt to C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat64.txt.
Successfully copied file C:\Users\Jacqui\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\SBCompatPlugin.dll to C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\SBCompatPlugin.dll.
Successfully copied file C:\Users\Jacqui\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\setupcompat.dll to C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\setupcompat.dll.
Successfully copied file C:\Users\Jacqui\AppData\Local\niemiro\Archive\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\TouchCompat.dll to C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\TouchCompat.dll.


Successfully restored ownership for C:\windows\Winsxs\amd64_prncacla.inf_31bf3856ad364e35_6.3.9600.17415_none_95dd5540d57f8c01\Amd64\CNBJ2530.DPB
Successfully restored permissions on C:\windows\Winsxs\amd64_prncacla.inf_31bf3856ad364e35_6.3.9600.17415_none_95dd5540d57f8c01\Amd64\CNBJ2530.DPB
Successfully restored ownership for C:\windows\Winsxs\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.3.9600.17415_none_fc74be0622d72c91\wmploc.DLL
Successfully restored permissions on C:\windows\Winsxs\amd64_microsoft-windows-mediaplayer-core_31bf3856ad364e35_6.3.9600.17415_none_fc74be0622d72c91\wmploc.DLL
Successfully restored ownership for C:\windows\Winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_11.0.9600.17905_none_3aa2d37ef74f9d54
Successfully restored permissions on C:\windows\Winsxs\amd64_microsoft-windows-ie-objectcontrolviewer_31bf3856ad364e35_11.0.9600.17905_none_3aa2d37ef74f9d54
Successfully restored ownership for C:\windows\Winsxs\amd64_microsoft-windows-font-truetype-batang_31bf3856ad364e35_6.3.9600.16384_none_a8a7ec243a41e55e\batang.ttc
Successfully restored permissions on C:\windows\Winsxs\amd64_microsoft-windows-font-truetype-batang_31bf3856ad364e35_6.3.9600.16384_none_a8a7ec243a41e55e\batang.ttc
Successfully restored ownership for C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\DVDPlaybackCompat.dll
Successfully restored permissions on C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\DVDPlaybackCompat.dll
Successfully restored ownership for C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat32.txt
Successfully restored permissions on C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat32.txt
Successfully restored ownership for C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat64.txt
Successfully restored permissions on C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\hwcompat64.txt
Successfully restored ownership for C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\SBCompatPlugin.dll
Successfully restored permissions on C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\SBCompatPlugin.dll
Successfully restored ownership for C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\setupcompat.dll
Successfully restored permissions on C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\setupcompat.dll
Successfully restored ownership for C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\TouchCompat.dll
Successfully restored permissions on C:\windows\Winsxs\amd64_microsoft-windows-a..de-compat-telemetry_31bf3856ad364e35_6.3.9600.17998_none_7863c0d1cd5123f9\TouchCompat.dll
PowerCopy:: directive completed successfully.








Successfully processed all directives.
SFCFix version 2.4.5.0 by niemiro has completed.
Currently storing 10 datablocks.
Finish time: 2015-11-16 21:27:11.550
Script hash: PfgPOF3K/B5q2bpfigfMs/Gkz2L3TH5P4K/jhTAlvZo=
----------------------EOF-----------------------

 

[BrianDrab]

Good news. Let me know if you can boot your machine normally. Even if it is really slow I just need to know if it will boot to the desktop normally (not in Safe Mode).

Let me know. Thanks.

 

[Jim Wells]

It will boot from the HD into "normal" mode (ie. note safe mode).

I tried a couple of things as a measure of responsiveness ...

However, as you suspected, it is slow to the point of unusable. So far, it has taken somewhere over 30 minutes to:

• Click on the control panel on the task bar (it is pinned there). The window outline and title nard has appeared but the icons have not.
• Press the Windows key + R, type "taskmgr" and press the OK button. Task manager is yet to open.

and the HD light was on whenever I checked

Update: task manager has now openned. It shows disk usage as 100%, but no entry in the processes list account for this. The HD light is now not on constantly. The control panel icons are yet to appear (at 18:30h, the laptop was turned on around 17:40h and I clicked to open the control panel at around 17:45). And I've had an error message "Catalyst Control Center: host application has stopped working." This is a frequent occurrence, and pre-dates the current issues.

A further alert box has appeared: ".NET-BroascastEventWindows.4.0.0.3bd.390.0: Toaster.exe - Appl.." (text disappears being [X] button). "The instruction at ____ at ___. The memory could not be read." If you need the numbers in the ___ spaced would be useful I can upload a photo of the screen.

Control panel icons have not yet appeared, around an hour after I clicked the icon to open it.

I've tried nothing further.

Jim