Sandy Lanz

New Member
Joined
Dec 30, 2014
Messages
13
#1
Hi,
As stated above in the questionnaire, my system was sluggish and I ran my PCMatic scan which would stop running about 40% through the scan. I ran Malwarebytes (free) with no issues found. Removed PCMatic and installed AVG (free) which found some issues and cleaned them up but performace wasn't improved much. My keyboard then began to act quirky by characters not appearing or the cursor jumping around or nothing will happen but the "system busy wheel" pops up for a few seconds before characters appear on the screen.

I came back to you guys because TwinHeadedEagle was so effective at helping me with my desktop 18 mos ago that I was hoping for help.

Thanks, regards and please advise if I can once again get some assistance,
Sandy Lanz
 
Operating System
Windows 7
Infection date and initial symptoms
Approx March 15. Due to slow performance, I ran PCMatic which would become unresponsive during scan. Removed and ran AVG which seemed to help but then the cursor began behaving weird and performance continued to be slow. Typed characters did not appear and cursor jumped randomly. Your staff helped me about 18 months ago with my desktop but I know better than to follow the same steps as the problem may be different.
Current issues and symptoms
Malwarebytes (free) cannot find any issues and PCMatic cannot complete a scan for me to even determine if a problem exists.
Steps taken in order to remove the infection
Malwarebytes (free), AVG (free) and PCMatic. I've tried to defrag the drive.

TwinHeadedEagle

Removal Expert
MalwareTips Team
Verified
Joined
Mar 8, 2013
Messages
22,397
Operating System
Windows 10
Antivirus
ESET
#2
Hello,


Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.


  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.


  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
 

TwinHeadedEagle

Removal Expert
MalwareTips Team
Verified
Joined
Mar 8, 2013
Messages
22,397
Operating System
Windows 10
Antivirus
ESET
#4
Based on some errors I saw, I think your hard drive is dying. Let's make one check:


Check Disk
  • Press the
    + R on your keyboard at the same time. Type cmd and click OK.
  • Copy/Enter the command below and press Enter:
  • Code:
    chkdsk C: /r
  • You should get a message to schedule Check Disk at next system restart. Please type Y and press Enter.
  • All you should do now is to restart your PC and let the Check Disk process finish uninterrupted.
Check Disk report:
  • Press the
    + R on your keyboard at the same time. Type eventvwr and click OK.
  • In the left panel, expand Windows Logs and then click on Application.
  • Now, on the right side, click on Filter Current Log.
  • Under Event Sources, check only Wininit and click OK.
  • Now you'll be presented with one or multiple Wininit logs.
  • Click on an entry corresponding to the date and time of the disk check.
  • On the top main menu, click Action > Copy > Copy Details as Text.
  • Paste the contents into your next reply.
 

TwinHeadedEagle

Removal Expert
MalwareTips Team
Verified
Joined
Mar 8, 2013
Messages
22,397
Operating System
Windows 10
Antivirus
ESET
#6
Press Start, type CMD and then Right click --> Run as Administrator.
 

Sandy Lanz

New Member
Joined
Dec 30, 2014
Messages
13
#7
Thanks. It's been running since you posted your last direction. It is hung up and says the following:
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
Windows replaced bad clusters in file 71586 of \users\Sandy\AppData\Local\MICROS~1\windows\webCache\WEBCAC~1.DAT.
13 percent complete. (131323 of 350704 files processed)

I am leaving as is until you instruct me on my next steps. Please advise and thanks.
 

TwinHeadedEagle

Removal Expert
MalwareTips Team
Verified
Joined
Mar 8, 2013
Messages
22,397
Operating System
Windows 10
Antivirus
ESET
#8
Did it finish or it is still stuck there?
 

Sandy Lanz

New Member
Joined
Dec 30, 2014
Messages
13
#9
Hi,
Sorry, worked all day so I didn't get to respond 'til now. It did not complete the scan. I'll be out of pocket again tomorrow for the majority of the day so I'm going to launch it again and see if it hangs in the same place. I'll respond back as soon as I know.

Regards,
 

Sandy Lanz

New Member
Joined
Dec 30, 2014
Messages
13
#10
Hi. Given your concerns about my disk failing and the failed chkdsk, I figured I'd better back up those irreplaceable photos and videos - typical computer user here. Please do not close out this ticket. I will ping you after the weekend with any new info. Should be done by then.
Regards
 

TwinHeadedEagle

Removal Expert
MalwareTips Team
Verified
Joined
Mar 8, 2013
Messages
22,397
Operating System
Windows 10
Antivirus
ESET
#11
If check disk was unable to finish, it means you should backup your important data and go for hard drive replacement.
 
Joined
Dec 30, 2014
Messages
13
#12
I ran chkdsk again and this time it completed but then the screen turned black with the cursor blinking in the upper left. I was able to reboot and get into the eventvwr but the only log was from the first chkdsk run. The log is below:
Log Name: Application
Source: Microsoft-Windows-Wininit
Date: 4/6/2016 11:06:31 AM
Event ID: 1001
Task Category: None
Level: Information
Keywords: Classic
User: N/A
Computer: Sandy-PC
Description:


Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.

A disk check has been scheduled.
Windows will now check the disk.

CHKDSK is verifying files (stage 1 of 5)...
Cleaning up instance tags for file 0x12e55.
Cleaning up instance tags for file 0x170b3.
Cleaning up instance tags for file 0x170bd.
Cleaning up instance tags for file 0x170c7.
350720 file records processed.

File verification completed.
1812 large file records processed.

0 bad file records processed.

0 EA records processed.

143 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 5)...
442562 index entries processed.

Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 5)...
350720 file SDs/SIDs processed.

Cleaning up 1381 unused index entries from index $SII of file 0x9.
Cleaning up 1381 unused index entries from index $SDH of file 0x9.
Cleaning up 1381 unused security descriptors.
Security descriptor verification completed.
45922 data files processed.

CHKDSK is verifying Usn Journal...
36082704 USN bytes processed.

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
Read failure with status 0xc0000185 at offset 0x20896fd000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x208970a000 for 0x1000 bytes.
Windows replaced bad clusters in file 71586
of name \Users\Sandy\AppData\Local\MICROS~1\Windows\WebCache\WEBCAC~1.DAT.
Read failure with status 0xc0000185 at offset 0x207bde9000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdf7000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdf8000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdf9000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfa000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfa000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfb000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfb000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfc000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfc000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfd000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfd000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfe000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfe000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdff000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdff000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be00000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be00000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be01000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be01000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be02000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be02000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be03000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be03000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be04000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be04000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be05000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be05000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be06000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be06000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be07000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be07000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be08000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be08000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be09000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be09000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0a000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0a000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0b000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0b000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0c000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0c000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0d000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0d000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0e000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0e000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0f000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0f000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be10000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be10000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be11000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be11000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be12000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be12000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be13000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be13000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be14000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be14000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be15000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be15000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be16000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be16000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be17000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be17000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be18000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be18000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be19000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be19000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1a000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1a000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1b000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1b000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1c000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1c000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1d000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1d000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1e000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1e000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1f000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1f000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be20000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be20000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be21000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be21000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be22000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be22000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be23000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be23000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be24000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be24000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be25000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be25000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be26000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be26000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be27000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be27000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be28000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be28000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be29000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be29000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2a000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2a000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2b000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2b000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2c000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2c000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2d000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2d000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2e000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2e000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2f000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2f000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be30000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be30000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be31000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be31000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be32000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be32000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be33000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be33000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be34000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be34000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be35000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be35000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be36000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be36000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be37000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be37000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be38000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be38000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be39000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be39000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3a000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3a000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3b000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3b000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3c000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3c000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3d000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3d000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3e000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3e000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3f000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3f000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be40000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be40000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be41000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be41000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be42000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be42000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be43000 for 0x10000 bytes.
Read failure with status 0xc00000b5 at offset 0x207be43000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be44000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be44000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be45000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be45000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be46000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be46000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be47000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be47000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be48000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be48000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be49000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be49000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4a000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4a000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4b000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4b000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4c000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4c000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4d000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4d000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4e000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4e000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4f000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4f000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be50000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be50000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be51000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be51000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be52000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be52000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be53000 for 0x10000 byte
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
<EventID Qualifiers="16384">1001</EventID>
<Version>0</Version>
<Level>4</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-04-06T18:06:31.000000000Z" />
<EventRecordID>247106</EventRecordID>
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>Application</Channel>
<Computer>Sandy-PC</Computer>
<Security />
</System>
<EventData>
<Data>

Checking file system on C:
The type of the file system is NTFS.
Volume label is OS.

A disk check has been scheduled.
Windows will now check the disk.

CHKDSK is verifying files (stage 1 of 5)...
Cleaning up instance tags for file 0x12e55.
Cleaning up instance tags for file 0x170b3.
Cleaning up instance tags for file 0x170bd.
Cleaning up instance tags for file 0x170c7.
350720 file records processed.

File verification completed.
1812 large file records processed.

0 bad file records processed.

0 EA records processed.

143 reparse records processed.

CHKDSK is verifying indexes (stage 2 of 5)...
442562 index entries processed.

Index verification completed.
0 unindexed files scanned.

0 unindexed files recovered.

CHKDSK is verifying security descriptors (stage 3 of 5)...
350720 file SDs/SIDs processed.

Cleaning up 1381 unused index entries from index $SII of file 0x9.
Cleaning up 1381 unused index entries from index $SDH of file 0x9.
Cleaning up 1381 unused security descriptors.
Security descriptor verification completed.
45922 data files processed.

CHKDSK is verifying Usn Journal...
36082704 USN bytes processed.

Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
Read failure with status 0xc0000185 at offset 0x20896fd000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x208970a000 for 0x1000 bytes.
Windows replaced bad clusters in file 71586
of name \Users\Sandy\AppData\Local\MICROS~1\Windows\WebCache\WEBCAC~1.DAT.
Read failure with status 0xc0000185 at offset 0x207bde9000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdf7000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdf8000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdf9000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfa000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfa000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfb000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfb000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfc000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfc000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfd000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfd000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfe000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdfe000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdff000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207bdff000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be00000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be00000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be01000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be01000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be02000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be02000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be03000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be03000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be04000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be04000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be05000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be05000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be06000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be06000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be07000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be07000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be08000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be08000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be09000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be09000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0a000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0a000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0b000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0b000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0c000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0c000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0d000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0d000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0e000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0e000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0f000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be0f000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be10000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be10000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be11000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be11000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be12000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be12000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be13000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be13000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be14000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be14000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be15000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be15000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be16000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be16000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be17000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be17000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be18000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be18000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be19000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be19000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1a000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1a000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1b000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1b000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1c000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1c000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1d000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1d000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1e000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1e000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1f000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be1f000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be20000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be20000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be21000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be21000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be22000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be22000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be23000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be23000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be24000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be24000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be25000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be25000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be26000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be26000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be27000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be27000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be28000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be28000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be29000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be29000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2a000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2a000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2b000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2b000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2c000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2c000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2d000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2d000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2e000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2e000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2f000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be2f000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be30000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be30000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be31000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be31000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be32000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be32000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be33000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be33000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be34000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be34000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be35000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be35000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be36000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be36000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be37000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be37000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be38000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be38000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be39000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be39000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3a000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3a000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3b000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3b000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3c000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3c000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3d000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3d000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3e000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3e000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3f000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be3f000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be40000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be40000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be41000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be41000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be42000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be42000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be43000 for 0x10000 bytes.
Read failure with status 0xc00000b5 at offset 0x207be43000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be44000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be44000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be45000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be45000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be46000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be46000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be47000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be47000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be48000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be48000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be49000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be49000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4a000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4a000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4b000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4b000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4c000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4c000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4d000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4d000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4e000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4e000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4f000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be4f000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be50000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be50000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be51000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be51000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be52000 for 0x10000 bytes.
Read failure with status 0xc0000185 at offset 0x207be52000 for 0x1000 bytes.
Read failure with status 0xc0000185 at offset 0x207be53000 for 0x10000 byte</Data>
</EventData>
</Event>

I have backed up everything that I can from my system. Please advise and thanks.
Looking forward to your response.
 

TwinHeadedEagle

Removal Expert
MalwareTips Team
Verified
Joined
Mar 8, 2013
Messages
22,397
Operating System
Windows 10
Antivirus
ESET
#13
Yes, there is a definitely a problem with your hard drive and you'll need to replace it.
 
Joined
Dec 30, 2014
Messages
13
#14
Expletive! OK and thank you. As before, appreciate help and will send you a digital six-pack. Hope not to talk with you anytime soon but my digital world is pretty poor at this time so never know.

Take care,
Sandy
 

TwinHeadedEagle

Removal Expert
MalwareTips Team
Verified
Joined
Mar 8, 2013
Messages
22,397
Operating System
Windows 10
Antivirus
ESET
#15
You're more than welcome :)


Since there are no more problems, we can declare this PC clean


Now, we can proceed with post-cleanup procedures. Let's remove my tools and create a new, non infected restore point concurrently deleting old ones.


Step 1. - Creation of system restore point and tools removal.


Download DelFix by Xplode and save it to your desktop.
  • Run the tool by right click on the
    icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run and wait until the tool completes his work.
  • All tools we used should be gone. Tool will create an report for you (C:\DelFix.txt). I don't need it for review.
Tool deletes old system restore points and creates a fresh system restore point after cleaning.


Step 2. - Tips and tricks to keep your computer clean, safe and in a good shape.


Security tips - highly recommended reading:

Maintenance tips:

Additional software that I personally use and install on all my clients devices:

  • Zemana AntiMalware (paid version highly recommended) - to work as a supplement for your antivirus but with excellent remediation
  • Malwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
  • McShield - to prevent infections spread by removable media.
  • Unchecky - to prevent from installing additional foistware, implemented in legitimate installations.
  • CryptoPrevent - tool for protection against Cryptolocker and similar ransomware infections.
  • Adblock - to surf the web without annoying ads!
  • Qualys BrowserCheck - cloud service that scans your browsers and plugins to see if they’re all up-to-date.


My help is free for everybody.
If you're happy with the help provided and/or wish to show your appreciaton, please consider a donation:

Thank you!​



Stay safe,
TwinHeadedEagle :)