Andrew Hart
New member
- Local time
- 2:54 PM
- Messages
- 28
In the past I've always used System File Checker ("SFC" - in this form, at an elevated Command Prompt, C:\Windows\System32>sfc /scannow) before making, and immediately after restoring, any system image backup of my C: drive using the ShadowProtect program. Reason: to ensure that there were no corrupt system files contained in the backup or created during the restore process.
My system is Win7 x64 Ultimate and Office 2010 (32-bit) with all the latest Win/Office updates EXCEPT Win7 Updates pertaining to checking your system for compatability for an upgrade to Win10 and Office updates relating to Office programs which are simply not installed on my system, such as Visio. These updates have been excluded and deliberating hidden so that they are not reoffered in subsequent Winsows/Office updates, at least with the same KB number.
As you will be aware, when SFC is working properly, and it finds no corrupt system files, it reports that there were "no integrity violations". However, when corrupt system files are found, it reports in one of two ways: either that "Windows Resource Protection found corrupt files and successfully repaired them" or that "Windows Resource Protection found corrupt files but was unable to fix some of them". In both cases you are referred to the CBS.Log file for details of the corrupt files. That file is exceedingly lengthy and difficult to decipher and, additionally, the procedure provided by Windows technical support for replacing the bad files once you have located them is both tedious and convoluted. It is far simpler just to replace a faulty backup with an earlier good backup, and this has been my practice in the past, although one I have only ever had to follow twice previously.
Lately, SFC has been misbehaving, and I suspect that it may itself be corrupt. Win7 currently seems to be working perfectly at its usual speed and all my application programs, including all components of Office 2010 Business Edition (Word, Excel, Outlook, OneNote and PowerPoint) are also functioning properly. Yet if I invoke SFC it NOW ALWAYS reports that it has found corrupt files. The first time you run it, SFC reports corrupts files, either with successful repair but equally sometimes with an inability to fix some of them. If you run SFC a second time, either immediately after the first time or even several hours later, it reports the opposite finding. Running SFC a third time reverts to the first finding, and so on and so on. Thus: found & fixed, next time found and not fixed, next time found and fixed, next time found and not fixed, etcetera etcetera. This behaviour is consistent whether or not I am also running other programs simultaneously with SFC or just SFC on its own and whether or not I have disabled my sole virus checker, ESET Smart Security.
The Windows\System32 folder contains 3 files which appear to relate to SFC, namely sfc.exe, sfc.dll and sfc_os.dll, and I have thought about replacing these with copies from a (previously successfully restored) backup. However, the Windows OS will not allow me to move them, rename them or delete them even if I am logged in as The Administrator rather than as an ordinary user albeit with administrator privileges. The OS message delivered is that I need permission from the "TrustedInstaller" to perform any of these actions. So that prevents me from replacing them with copies extracted from an earlier backup.
So my request for assistance comes down to 4 questions:
1. Do you think that I'm on the right track in suspecting that SFC is itself corrupt and its relevant files need replacing?
2. If so, have I located the correct files to be replaced?
3. Short of booting into another operating system and from there deleting and replacing the files, is there a simpler way of achieving this exercise?
4. Can anyone suggest another reason behind, and a way of fixing, the current aberrant behaviour of SFC?
My system is Win7 x64 Ultimate and Office 2010 (32-bit) with all the latest Win/Office updates EXCEPT Win7 Updates pertaining to checking your system for compatability for an upgrade to Win10 and Office updates relating to Office programs which are simply not installed on my system, such as Visio. These updates have been excluded and deliberating hidden so that they are not reoffered in subsequent Winsows/Office updates, at least with the same KB number.
As you will be aware, when SFC is working properly, and it finds no corrupt system files, it reports that there were "no integrity violations". However, when corrupt system files are found, it reports in one of two ways: either that "Windows Resource Protection found corrupt files and successfully repaired them" or that "Windows Resource Protection found corrupt files but was unable to fix some of them". In both cases you are referred to the CBS.Log file for details of the corrupt files. That file is exceedingly lengthy and difficult to decipher and, additionally, the procedure provided by Windows technical support for replacing the bad files once you have located them is both tedious and convoluted. It is far simpler just to replace a faulty backup with an earlier good backup, and this has been my practice in the past, although one I have only ever had to follow twice previously.
Lately, SFC has been misbehaving, and I suspect that it may itself be corrupt. Win7 currently seems to be working perfectly at its usual speed and all my application programs, including all components of Office 2010 Business Edition (Word, Excel, Outlook, OneNote and PowerPoint) are also functioning properly. Yet if I invoke SFC it NOW ALWAYS reports that it has found corrupt files. The first time you run it, SFC reports corrupts files, either with successful repair but equally sometimes with an inability to fix some of them. If you run SFC a second time, either immediately after the first time or even several hours later, it reports the opposite finding. Running SFC a third time reverts to the first finding, and so on and so on. Thus: found & fixed, next time found and not fixed, next time found and fixed, next time found and not fixed, etcetera etcetera. This behaviour is consistent whether or not I am also running other programs simultaneously with SFC or just SFC on its own and whether or not I have disabled my sole virus checker, ESET Smart Security.
The Windows\System32 folder contains 3 files which appear to relate to SFC, namely sfc.exe, sfc.dll and sfc_os.dll, and I have thought about replacing these with copies from a (previously successfully restored) backup. However, the Windows OS will not allow me to move them, rename them or delete them even if I am logged in as The Administrator rather than as an ordinary user albeit with administrator privileges. The OS message delivered is that I need permission from the "TrustedInstaller" to perform any of these actions. So that prevents me from replacing them with copies extracted from an earlier backup.
So my request for assistance comes down to 4 questions:
1. Do you think that I'm on the right track in suspecting that SFC is itself corrupt and its relevant files need replacing?
2. If so, have I located the correct files to be replaced?
3. Short of booting into another operating system and from there deleting and replacing the files, is there a simpler way of achieving this exercise?
4. Can anyone suggest another reason behind, and a way of fixing, the current aberrant behaviour of SFC?
My Computer
- Computer type
- PC/Desktop
- Computer Manufacturer/Model Number
- Custom build
- OS
- Windows 7 Ultimate x64
- CPU
- Intel Core i5
- Motherboard
- Asus P7P55D-E PRO
- Memory
- 8 GB
- Graphics Card(s)
- Gigabyte 840 MB Ram
- Hard Drives
- 5 x 1 terabyte Samsung
- Antivirus
- ESET Smart Security
- Browser
- Firefox
