files arent removed after using cleanup.cmd

[SiMoNsAyS]

And I can't see why windows wants to protect screensavers as a vital system file.

yes, windows .scr files are protected. prove it deleting for example ssmarque.scr and see how it is restored seconds later.

and yes they are vital system files. why?? because if i'm a "bad mad ugly person with intentions to create a virus" i will choose to replace ssmarque.scr with my .scr file this will cause that my exe code can be run if this screensaver is activated.

if you want to delete system protected files you will need to replace the .dll change the registry setting, delete WFP files, replace dll with original and change again the registry setting or your system will be vulnerable.

[Solid as a rock]

And I can't see why windows wants to protect screensavers as a vital system file.

yes, windows .scr files are protected. prove it deleting for example ssmarque.scr and see how it is restored seconds later.

and yes they are vital system files. why?? because if i'm a "bad mad ugly person with intentions to create a virus" i will choose to replace ssmarque.scr with my .scr file this will cause that my exe code can be run if this screensaver is activated.

if you want to delete system protected files you will need to replace the .dll change the registry setting, delete WFP files, replace dll with original and change again the registry setting or your system will be vulnerable.

ok. i understand. thanks for explaining that.

how to do this best? i dont want ANY of these scr. the only i want are included on my cd. the 3dwindows scr and logon.scr and to keep my protect? why the SFCDisable=ffffff9d dont work anymore?

how to stop the protect during unattend and after this enable it again?

[Alanoll]

actually, if you use modified DLL, either one, if you reset the registry entry to it's default, WFP will be reenabled. There is no need to replace with the original. The only difference is in RaveRod's hack, the key is changed, in the nLite hack, it skips the portion that resets the key.

[Glowy]

and yes they are vital system files. why?? because if i'm a "bad mad ugly person with intentions to create a virus" i will choose to replace ssmarque.scr with my .scr file this will cause that my exe code can be run if this screensaver is activated.

Still I don't see the addition of extra security here... copy a random scr file in the dir modify the reg et voilà there you have it. no need to modify a scr.

deleting a scr will not result in programs not working, a dll or an ocx will.

[Solid as a rock]

and yes they are vital system files. why?? because if i'm a "bad mad ugly person with intentions to create a virus" i will choose to replace ssmarque.scr with my .scr file this will cause that my exe code can be run if this screensaver is activated.

Still I don't see the addition of extra security here... copy a random scr file in the dir modify the reg et voilà there you have it. no need to modify a scr.

deleting a scr will not result in programs not working, a dll or an ocx will.

the truth is bypassing the regkey is not enough for me? i cant remove the scr. you can. i cant. but ok. this is too difficult. why you + esp can and i cant remove them?

i have choose for nlite to strip them out. problem solved. no headache, no hacking this and that. no difficult.