The Full Wiki

More info on System File Checker

System File Checker: Wikis


Note: Many of our articles have direct quotes from sources you can cite, within the Wikipedia article! This article doesn't yet, but we're working on it! See more info or our list of citable articles.


From Wikipedia, the free encyclopedia

System File Checker
Developer(s) Microsoft
Operating system Microsoft Windows
Type Security software
License MS-EULA
Website Microsoft SFC Documentation

System File Checker is a utility in Microsoft Windows that allows users to scan for and restore corruptions in Windows system files. This utility is available on Windows 98, Windows 2000, Windows XP, and Windows Server 2003. Windows Vista, although in the Windows NT family of operating systems, scans files using Windows Resource Protection.

In Windows Vista and Windows 7, System File Checker is integrated with Windows Resource Protection, which protects registry keys and folders as well as critical system files. Under Windows Vista, sfc.exe can be used to check specific folder paths, including the Windows folder and the boot folder.

Windows File Protection works by registering for notification of file changes in Winlogon. If any changes are detected to a protected system file, the modified file is restored from a cached copy located in a compressed folder at %WinDir%\System32\dllcache. Windows Resource Protection works by setting discretionary access control lists (DACLs) and access control lists (ACLs) defined for protected resources. Permission for full access to modify WRP-protected resources is restricted to the processes using the Windows Modules Installer service (TrustedInstaller.exe). Administrators no longer have full rights to system files.



Due to problems with Windows applications being able to overwrite system files in Windows 95, Microsoft has since implemented a number of security measures to protect system files from malicious attacks, corruptions, or problems such as DLL hell.

SFC on Windows 98

System File Checker was first introduced on Windows 98 as a GUI utility. It offered scanning and restoration of corrupted system files by matching the version number against a database containing the original version number of the files in a fresh Windows 98 installation. This method of file protection was basic. It determined system files by file extension and file path. It was able to restore files from the installation media or a source specified by the user. Windows 98 did not offer real-time system file protection beyond file attributes; therefore, no preventive or reactive measure was available.

All Windows NT-based operating systems since Windows 2000 introduced real-time file protection, called Windows File Protection (WFP).[1]

In addition, the System File Checker utility (sfc.exe) was reimplemented as a more robust command-line utility that integrated with Windows File Protection. Unlike the Windows 98 SFC utility, the new utility forces a scan of protected system files using Windows File Protection and allows the immediate silent restoration of system files from the DLLCache folder or installation media.

In Windows Me, System File Checker was replaced with System File Protection (SFP).[2] Similar to Windows File Protection, System File Protection offered real-time protection. The stand-alone SFC utility was removed and not available on Windows Me.[3]


Older versions of System File Checker are known to override patches distributed by Microsoft. This problem has since been rectified in the newer version of System File Checker.[4]


In Windows NT-based operating systems, System File Checker can be invoked, using a command prompt, with the following command:

sfc /scannow

If it finds a problem, it will attempt to replace the problematic files from the DLL Cache (%WinDir%\System32\Dllcache\). If the file is not in the DLL Cache or the DLL Cache is corrupted, the user will be prompted to insert the Windows installation media or provide the network installation path. In Windows Vista and onwards, files are protected using Access control lists (ACLs), however the above command has not changed.

System File Checker in Windows Vista and later Windows operating systems can scan specific individual files. Also, scans can be performed against an offline Windows installation folder to replace corrupt files, in case the Windows installation is not bootable. For performing offline scans, System File Checker must be run from another working installation of Windows Vista or a later operating system or from the Windows setup DVD which gives access to the Windows Recovery Environment.


External links



Got something to say? Make a comment.
Your name
Your email address