Windows File Protection guide

One of Microsoft’s latest efforts to help promote system stability is Windows File Protection (WFP), as debuted in Windows 2000 & now featured in Windows XP. This guide will take you through basic operation of WFP, how to use & configure it for your system.


How It Works

WFP designates certain files as important system files, initially those which are installed during the initial installation of the system, i.e. all dll, exe, fon, ocx, sys & tff on the Windows 2000/XP CD & creates a backup of them in a dllcache folder. After using your system for a while you’ll likely also discover many other file types being protected in this way, e.g. ax, cpl, cpx, dll, exe, fon, inf, ocx, rsp, sys, tff & tlb files. By default these are cached into the %SYSTEMROOT%\system32\dllcache folder, where they will reside until WFP needs to restore a file with that copy. As you’ve probably aware, the dllcache folder can get quite large as a result, though later on in the guide I’ll show you how you set the maximum dllcache size.

WFP works by detecting the replacement/overwriting of these system files. WFP then scans the file in question against catalog files it has & should the file not be the correct version it will replace it with the cached version stored in the %SYSTEMROOT%\system32\dllcache folder, or in cases where no cached version exists you may be prompted for the Windows CD in order to restore the file with a supported version.


WFP has basically one use, it exists to protect the Windows system files from being modified, whether accidentally or otherwise. This is of far more importance if the system(s) in question are accessible my multiple users. So obviously Network Administrators should be rather pleased with this feature – No more will you need to run around fixing machines due to someone installing/deleting something they shouldn’t have. Speaking from some experiences at work you’d be surprised what people are told to do with these email virus hoaxes that are being sent around. WFP can easily & transparently replace the system file (which commonly are the targets of such hoaxes) with the copy stored in the dllcache.

For the less experienced user, the same reasoning as above can be applied. WFP is there to make sure you don’t accidentally or deliberately do something to your system files that you shouldn’t.

Then again for the more minority power users WFP can be more of a pain, & can be seen as just being an extra burden on both CPU & hard drive space.


Go to next page !


Get weekly updates on new
articles, news and contests
in your mail!