System File Checker

0
45

Hi everyone.

I would like to provide a simple tool for utilizing the power in the System File Checker.
This topic may be appropriate for several forums, but my intention is to provide this as a
anti-malware tool, and a way to increase the security and integrity of a system.

This is my first post, so go gentle on me :notanangel:For those who are unfamiliar with this tool, it is called SFC.exe and is integrated in Windows,
located in both “%SystemRoot%system32” and “%SystemRoot%sysWOW64”.

Running this program from an elevated command prompt (cmd), you can repair protected system files in a flash,
you may not even be aware of corrupted or malware-replaced files.

I have seen sfc.exe find corrupted system files after a clean Windows install, and it can also happen
when the vast majority of updates are applied in the beginning.
That means your system could have errors that lowers the security, or at least makes your system unstable
over time, from day 1. If you have a oldish computer, chances are your system files is compromised…

So
I have composed a Batch-file that have these advantages:
 1: Provokes UAC and asks for administrator-rights by itself – click yes on the secure desktop
 2: Just right-click and choose paste when your Win-directory shows up, and SFC starts automatically!

The “readme” is included in the batch-file if there is a problem with repairing.
I can not attach my file, so you’ll have to copy ALL of the following text into Notepad, and save it as “SFC.bat”:
(You may want to disable word-wrap under “format” option before you paste and save the text)
(Verify that the double :: is in front of every remark in the ReadMe part before you save to avoid errors)

::  ReadMe Start
::
:: If the tool System File Checker is unable to repair a file, do the following:
::
:: At a elevated command prompt, write the following and press ENTER:
::
::    takeown /f Path_and_filename
::    EXAMPLE: takeown /f E:windowssystem32jscript.dll.
::
:: Write the following command and press ENTER to give administrators full access to the file:
::
::    icacls Path_and_filename /GRANT ADMINISTRATORS:F
::    EXAMPLE: icacls E:windowssystem32jscript.dll /grant administrators:F.
::
:: Enter the following command to replace the file with a copy of the file that works:
::
::    Copy Path_and_filename_of_sourcefile Path_and_filename_of_target
::    EXAMPLE: copy E:tempjscript.dll E:windowssystem32jscript.dll.
::________________________________________________________________________________________________________
::
:: Use the System File Checker (sfc.exe) to determine which file is causing the issue. Replace the file. To do this, follow these steps:
::
:: Open an elevated command prompt. Click Start, point to All Programs, click Accessories, right-click Command Prompt,
:: and then click Run as administrator. If you are prompted for an administrator password or confirmation, type the password, or click Allow.
:: Type the following command, and then press ENTER:
::
::    Sfc.exe /scannow
::    Command sfc.exe /scannow will search all protected system files and replaces incorrect versions with correct Microsoft versions.
::
:: Do the following to determine which files could not be repaired by the System File Checker:
::
:: Open an elevated command prompt.
:: Type the following command, and then press ENTER:
::
:: Findstr /C:”[SR] Cannot repair member file” %windir%logscbscbs.log >sfcdetails.txt
::
::   PS! Sfcdetails.txt file contains information from every time the System File Checker was run on the computer.
::   The file contains information about files that were not repaired by the System File Checker.
::   Check the date and time to find problem files which was found the last time you ran the System File Checker.
::   Type the following command, and then press ENTER:
::
::      Edit sfcdetails.txt
::      Sfcdetails.txt file uses the following format:
::      Date/Time SFC detail

::
::  ReadMe End

:::::::::::::::::::::::::::::::::::::::::
:: Automatically check & get admin rights
:::::::::::::::::::::::::::::::::::::::::
@echo off
CLS
ECHO.
ECHO =============================
ECHO Running Admin shell
ECHO =============================

:checkPrivileges
NET FILE 1>NUL 2>NUL
if ‘%errorlevel%( goto gotPrivileges ) else ( goto getPrivileges )

:getPrivileges
if ‘%1’==’ELEV'(shift & goto gotPrivileges)
ECHO.
ECHO **************************************
ECHO Invoking UAC for Privilege Escalation
ECHO **************************************

setlocal DisableDelayedExpansion
set “batchPath=%~0”
setlocal EnableDelayedExpansion
ECHO Set UAC = CreateObject^(“Shell.Application”^)”%temp%OEgetPrivileges.vbs”
“%temp%OEgetPrivileges.vbs”
exit /B

:gotPrivileges
::::::::::::::::::::::::::::
:START
::::::::::::::::::::::::::::
setlocal & pushd “%SystemRoot%”

::CODE HERE:

pause
echo sfc.exe /scannow>>%temp%sfcpaste.txt
clip <%temp%sfcpaste.txt
echo.
echo Copied SFC command to clipboard!
echo.
pause
del %temp%sfcpaste.txt

ECHO.
ECHO ========================================================
ECHO Right-click inside this window and choose “Paste” or…
ECHO Write “sfc.exe /scannow”:
ECHO ========================================================
ECHO.
cmd /k

That’s it.
I hope others find this as useful as I do :rolleyes:
The admin script is useful for other things as well,
but for that it should go under programming.

 

LEAVE A REPLY

Please enter your comment!
Please enter your name here