logo
Write
whoabuddy

Mar 278 min read

When in Doubt, chkdsk!

After years of working with Windows computers, this phrase has become a mantra of mine, and one of the few examples I can think of where a program has literally caused no harm in my experience. This is very impressive since I started using it with Windows 2000 and things have changed a lot since then!

The more and more I use Linux I have not had to work with chkdsk for quite a while, but I have been through some tried and true situations with it: fixing partitions after cloning an image from a failing hard drive, repairing errors after power failure during Windows updates, and reallocating data from bad blocks to bring a computer back into operation.

When used right it is very powerful, but I had a situation recently that reminded me to have faith in that mantra: when in doubt, chkdsk!

TL;DR: A laptop has issues with browser hangups and generic slow-downs. Review shows HDD is healthy and no malware, so scheduled chkdsk and it ran for 4 hours (lots to fix), resulting in a corrupted Google Chrome profile. The answer to fix it? Run chkdsk again!

Walking Through the Process

Where it Began

I had a client approach me with some run of the mill issues: laptop is running slow, some lag when typing (but seems to be isolated to Facebook), and overall things felt a bit glitchy. While the details of this story often vary, I use a unified approach to discover the problem:

The reasoning behind using the last two tools rests in the reality that computers commonly get turned off while still in the middle of doing something. There are power outages, accidental power strip switch flips, locked-up unresponsive screens, and laptop charging cords that edge out just enough that the laptop dies to name a few.

Most of the time that is perfectly fine, but sometimes it causes damage to the file system where all the information is stored. Think of it like having a filing cabinet with an index, if the index were to become out of date, it wouldn't match up with the information in the filing cabinet and vice versa.

This is where chkdsk really shines as a utility - it is the equivalent of updating the indexes and filing cabinet so that everything matches again. Follow that up with the system file checker that fixes/restores any corrupted Windows system files, and things are like brand new again!

What Happened This Time

In this case the results of the process above were promising, but they didn't answer the questions about slow performance.

  • The hard drive was healthy and showed no signs of failure. There were no reallocated sectors, and everything was actually in great condition.

  • FRST found remnants of a SearchEncrypt infection but nothing was active, and we identified one Chrome extension no longer in use (and removed it).

  • The computer had adequate disk space (35% in use), there were no potentially unwanted programs installed, and the Internet speed tests were stable at ~10-15mbps.

At this point, the laptop is healthy, and it seemed that removing the unused extension might help with the slow-downs. From there, I couldn't recommend much more so we opted to try chkdsk.

I am so very grateful that this client was patient and trusting for what ensued. This was our very first interaction!

The First Time Around

Since the client was about to head out an run some errands, we decided to get things started right away using the steps below.

  1. Open cmd with admin rights

  2. Type chkdsk /r c: and press Enter

  3. When asked to schedule it for restart, type y then press Enter

  4. Reboot the computer and chkdsk will start

Since this can be a lengthy procedure, I'd like to share a few notes and observations about chkdsk from my experience over the years.

  • chkdsk has five stages, and stages 4 and 5 typically take the longest

  • if the percentage value is off, chkdsk is likely fixing something (and oddly enough, it likes to get stuck at 10% a lot)

  • if it looks like chkdsk isn't moving at all, try pressing enter once or twice, or just be patient

  • If it still looks like chkdsk isn't moving, be more patient!

  • If you have to interrupt it for some emergency reason, hold the power button and hope you get lucky. Since we are talking about active disk operations to repair the file system, you may end up running chkdsk again to fix the problems you create or damage the file system even further. The longest I've let it successfully run and finish is just over 48hrs.

Four hours later the client returns and I receive a text message that makes my heart drop.

Jason, Please give me a call. All my Chrome data is missing.

This particular client uses Google Chrome to post their social media content across various outlets for their business, so this just became A-1 priority in my book. After connecting remotely, I can see that Google Chrome shows an error that the profile is corrupt, so now it's back to the logs.

Sure enough, chkdsk encountered a corrupted directory that just happened to be the Google Chrome profile folder. There are a lot of other items fixed as well in the log, so we definitely had the right idea to start with chkdsk but now what do we do about the corrupt Google Chrome profile?

It is typical to see file system corruption laptops for two reasons: a mechanical hard drive and vibrations, bumps or falls, and from powering off the system in the middle of writing to the disk as mentioned earlier. This can be during windows updates, during operation (especially if the battery dies), on accident, or on purpose holding down the button.

Over time this makes the file system dirty, which is why chkdsk is around in the first place. This time it was different, though, this time I cannot access a directory that was working before. Time to get to the bottom of this.

The Deeper Analysis

Looking at the folder, the properties showed a size of 0 bytes and when opening it a message was displayed: The File or Directory Is Corrupted and Unreadable.

I checked and modified the permissions on the folder and even tried accessing it from the command-line, nothing seems to be working. We take a step back and I checked for places to restore from, learning there were no backups on the client's system (which is a whole different issue, I recommend Backblaze!)

With nowhere to pull a backup copy of the folder from, and no way to fix the corruption reported in the log from inside the OS, the only answer was to run chkdsk again. By this time it's already 11pm, and both the client and I are a little nervous about this decision. Will it work?

We restarted with a prayer, chkdsk begins, and I try to get some rest while keeping the phone nearby. I randomly awake to test messages about the progress and send inquiries of my own. There is a nervous tension in the air that slowly passes with time.

10:00pm Start chkdsk /b with a restart
10:30pm Stage 1/2/3 moving fast
10:45pm Stage 4 at 25%
11:00pm Stage 4 at 35%
11:30pm Stage 4 at 80%
(did we fall asleep in-between? hard to tell!)
02:00am Phone rings - chkdsk is complete

A quick review shows that the Google Chrome profile opens like a normal folder with contents, and Google Chrome the application opens and runs like there was no problem in the first place. All is well with the world.

The Cleanup / The Closeout

We spent another one and half hours on the phone checking on things, talking about what happened, and ended with good feelings and a positive attitude about moving forward.

This was a great reminder that chkdsk really does it job, so when in doubt, chkdsk!

Update: This occurred on 2020/03/12, and as of today (2020/03/27) the client reported multiple times that the laptop is running faster than ever.

Share this story

Powered by Logo Sigle