Today I was trying to apply the updates to my Windows 7 desktop. The update labeled “Definition Update for Windows Defender – KB915597 (Definition 1.101.1291.0) kept failing in the update process.

There really wasn’t anything helpful in the error messages to help diagnose what was going on. All I had was a “Code 8007051A Windows Update encountered an unknown error”.

It turns out that the Windows Defender service was not running on my computer. I went to the control panel to open Windows Defender and upon clicking the icon received the message “application not found”. Weird…something’s obviously screwed up here. I suspect I may have messed up some paths when migrating all of my programs to a newly added D: drive and changing the registry around so that new programs will automatically install to my d:\program files directory.

The fix ended up being fairly simple:
1) Right click on the commmand prompt icon and select “Run as Administrator”.
2) At the command prompt type:

sfc /scannow

The output looked like this:

C:\Windows\system32>sfc /scannow

Beginning system scan.  This process will take some time.

Beginning verification phase of system scan.
Verification 100% complete.

Windows Resource Protection found corrupt files and successfully repaired
them. Details are included in the CBS.Log windir\Logs\CBS\CBS.log. For
example C:\Windows\Logs\CBS\CBS.log

After completing, Windows Defender sucessfully started and the definition update applied with no problems.

So what is this sfc command?
Sfc stands for “System File Checker”. Per this article,
Description of Windows XP and Windows Server 2003 System File Checker (Sfc.exe), SFC does the following:

System File Checker gives an administrator the ability to scan all protected files to verify their versions. If System File Checker discovers that a protected file has been overwritten, it retrieves the correct version of the file from the cache folder (%Systemroot%\System32\Dllcache) or the Windows installation source files, and then replaces the incorrect file. System File Checker also checks and repopulates the cache folder. You must be logged on as an administrator or as a member of the Administrators group to run System File Checker. If the cache folder becomes damaged or unusable, you can use the sfc /scannow, the sfc /scanonce, or the sfc /scanboot commands to repair its contents.

Specifically, the /scannow option does this:

/Scannow: Scans all protected system files immediately and replaces incorrect versions with correct Microsoft versions. This command may require access to the Windows installation source files.