TechSpot



 

 

Windows File Protection guide

Using & Customizing WFP

Windows File Protection operation can be customized in several ways with the simplest way of modifying the options being through the Group Policy Editor. Click on Start, Run, type in gpedit.msc & hit the Ok button. Expand Computer Configuration, Administrative Templates, System & select the Windows File Protection folder.

To change the properties for each available setting double click on it & select the Setting tab.

Set Windows File Protection scanning. This option may be useful to the more paranoid system administrators out there. Selecting Enabled & setting this to Scan during startup will set WFP to scan protected files during system startup & replace them as required. This will prolong startup time however so for regular users you should just select Do not scan during startup instead for fastest startup time. Neither of these options will affect how WFP operates once the OS is loaded however. See also the sfc /scanonce, sfc /scanboot & sfc /revert or sfc /enable commands.

Hide the file scan progress window. Setting this to Enabled will disable the display of the progress meter for WFP, as displayed when running, say sfc /scannow. Personally I’d recommend this set to Disabled.

Limit Windows File Protection cache size. By default WFP will store a large amount of protected system files (Depending on hard drive space) in the dllcache folder. While this makes replacing protected files easy, it also can take up an excessive amount of hard drive space given the amount of files cached. By default there is no limit on the size of the dllcache. To set a maximum size for this folder select Enabled & enter in a value in MB for the dllcache & thus can help ensure that it doesn’t grow too large. 100MB would be a decent size for those with smaller hard drives, though if space allows you should try larger values (200-300MB) so as to save on potentially having to re-insert the Windows 2000/XP CD if a file required isn’t in the dllcache folder. For optimal operating performance of WFP though set this to Not Configured (To allow it to cache files at will). See also the sfc /cachesize=x command.

Specify Windows File Protection cache location. Should you wish to change the default directory where the dllcache folder resides set this to Enabled & in the Cache file path field enter in the desired directory you wish to use instead. By default this will be %SystemRoot%\system32, which will place the dllcache folder in a location such as C:\Windows\system32\dllcache. This might be useful for those with multiple Hard Drives as it could be used to place the dllcache on the least used Hard drive. Set this to Not Configured should you wish to use the default directory.

To further customize WFP operation, click on Start, (All Programs) Programs, Accessories then Command Prompt. Commands available are as follows (Some are OS specific as noted however);

sfc /scannow. This command will immediately initiate WFP to scan all protected files to verify their integrity, replacing any files which are an incorrect version (You may be prompted for your CD during this process).

sfc /scanonce. This command sets WFP to scan all protected files when you reboot your system, similar to the previous option this requires your installation media, e.g. CD, be available.

sfc /scanboot. This works basically same as sfc /scanonce, though rather than only running the next time you boot the system this will run it everytime you boot up. This would be a more useful option for system administrators & the like, should you wish to ensure less experienced users on your network do something they really shouldn’t have done.

Both of these last options can also be set via the registry, which you may prefer;

1.       Click on Start, Run type in regedit & hit Enter.

2.       Open the following registry key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon].

3.       In the right hand pane, Modify/Add a New DWORD Value Right click entitled SFCScan.

4.       In the Value Data field, entering a Decimal value of 0 to enable normal operation of WFP (Default). A Decimal value of 1 sets WFP scan all protected system files everytime the system is booted, while a Decimal value of 2 sets WFP to scan all protected system files the next time you boot the system.

5.       Reboot for any changes to take effect.

sfc /cancel. In Windows 2000, this command immediately cancels all pending scans of protected system files. This has no effect in Windows XP.

sfc /quiet. In Windows 2000 this sets WFP to replace any incorrect system files detected with the appropriate version from the dllcache without any user notification. This has no effect in Windows XP.

sfc /purgecache. This empties the contents of the dllcache folder, in Windows 2000 WFP will also begin scanning all protected files after this deletion is complete.

sfc /cachesize=x. By default WFP will store a large amount of protected system files (Depending on hard drive space) in the dllcache folder. While this makes replacing protected files easy, it also can take up an excessive amount of hard drive space given the amount of files cached. By default there is no limit on the size of the dllcache. Replacing x with a value (in MB) sets the maximum allowable size of the dllcache folder & thus can help ensure that it doesn’t grow too large. 100MB would be a decent size for those with smaller hard drives, though if space allows you should try larger values (200-300MB) so as to save on potentially having to re-insert the Windows 2000/XP CD if a file required isn’t in the dllcache folder.

sfc /revert or sfc /enable. Both of these commands reset WFP to the default mode of operation – with sfc /revert to be used in Windows XP & sfc /enable in Windows 2000.

 



Go to next page !

 

Get weekly updates on new
articles, news and contests
in your mail!




-

  TechSpot  The PC Enthusiast Resource    |    News    |    Reviews    |    Guides    |    Product Finder    |    Downloads    |    Drivers    |    Forums    |    Archive    |    RSS Feeds


  Copyright © 1998-2013 TechSpot.com. TechSpot is a registered trademark. All Rights Reserved.

Advertising | About TechSpot