Learn to use Windows File Protection - part 1

Windows File Protection (WFP) is a service that constantly monitors

protected system files in a Windows 2000/XP or Windows Server 2003

environment. If an application or user inadvertently attempts to replace

a protected system file, WFP is activated to prevent it from occurring.

WFP captures the attempt and then looks inside of its cache of protected

system files to find the approved version of the file.

WFP protects all .sys, .exe, .dll, and .ocx files that ship with Windows

2000/XP or are upgraded as part of a system update and/or service pack

released by Microsoft. The protected file will be replaced by the file

stored in the DLLCache folder, CD-ROM, or a network share.

To take control of the WFP service, you can run the System File Checker

(sfc.exe) utility. The SFC utility is part of the Windows 2000/XP and

Server 2003 platform and must be used in conjunction with the Windows

File Protection service. This command line utility allows you to scan

your system files, update your protected system files, and update the

DLLCache folder.

For example, to force a scan, you can run the following command:

sfc.exe /scannow

This will cause SFC to scan all of your files immediately and prompt you

to update any files that it finds that do not match the ones that SFC

expects to find.

If you want SFC to scan the system every time you reboot, then you would

use the following command:

sfc.exe /scanboot

Now SFC will run every time you reboot your machine. If you don

From CIO: 8 Free Online Courses to Grow Your Tech Skills
Join the discussion
Be the first to comment on this article. Our Commenting Policies