sfc/scannow found corrupt files but could not delete/rectify them

[pgm67]

Hi just opened a new thread and as the header says above! i have done a scan file check with sfc/scannow from command line box, and came back with found some corrupted files but could not resolve some of them? also this is after i have had a couple of times blue screen crash dump error message?


Thank you!

 

[GokAy]

Hey, there is a known issue with a recent Windows Update (KB3022345), it causes an irrepairable corruption warning (which is a false report, the files are not corrupt in reality). If you have this update installed then do one of the following:
- Uninstall this update (it is Windows 10 preparation update)
or
- Run the fix from The Tech Cookbook – Windows 7 update (KB3022345) causing corrupt files

After the above, run another SFC /scannow. If you still get a corruption, attach it in your next post.

 

[pgm67]

X2 codes error messages from sfc/scannow

sfc/scannow log details for corrupted files could not repair!


Thank you

 

[GokAy]

Read my post above, those corrupt files look like the one from KB3022345. I guess you were typing when I posted.

Also, open a new thread in BSOD forums for your BSOD problem.

 

[pgm67]

worked

you are a star! sorted yes correct the download links and post sfc/scannow came back with no integrity violations. you are a little :devil:

Thank you

 

[DennisCPA]

sfc/scannow found corrupt files

This site is overall the best Win7 site: period. I do not post much but my system was "harmed" and I lost my respect/trust for MS related to their actions (as to Win 7) about May 9th 2015. What follows is directly from the MS site about KB3022345 and its evil twin KB3068708.

*************************************************************************************
The included service uses SSL (TCP Port 443) to download manifests and upload data to Microsoft
when data is available for upload. The service uses the following DNS endpoints:
•vortex-win.data.microsoft.com << These are 2 of the "Corrupted files"
•settings-win.data.microsoft.com
This update contains the following files that are occasionally updated by the Diagnostic Tracking Service:
•telemetry.ASM-WindowsDefault.json << These are 2 of the "Corrupted files"
•utc.app.json
The two files are marked as static files in the update. When an advanced user runs the
System File Checker Tool (sfc.exe), the files are unintentionally flagged as corrupted. There is no
impact or actual corruption on a device running this update, and a later service update will
resolve this issue.

(Anyone wonder why MS would let an "error" linger? = Distraction!! the real intrusion is elsewhere!)
*************************************************************************************
More significant:

Diagnostics Tracking Service
(which is: KB3022345 and its evil twin KB3068708)
What is Diagnostics Tracking Service which was installed from Windows - Microsoft Community​

When you acquire, install and use the Program ("KB3022345 and its evil twin KB3068708"), Microsoft collects information about you, your devices, applications and networks, and your use of those devices, applications and networks. Examples of data we collect include your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage. For example, when you:​

•install the Program, we may collect information about your device and applications
and use it for purposes such as determining or improving compatibility,
•use voice input features like speech-to-text, we may collect voice information and
use it for purposes such as improving speech processing,
•open a file, we may collect information about the file, the application used to open
the file, and how long it takes and use it for purposes such as improving performance, or
•enter text, we may collect typed characters and use them for purposes such as improving auto complete and spell check features.

Bottom-line MS was data mining our personal data and sending the information to their servers.

It is true that the update was technically Optional. Therefore, MS's dripping response to a blogger was - essentially, you did it to yourself.

To fix:
Control Panel > Program and Features > View Installed Updates > type KB3022345 in the search bar> (when found) Uninstall. But you are not done yet! as MS reissued as KB3068708.

Thus, also uninstall KB3068708! Either/both will cause SFC /SCANNOW to report the files corrupt.

When both KB's are removed SFC will verify all files as OK again!

But it is not over!
After removal from Control Panel,
1) Executables remain "diagtrackrunner.exe" in multiple system directories Cannot be deleted!
2) Services remain as:
Diagnostic Service Host Manual Stopped
Diagnostic System Host Manual Started
Diagnostic Policy Service Automatic Started

In short, uninstall KB3022345 AND KB3068708 and the corruption notice goes away, but the heart is still beating in your system.

 

[glnz]

DennisCPA - any updates on "diagtrackrunner.exe" ?

By the way, on my Win 7 Pro 64-bit, it was found in only one place. But I've uninstalled the two KBs. Thanks.

 

[glnz]

DennisCPA - thanks for your very helpful posts, here and elsewhere.

Something interesting: From your posts and others', I uninstalled many of the offending KBs and disabled your two services and finally got clean sfc /scannows, but found I still had diagtrackrunner.exe ONCE ONLY in my c:/ drive.

By mistake I tried to run it, but it didn't run and gave me the (happy) error message that it can't run because diagtrack.dll is missing. Good!

Now, I didn't delete diagtrack.dll and don't know why it's missing, but maybe everyone should delete diagtrack.dll, to stop diagtrackrunner.exe from running.

Worth a try?

 

[chownIT]

DennisCPA - thanks for your very helpful posts, here and elsewhere.

Something interesting: From your posts and others', I uninstalled many of the offending KBs and disabled your two services and finally got clean sfc /scannows, but found I still had diagtrackrunner.exe ONCE ONLY in my c:/ drive.

By mistake I tried to run it, but it didn't run and gave me the (happy) error message that it can't run because diagtrack.dll is missing. Good!

Now, I didn't delete diagtrack.dll and don't know why it's missing, but maybe everyone should delete diagtrack.dll, to stop diagtrackrunner.exe from running.

Worth a try?

You can remove diagtrackrunner.exe. I just did it. I'm not telling you that your system will or won't run OK afterwards but you own the file system. You can remove whatever you want without too much effort. This is what I did.

1) Run cmd.exe as an administrator
2) Run in command prompt: "takeown /F c:\windows\system32\compattel\diagtrackrunner.exe /A" (this gives the Administrator group ownership of the file)
3) In Explorer GUI right click, Properties, Security tab, Edit and add Full Control for Administrators
4) Delete the file or run in command prompt: "del c:\windows\system32\compattel\diagtrackrunner.exe"


You can do the same thing to remove the whole CompatTel directory. Just set the /F [directory name] and use /R /A so that it will recurse. Then change permissions to inherit all the way down and [GASP] downgrade your permissions in a folder that you want to delete.