Jeff said:
Hmm. Does that mean sfc replaces any system files obtained through
Windows Update with old files from the original install? If that is the
case, I assume that the next time WU is run, all those old system files
are replaced by the updated files.
As the old files may not work correctly or at all - with newer programs
(or with other changes made to Windows by updates), does that not mean
that, as a matter of course, directly after running sfc WU should be run?
It's hard to find good descriptions of all the mechanisms.
According to this, Windows Update installs in the system folder and the DLLCache.
And the DLLCache is what SFC uses for files not on the original installation media.
Which doesn't sound like a very "strong" mechanism (wouldn't be able
to fix a corruption problem on the hard drive). I see nothing here, about
"going to Windows Update and getting fresh copies". I think you're being too
logical and analytical when thinking that way. What you're proposing,
sounds like a proper solution.
http://www.updatexp.com/scannow-sfc.html
What Microsoft has done, is like painting a house, without scraping off loose
paint first. If you slop on enough paint, for the first day it looks pretty
good. And then the paint starts to peel...
On this Windows 7 system, a user had a problem where SFC could not repair
all files. And the log shows it was attempting to use a copy from winsxs
as a replacement. Which is more or less like the WinXP algorithm, of going
to DLLCache for a copy.
http://www.techsupportforum.com/forums/f217/sfc-found-corrupt-files-but-cant-fix-them-519818.html
So the main strength of SFC seems to be, "checking the hash" or checksum
of the file, and realizing it has changed. If a file with the correct
hash is available locally (HDD folder or installation DVD folder), then
SFC replaces it. Otherwise, a lame entry is printed in the log file,
and then, it is the user's problem to fix.
Perhaps the reason it isn't done logically, is Microsoft is trying to
prevent hackers from turning one of their servers, into a "download server"
for serving fresh copies of the OS. Imagine, someone figures out the protocol
to a Microsoft server, and the protocol says "give me a file with hash 0x12345678".
And the hackers run a hash for the entire C: folder, then write a script which
asks for each file in succession (gigabytes worth of them). Then, it would be
possible to "clone" a working C: drive, by distributing a simple script
that abuses the "SFC Microsoft server". So if Microsoft were to offer a
server based repair solution in their SFC program, perhaps it could be
abused. Otherwise, what you propose (Windows Update repairing stuff)
would have made sense.
Paul
