One of Microsoft’s latest efforts to help
promote system stability is Windows File Protection (WFP),
as debuted in Windows 2000 & now featured in Windows XP. This guide
will take you through basic operation of WFP, how to use & configure
it for your system.
designates certain files as important system files, initially those which
are installed during the initial installation of the system, i.e. all
sys & tff
on the Windows 2000/XP CD & creates a backup of them in a dllcache
folder. After using your system for a while you’ll likely also discover
many other file types being protected in this way, e.g. ax, cpl, cpx,
fon, inf, ocx,
& tlb files. By default these are cached into the %SYSTEMROOT%\system32\dllcache
folder, where they will reside until WFP needs to restore a file with that
copy. As you’ve probably aware, the dllcache folder can get quite
large as a result, though later on in the guide I’ll show you how you
set the maximum dllcache size.
WFP works by detecting the
replacement/overwriting of these system files. WFP then scans the file in
question against catalog files it has & should the file not be the
correct version it will replace it with the cached version stored in the %SYSTEMROOT%\system32\dllcache
folder, or in cases where no cached version exists you may be prompted for
the Windows CD in order to restore the file with a supported version.
WFP has basically one use, it exists to
protect the Windows system files from being modified, whether accidentally
or otherwise. This is of far more importance if the system(s) in question
are accessible my multiple users. So obviously Network Administrators
should be rather pleased with this feature – No more will you need to
run around fixing machines due to someone installing/deleting something
they shouldn’t have. Speaking from some experiences at work you’d be
surprised what people are told to do with these email virus hoaxes that
are being sent around. WFP can easily & transparently replace the
system file (which commonly are the targets of such hoaxes) with the copy
stored in the dllcache.
the less experienced user, the same reasoning as above can be applied. WFP
is there to make sure you don’t accidentally or deliberately do
something to your system files that you shouldn’t.
again for the more minority power users WFP can be more of a pain, &
can be seen as just being an extra burden on both CPU & hard drive