Schedule SFC scan NOW!
Schedule SFC scan NOW!
With the recent (May 2014) occurrence of a significant Windows Internet Explorer bug, we are reminded of the potential for Windows OS intrusion and damage. No matter how proactive we become, cyber criminals will continue to pursue efforts to intrude, destroy, or disrupt system performance. Vigilance is important. Both scheduled and random reviews of the operating system must be elements of our vigilance.
In Windows 7 and Windows 8, Microsoft schedules Disk Defragmenter to launch at 1 AM every Wednesday morning. A sound practice that proactively addresses file access efficiency and therefore system performance.
My recommendation: create a weekly Task Scheduler task that runs the System File Checker (SFC) with the /scannow switch.
LexisNexis offers a detailed step by step process for creating scheduled command line Task Scheduler entries.
My goal in this blog is to emphasize the value and importance of scheduling the SFC /scannow operation, and preparing yourself for its use in response to suspected (or actual) damage to your Windows 7 or Windows 8 operating systems.
Microsoft introduced the Windows Image File (.wim) as a deployment, boot and OS management, and security component with Windows Vista. The Windows Automated Installation Kit (WAIK – Win 7) and Windows Assessment and Deployment Kit (ADK – Win 8) continue to evolve support and options available using the Image file.
Associated enhancements to SFC create one of the most powerful, proactive and reactive security tools embedded within both the Pre-Execution/Recovery and Operating System environments.
Running SFC with the scannow switch compares the files installed on the operating system with the files deployed with or added to the .wim file, incorporating the digital signature element of the .wim file that assures file integrity. And the /scannow switch automatically goes one step further, replacing any damaged/corrupted files on the system with clean files from the .wim set.
Did you get that? Without having to perform a full system analysis or restore, you can at least effect the recovery of critical system files in about 15 minutes so that you can boot to the OS for additional diagnostic or recovery efforts. I would recommend isolating any potentially corrupted system during recovery and diagnostic efforts. SFC is available and embedded in most of recovery environments for just this purpose.
We emphasize the use of the System File Checker in our Windows 7 and Windows 8 classes and I am continually amazed at how few students are aware of this tool. Several have offered subsequent feedback that SFC enabled them to recover systems or retrieve user data from a failing system when the only option prior to an understanding of SFC would have required re-imaging the system – and the associated full loss of data.
Give it a try on your system now. It won’t hurt, and might even repair a marginal issue of which you are unaware.
Launch a command prompt, running as administrator. (Don’t forget to launch the command line tool as an administrator, since SFC requires administrative rights to affect the repair.) Then type SFC /scannow at the command prompt. Depending on .wim file size and disk I/O rates, the scan and repair could take between 5 and 20 minutes.
Or take a look at the full range of SFC switches by typing SFC /?
You can also use the System File checker from the Windows 7 or Windows 8 recovery environments (using the command line interface). SFC is present, although not well documented as an available system tool. You may also use SFC from the Recovery/Repair environment found on the installation DVD, or from within a Pre-Execution boot disk created using the CopyPE tool found within the WAIK/ADK toolset. You might also want to check out other Windows PE environment command line Windows PE Tools and Settings.
If you use SFC from one of the aforementioned pre-boot environments, you will want to use the /Offbootdir and /Offwindir switches in order to repair the operating system files that would be ‘offline’ relative to boot image loaded in RAM. An example of the syntax follows:
SFC /SCANNOW /OFFBOOTDIR=C: /OFFWINDIR=C:WINDOWS
Juke Chou, Microsoft (MCC, MSFT CSG) also references the use of SFC to repair offline Windows installations, including the use of ImageX to extract and mount the install.wim file from the install DVD if you believe that the install.wim file on your system disk may also be corrupted. In his post, he references an article that points to a Windows Vista BSoD stop code suggesting installed system corruption. A component of the resolution identifies the use of the .wim image file on the install DVD and the use of imageX to extract/replace the .wim file before repair using the System File Checker (and an automated xml file).
Other than this article, I had to search extensively to find references to use of the System File Checker.
SFC is listed as a minor component of the Microsoft Diagnostic and Recovery Toolset (DaRT). Information about DaRT suggests other possibilities for incorporating SFC along with other tools into a recovery and repair process. DaRT is free, so you might want to acquire a copy of additional tools not found by default in the Windows Recovery Environment.
Help to share the potential of the System File Checker, a powerful system diagnostic and recovery tool. Please?
I look forward to sharing with many of you in the classroom or online.
Steven Fullmer
Interface Technical Training Staff Instructor
You May Also Like
ADK, automated repair, cybercrime, DaRT, Diagnostic and Recovery Tools, digital signature, file damage, integrity, intrusion, PE, Pre-execution, proactive security, Recovery, repair tool, scannow, SFC, System File Checker, system recovery, Task Scheduler, WAIK, WIM, Windows 7, Windows 8, Windows Assessment and Deployment Toolkit, Windows Automated Installation Kit, windows image file, Windows Vista
A Simple Introduction to Cisco CML2
0 3859 0Mark Jacob, Cisco Instructor, presents an introduction to Cisco Modeling Labs 2.0 or CML2.0, an upgrade to Cisco’s VIRL Personal Edition. Mark demonstrates Terminal Emulator access to console, as well as console access from within the CML2.0 product. Hello, I’m Mark Jacob, a Cisco Instructor and Network Instructor at Interface Technical Training. I’ve been using … Continue reading A Simple Introduction to Cisco CML2
Creating Dynamic DNS in Network Environments
0 629 1This content is from our CompTIA Network + Video Certification Training Course. Start training today! In this video, CompTIA Network + instructor Rick Trader teaches how to create Dynamic DNS zones in Network Environments. Video Transcription: Now that we’ve installed DNS, we’ve created our DNS zones, the next step is now, how do we produce those … Continue reading Creating Dynamic DNS in Network Environments
Encrypting a USB Flash Drive in Windows 10
1 451 3Hi, my name is Mike Danseglio. I’m an instructor here at Interface Technical Training. I want to talk a little bit about encrypting USB flash drives with Windows 10. The concept of protecting data when it’s on a USB flash drive is not a new concept. BitLocker 2-day instructor-led training is now available at Interface: … Continue reading Encrypting a USB Flash Drive in Windows 10
Pingback: Time to Recover – Rebuilding your Computer