0

I am trying to replace shell32.dll on Windows 7 to customize some icons (I know the risks, this question isn't about that).

Attempts so far:

1. I am using Windows 7 Home Premium, which does not come with Group Policy Editor, so I added it using this method and it works. Then I followed this guide to disable Windows File Protection.

I booted up in safe mode with command prompt. With "Do not preserve zone information in file attachments" enabled from the Group Policy Editor, I ran a copy command and said overwrite shell32.dll in the system 32 folder with my customized shell32.dll, but access was denied. I thought that disabling zone info would stop WFP and allow me to overwrite but it didn't work.

2. Note that I have tried disabling WFP from registry by going to HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ Winlogon as explained here but for some reason SFCDisable wasn't there at all.

3. Also note that I have taken ownership and given myself full admin permissions over shell32.dll and it still won't let me overwrite, I think this is WFP being super protective and blocking my overwrite attempts.

4. I have made slight progress, by running elevated cmd.exe as an administrator I was not denied access to shell32.dll, however I could not overwrite it as it was in use. I ran tasklist /m to see which processes were using shell32.dll, and surprisingly none of them were using it. It seems that shell32.dll was not in use at all however I was still unable to overwrite it as windows kept telling me it was in use.

5. Strangely I was allowed to rename shell32.dll in system 32 to something else and then copy in my customized shell32.dll (as a work around to overwriting), but it seems as if windows automatically replaced my custom dll with the original version - I opened it up with Resource Hacker immediately after copying into system 32 and found that all the icons I changed had reverted back. The renamed original was also still there beside my copy.

6. Amazingly, even booting from linux on a USB to delete shell32.dll and copy in my own custom version didn't work. I suspect windows detected the change while booting up afterwards and again restored the original shell32.dll.

Latest idea:

Can I replace shell32.dll in system32 and also replace it wherever windows keeps its restore backups?

Community
  • 1
user3800036
  • 13

3 Answers3

0

Go to "C:\Windows\System32", right click on shell32 click prpoerties, and click the "Security" tab. Click advanced and change permissions to full control for Admin. By default it is TrustedInstaller, you will want to add yourself to the list of people that can edit shell32. After that is done you will be able to overwrite shell32.

The reason is by default everything in C:\Windows is blocked, Microsoft decided to block overwriting to prevent noobs from messing up their PC.

Kirill2485
  • 1,067
0

If you're not successful in trying the things you have mentioned so far, you could use a Linux Live CD or USB stick to boot a different OS in order to be able to overwrite that file. I don't know if you are familiar with Linux or not, but it is very useful to get access to files blocked by the original OS or to rescue files from an unstable or damaged OS.

Trond Børge Krokli
  • 1
0

You could also try to access your hard disk externally using a linux live cd or usb distribution (i.e. ubuntu, wifislax, even hiren's boot cd). This method allows your computer to boot directly from a cd or usb stick creating a temporary virtual hard disk on your RAM memory. This way, you can acccess your hard disk and your files without any restriction because the operating system is not using it to work. Maybe I would recommend trying the Hiren's boot cd. You can download it for free in the official site and it's pretty easy to use

user355510
  • 1