Digg
del.icio.us
Newsvine
Facebook
Google
LinkedIn
MySpace
Reddit
Slashdot
StumbleUpon
Technorati
Twitter
Windows Live
YahooBuzz
FriendFeedEnumerate WFP Files
Introduction
Microsoft has added a file protection feature starting from Windows 2000, and is termed as WFP. WFP stands for Windows File Protection. Right now, the applicable operating systems that use/follow WFP are the Windows Server 2003 family, Windows XP, Windows 2000, and Windows ME.
WFP prevents accidental or malicious deletion/replacement of files that are part of the Windows OS. If it detects the modification/removal of files, it does the following:
- Copies the original version from the System32\dllcache folder. This contains all necessary files in compressed form; they are put here at the time of the OS installation.
- If that fails, it copies from the original installation folder. As with the previous method, it is also done silently; if the source is found on a local drive, Windows CD or Network—from wherever you installed Windows.
- If both fail, Windows prompts the user to provide the source from where it can copy the replaced/deleted file.
You also can manually check by running a SFC.EXE program with the /SCANNOW parameter. SFC stands for System File Checker.
Here, I am not dealing with the extensive details for WFP, setting the Cache-size of 'dllcache', disabling this feature, and all that. Please look at the links provided below.
Enumerating the Protected Files
The only functions that deal with WFP are:
- SfcIsFileProtected determines whether the given files are protected.
- The essential ingredient for you is the SfcGetNextProtectedFile function. By using this function, you can get the list for all files that are under WFP.
Sample code to get the list of WFP files
PROTECTED_FILE_DATA pfd; // It has only two members, shown in
// this code snippet.
pfd.FileNumber = 0; // Start enumerating;
// SfcGetNextProtectedFile will
// increment further
while(SfcGetNextProtectedFile(NULL, &pfd))
{
// Sample usage; FileName holds the full path
CString str=pfd.FileName;
pCombo->AddString(str);
}
Dependencies
- Header: SFC.H
- Library: SFC.LIB
- You need to install the Platform SDK for SFC support.
Application Features
Grounded with the function and its easy usage, it is trivial to enumerate all the protected files. So, I extended my article to show addition details:
- Shows the files in the list control with three columns: Filename, Path (without filename), and its size (KB).
- Facilitates the user to get the list of only DLL, EXE, SYS, or Other files (excluding the former three types).
- Shows up the total files(n), as per filtering chosen by user, along with missing files(m). Note tha m+n is NOT the total number of files, but n-m is number of files that are found sucessfully.
- Shows the size, time-stamp, and attributes of the currently selected file.
- Allows user to run scanning of WFP files. To do this, I just started processing "SFC.EXE" with the "/SCANNOW" parameter.
The Wrapper Class
Here is the CEnumWFPWrapper class declaration that wraps SFC functionality:
// SfcGetNextProtectedFile wrapper class.
class CEnumWFPWrapper
{
protected:
PROTECTED_FILE_DATA m_pfd;
bool m_bDone;
CString m_strFullPath;
public:
CEnumWFPWrapper();
void FindFirst();
void FindNext();
CString GetPathOnly(bool bCaps = false) const;
CString GetFullPath(bool bCaps = false) const;
CString GetFileName(bool bCaps = true) const;
CString GetExtension(bool bCaps = true) const;
bool GetSizeKB(float &fSize) const;
bool IsComplete() const;
private:
bool m_bFindFirstCalled;
};
The usage of this class is simple. Just declare an object of this type, call the FindFirst method, and then enumerate the list of all WFP files by using FindNext. You will be testing whether enumeration is complete by IsComplete.
There are methods such as GetFullPath and GetSizeKB that return the attributes of current scanned files. Note that SfcGetNextProtectedFile will return the filename irrespective of its presence on the system.
Comments
Ultra Vapor
Posted by leskunurnarly on 05/02/2013 02:22pmThere may be a completely new creation that everyone who smokes ought to learn about. It can be known as the ecigarette, often known as a smokeless cigarette or [url=http://pic-n-save.com/mr~mid-261137~Vapor-Ultra.aspx ]cheap disposable electronic cigarette [/url] , and it really is switching the legal landscape for cigarette people who smoke throughout the planet. The patented Electric cigarette provides to proficiently simulate the encounter of cigarette smoking an true cigarette, with out any from the health or lawful problems encompassing conventional cigarettes. Whilst Electric cigarettes glimpse, come to feel and taste similar to conventional cigarettes, they functionality quite otherwise. The thing is, e-cigarettes never basically burn up any tobacco, but somewhat, once you inhale from an e-cigarette, you activate a "flow censor" which releases a water vapor containing nicotine, propylene glycol, and also a scent that simulates the flavour of tobacco. All of which only means that e cigarettes help you get your nicotine resolve even though avoiding all of the cancer causing brokers discovered in standard cigarettes this kind of as tar, glue, many additives, and hydrocarbons. Also to currently being more healthy than regular cigarettes, and perhaps most of all of all, will be the fact that e-cigs are completely lawful. For the reason that E-cigs will not entail tobacco, you can legally smoke them anyplace that standard cigarettes are prohibited like as bars, dining places, the get the job done position, even on airplanes. Furthermore, e-cigarettes allow you to smoke without having fears of inflicting hurt on other people because of to horrible 2nd hand smoke. The refillable cartridges come in a large number of flavors as well as nicotine strengths. You can get frequent, menthol, even apple and strawberry flavored cartridges and nicotine strengths can be found in extensive, medium, gentle, and none. Though e cigarettes are technically a "smoking alternative" alternatively than the usual cigarette smoking cessation unit, the selection of nicotine strengths gives some obvious potential as an assist while in the types attempts to quit smoking cigarettes and looks being proving common in that marketplace. The nice point about e-cigs as apposed to say, nicotine patches, is that e-cigarettes produce the identical tactile sensation and oral fixation that smokers desire, when enjoyable kinds tobacco cravings as well. If you get a drag from n electric cigarette you truly come to feel the your lungs fill by using a warm tobacco flavored smoke and if you exhale the smoke billows away from your lungs just like normal smoking, having said that, as brought up, that smoke is in fact a significantly healthier water vapor that promptly evaporates and thus doesn't offend everyone from the rapid vicinity. Although e-cigs are actually close to for some time in numerous incarnations, it's been modern improvements while in the technological innovation and also at any time raising limitations against cigarette smoking that have propelled the e-cigarette right into a new found recognition. When you are keen on a healthier different to using tobacco, or in the event you simply just desire to have the freedom to smoke where ever and any time you'd like, an e-cigarette may be the answer you have been looking for.
ReplySexy Police Romper Bedroom Costume
Posted by Fishnetrz1036 on 03/29/2013 09:35amhttp://discountsexylingerie.webs.com - Sexy Lingerie saleSome companies can refuse to take the item back because the return period is expired?Foxy Lady Boutique http://sexystockings.webs.com - Fishnet BodystockingTherefore, you should choose a wholesale lingerie dress as per your body type and size and the style that suits your personality A pajama set might not sound too sexy, but if it is silky, and buttons up the front, it can make your woman feel very sexy, especially if she is a plus size (size 18 or larger) http://sexycostumesa.webs.com - Sexy Nurse LingerieCorsets and Bustiers: a history of lingerieAs recently as the 1830's, the corset was thought of as a medical necessityThere are a bunch of dreamgirl lingerie retailers in the net http://discounteroticlingerie.webs.com - Sexy Lingerie storeAs the name implies, Three Wishes is an online dreamgirl lingerie retailer who aims at giving all the lingerie wishes of a purchaser, from sexy costumes to sexy lingerie down to all the basics of lingerie One reason for offering the wholesale on lingerie is definitely promotion of the lingerie store http://discountsexylingerie.webs.com - Sexy Lingerie store2 If you get a black gown as a gift, it’s not only formal, but looks elegant and sexy
Replycheap oakleys
Posted by mgliliImpumpsqx on 03/28/2013 09:09pmhttp://sunglasswholesaleofgucci.webs.com - cheap sunglasses online cheap ray ban http://qualityguccisunglass.webs.com - cheap ray ban sunglasses oakley sunglasses cheap http://sunglasspomoteauthentic.webs.com - cheap wayfarer sunglasses discount oakley sunglasses http://qualityguccisunglass.webs.com - cheap ray ban discount ray ban http://sunglassdicountsaleu.webs.com - cheap oakleys sunglasses cheap oakleys for sale
Replyfake oakleys sunglasses
Posted by ngliliImpumpubh on 03/28/2013 09:09pmhttp://sunglasspomoteauthentic.webs.com - ray ban sunglasses cheap cheap ray ban sunglasses http://sunglasswholesaleofgucci.webs.com - oakleys for cheap discount sunglasses http://fakeGucciwayfarer.webs.com - fake ray ban discount sunglasses http://discountsunglassesfinewebs.com - discount sunglasses wholesale oakley sunglasses http://sunglassdicountsaleu.webs.com - ray ban wayfarer cheap sunglasses wholesale
Replywayfarer sunglasses cheap
Posted by zgliliImpumpzgh on 03/28/2013 08:41pmhttp://discountsunglasseshoo.webs.com - discount ray ban cheap sunglasses http://wholesalesunglassescool.webs.com - wholesale sunglasses fake ray ban http://akeoakleysunglasses.webs.com - fake oakleys discount ray ban http://cheapsunglassesshop.webs.com - cheap oakley discount ray ban http://discountsunglassessale.webs.com - discount ray ban fake ray ban wayfarer
Replyugg boots ghzfmn
Posted by Suttonpdu on 02/20/2013 10:22amcheap ugg boots sale avbxzyhi cheap ugg boots uk gpeswmwr cheap ugg boots tjqlhqfc cheap uggs sdgjdgwe ugg boots sale uk yrtrwxlf ugg boots sale ogtfpkgd ugg boots uk okblgshx ugg boots ixjgaulk ugg sale mhexfnjv
Replyghd australia yvuykm
Posted by Suttonzxi on 02/07/2013 01:07pm7wXfj ugg jFsc mNpb nike shox sko 9jFoq toms outlet 6eMoz hollister outlet uk 5bFqv ugg 7aEqp longchamp 3rZyr louis vuitton outlet 0mJmn michael kors outlet 5tQmc christian louboutin 9uRfu Joe Montana Jersey 8eEzd 6oDwj 5lHsj ghd 7nWra ugg sale
Replyugg boots kmwzin http://www.cheapfashionshoesas.com/
Posted by Mandyzod on 01/27/2013 09:19am9oAqb nike online store lApe Michael Kors outlet uGbj ugg boots 2pMxl monster beats headphones 4bLbj Cheap nfl jerseys 3qOln uggs australia 5qHre burberry handbags 0cXih longchamp uk 5jQuo cheap nike free run 5qRnz ugg boots sale 1sBhx dr dre headphones 6wWbv ugg espa?a 0nSyc GHD Australia 2kWzh 9rEtr
Replyugg boots lweked http://www.cheapfashionshoesas.com/
Posted by Suttonsnj on 01/27/2013 09:17am5zFgh nike outlet eBiz Michael Kors outlet zVlu ugg boots 3pRpb monster beats 9iXdb Cheap nfl jerseys 0hXbc uggs sko 1oIts burberry outlet 7wDdb longchamp 0mRbb cheap nike free run 5vVhe ugg boots uk 4sXnl monster beats 9lDjv ugg 1aAlp GHD Hair Straightener 7hMow 3qOna
Replyghd australia xirpjt http://www.cheapfashionshoesas.com/
Posted by Suttonjjt on 01/26/2013 09:26pm0tSir bottes ugg nUif yEhj nike shox dame 2jZkl cheap toms 2zGrt burberry usa 4oJpj chaussures ugg 6sPdy longchamp pas cher 8cIfr louis vuitton outlet 0zPei Michael Kors 4tCuv christian louboutin norge 6qVas cheap ugg boots 3zHaw cheap nfl jerseys 0bBfg 9pUro lisseur ghd pas cher 7jQlp ugg boots
ReplyLoading, Please Wait ...