dobbelina Posted May 1, 2009 Posted May 1, 2009 I've been running some reg/file snapshot utilities, in order to find out how XPlite disablesWFP "On the fly" (No restart neccesary) the way it does, but haven't been able to figure it out?What's most impressive/confusing is the fact that sfc_os.dll and the other sfc files aren't touched either.Simply replicating the added registry entries created by XPlite doesn't work.There's something else, BUT WHAT ? If there's a similar smaller utility that does this on SP3, preferrably one that can bescripted in command line, i would like to know about it.Not interested in ones that changes systemfiles, as i assume XPlite doesn't.Any suggestions ?
Noise Posted May 1, 2009 Posted May 1, 2009 Have you tried unregistering the DLL?regsvr32 /u sfc_os.dllNot sure if it will work, but it's worth a try.
dobbelina Posted May 1, 2009 Author Posted May 1, 2009 Have you tried unregistering the DLL?regsvr32 /u sfc_os.dllNot sure if it will work, but it's worth a try.If it were that simple i'd stumble on it while googling.
dobbelina Posted May 1, 2009 Author Posted May 1, 2009 (edited) I only had limited time today, but i did some quick work with Process Monitor.XPlite indeed query the sfc_os.dll a lot, but doesn't write/change it.Will do some more snooping tomorrow.Just found this little gem http://www.bitsum.com/wfpreplace.phpDon't know if it works on SP3... Edited May 1, 2009 by dobbelina
dobbelina Posted May 5, 2009 Author Posted May 5, 2009 http://www.bitsum.com/wfpreplace.phpConsider my problem solved, works wonders on sp3.
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now