Executar uma varredura com o SFC (verificador de arquivos do sistema) produz entradas no arquivo CBS.log.
sfc /scannow
A Microsoft recomenda a execução do comando findstr (find string) com a opção c que pesquisa a string especificada no arquivo de log. O resultado é enviado para um novo arquivo na área de trabalho dos usuários atuais.
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log
Agora, isso é o que eu tenho.
2013-06-13 18:50:15, Info CSI 00000006 [SR] Verifying 100 (0x0000000000000064) components
2013-06-13 18:50:15, Info CSI 00000007 [SR] Beginning Verify and Repair transaction
2013-06-13 18:50:17, Info CSI 00000009 [SR] Verify complete
ROWS THAT I SKIPPED (NO CORRUPTED FILES)
2013-06-13 18:53:43, Info CSI 000000d1 [SR] Verifying 100 (0x0000000000000064) components
2013-06-13 18:53:43, Info CSI 000000d2 [SR] Beginning Verify and Repair transaction
2013-06-13 18:53:47, Info CSI 000000d4 [SR] Verify complete
2013-06-13 18:53:47, Info CSI 000000d5 [SR] Verifying 100 (0x0000000000000064) components
2013-06-13 18:53:47, Info CSI 000000d6 [SR] Beginning Verify and Repair transaction
2013-06-13 18:53:51, Info CSI 000000d8 [SR] Verify complete
ROWS THAT I SKIPPED (NO CORRUPTED FILES)
2013-06-13 18:58:25, Info CSI 0000016b [SR] Verifying 100 (0x0000000000000064) components
2013-06-13 18:58:25, Info CSI 0000016c [SR] Beginning Verify and Repair transaction
2013-06-13 18:58:35, Info CSI 0000016e [SR] Verify complete
2013-06-13 18:58:36, Info CSI 0000016f [SR] Verifying 100 (0x0000000000000064) components
2013-06-13 18:58:36, Info CSI 00000170 [SR] Beginning Verify and Repair transaction
2013-06-13 18:58:43, Info CSI 00000172 [SR] Verify complete
2013-06-13 18:58:44, Info CSI 00000173 [SR] Verifying 100 (0x0000000000000064) components
2013-06-13 18:58:44, Info CSI 00000174 [SR] Beginning Verify and Repair transaction
2013-06-13 18:58:50, Info CSI 00000176 [SR] Repairing corrupted file [ml:520{260},l:58{29}]"\??\C:\Windows\System32\sv-SE"\[l:20{10}]"secpol.msc" from store
2013-06-13 18:58:51, Info CSI 00000179 [SR] Verify complete
2013-06-13 18:58:52, Info CSI 0000017a [SR] Verifying 100 (0x0000000000000064) components
2013-06-13 18:58:52, Info CSI 0000017b [SR] Beginning Verify and Repair transaction
2013-06-13 18:59:07, Info CSI 0000017d [SR] Verify complete
ROWS THAT I SKIPPED (NO CORRUPTED FILES)
2013-06-13 19:00:38, Info CSI 000001a8 [SR] Verifying 100 (0x0000000000000064) components
2013-06-13 19:00:38, Info CSI 000001a9 [SR] Beginning Verify and Repair transaction
2013-06-13 19:00:44, Info CSI 000001ae [SR] Verify complete
2013-06-13 19:00:45, Info CSI 000001af [SR] Verifying 100 (0x0000000000000064) components
2013-06-13 19:00:45, Info CSI 000001b0 [SR] Beginning Verify and Repair transaction
2013-06-13 19:00:50, Info CSI 000001b2 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-06-13 19:00:50, Info CSI 000001b4 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-06-13 19:00:51, Info CSI 000001b8 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-06-13 19:00:51, Info CSI 000001ba [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-06-13 19:00:53, Info CSI 000001bf [SR] Verify complete
2013-06-13 19:00:53, Info CSI 000001c0 [SR] Verifying 100 (0x0000000000000064) components
2013-06-13 19:00:53, Info CSI 000001c1 [SR] Beginning Verify and Repair transaction
2013-06-13 19:01:01, Info CSI 000001c3 [SR] Verify complete
ROWS THAT I SKIPPED (NO CORRUPTED FILES)
2013-06-13 19:08:58, Info CSI 0000034d [SR] Verifying 100 (0x0000000000000064) components
2013-06-13 19:08:58, Info CSI 0000034e [SR] Beginning Verify and Repair transaction
2013-06-13 19:09:06, Info CSI 00000350 [SR] Verify complete
2013-06-13 19:09:06, Info CSI 00000351 [SR] Verifying 81 (0x0000000000000051) components
2013-06-13 19:09:06, Info CSI 00000352 [SR] Beginning Verify and Repair transaction
2013-06-13 19:09:10, Info CSI 00000354 [SR] Verify complete
2013-06-13 19:09:10, Info CSI 00000355 [SR] Repairing 3 components
2013-06-13 19:09:10, Info CSI 00000356 [SR] Beginning Verify and Repair transaction
2013-06-13 19:09:10, Info CSI 00000358 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-06-13 19:09:10, Info CSI 0000035a [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-06-13 19:09:10, Info CSI 0000035e [SR] Repairing corrupted file [ml:520{260},l:58{29}]"\??\C:\Windows\System32\sv-SE"\[l:20{10}]"secpol.msc" from store
2013-06-13 19:09:11, Info CSI 00000361 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-06-13 19:09:11, Info CSI 00000363 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-06-13 19:09:11, Info CSI 00000367 [SR] Repair complete
2013-06-13 19:09:11, Info CSI 00000368 [SR] Committing transaction
2013-06-13 19:09:11, Info CSI 00000369 [SR] Cannot commit interactively, there are boot critical components being repaired
2013-06-13 19:09:11, Info CSI 0000036a [SR] Repairing 3 components
2013-06-13 19:09:11, Info CSI 0000036b [SR] Beginning Verify and Repair transaction
2013-06-13 19:09:11, Info CSI 0000036d [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-06-13 19:09:11, Info CSI 0000036f [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-06-13 19:09:11, Info CSI 00000373 [SR] Repairing corrupted file [ml:520{260},l:58{29}]"\??\C:\Windows\System32\sv-SE"\[l:20{10}]"secpol.msc" from store
2013-06-13 19:09:11, Info CSI 00000376 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:42{21}]"Wdf01000Uninstall.mof" from store
2013-06-13 19:09:11, Info CSI 00000378 [SR] Repairing corrupted file [ml:58{29},l:56{28}]"\??\C:\Windows\system32\wbem"\[l:24{12}]"Wdf01000.mof" from store
2013-06-13 19:09:12, Info CSI 0000037c [SR] Repair complete
Como interpreto a seguinte linha:
Repairing corrupted file [ml:520{260},l:58{29}]"\??\C:\Windows\System32\sv-SE"\[l:20{10}]"secpol.msc" from store
O que é ml e o que é l indicando? Por que existem dois pontos de interrogação duplos antes do caminho de pesquisa? O que significa SR? O que é a "loja"?
Se você souber de um artigo do TechNet ou do MSDN ou alguma outra página da Web que solucione essa questão, poste um link.