Jump to content

My WFP "problem" fixed

fdv

By fdv
in HFSLIP

 Share

Recommended Posts

fdv

fdv

Posted
Posted

Recall that my last few filesets disabled WFP, and I was trying to figure out why, because I wanted it ON by default?

I found the answer. Oh boy... it was staring me in the face.

Two keys can shut off WFP.

By default these do NOT exist in a Windows install. I had added them to HIVESFT.

HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","SFCDllCacheDir",,"%SystemRoot%\System32\Dllcache"

HKLM,"SOFTWARE\Policies\Microsoft\Windows NT\Windows File Protection","SFCDllCacheDir",,"%SystemRoot%\System32\Dllcache"

If you want WFP shut off, just put invalid paths there, like so:

HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","SFCDllCacheDir",,"z:"

HKLM,"SOFTWARE\Policies\Microsoft\Windows NT\Windows File Protection","SFCDllCacheDir",,"z:"

No DLLs to hack. This shuts WFP off; it will generate an error message in the Windows log saying WFP cannot find a valid path. I don't know if it has to be done before install or if it can also be done after. I actually like WFP so I'm not going to bother finding out. But if you want to disable WFP without hacking DLLs, there you go.

Anyway, this flaw is fixed, as well as the Insert Your CD Now flaw.

Link to comment
Share on other sites

tommyp

tommyp

Posted
Posted

This is good news. Does this mean that if you add the code below to the registry after T-13 (or later) then the SFC will be on?

HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","SFCDllCacheDir",,"%SystemRoot%\System32\Dllcache"

HKLM,"SOFTWARE\Policies\Microsoft\Windows NT\Windows File Protection","SFCDllCacheDir",,"%SystemRoot%\System32\Dllcache"

Link to comment
Share on other sites
fdv

fdv

Posted
  • Author
Posted

Interestingly enough, these are optional keys!

One does not need to add them. Windows apparently "knows" the location of the dllcache anyway.

By including them and specifying them I am only giving users the option of changing the paths to Z.

As for T-13, SFC should be on at that point anyway, to answer the specific question you asked. So in all cases there is no -real- need to specify.

Trivia: apparently, a UNC path will not work in 2k but MS documentation says it will in XP. That functionality sure would be convenient for a group of users.

I'm purely curious, is this known about generally at all on other sites?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...