I am trying to replace shell32.dll on Windows 7 to customize some icons (I know the risks, this question isn't about that).
Attempts so far:
1. I am using Windows 7 Home Premium, which does not come with Group Policy Editor, so I added it using this method and it works. Then I followed this guide to disable Windows File Protection.
I booted up in safe mode with command prompt. With "Do not preserve zone information in file attachments" enabled from the Group Policy Editor, I ran a copy command and said overwrite shell32.dll in the system 32 folder with my customized shell32.dll, but access was denied. I thought that disabling zone info would stop WFP and allow me to overwrite but it didn't work.
2. Note that I have tried disabling WFP from registry by going to HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ Winlogon as explained here but for some reason SFCDisable wasn't there at all.
3. Also note that I have taken ownership and given myself full admin permissions over shell32.dll and it still won't let me overwrite, I think this is WFP being super protective and blocking my overwrite attempts.
4. I have made slight progress, by running elevated cmd.exe as an administrator I was not denied access to shell32.dll, however I could not overwrite it as it was in use. I ran tasklist /m to see which processes were using shell32.dll, and surprisingly none of them were using it. It seems that shell32.dll was not in use at all however I was still unable to overwrite it as windows kept telling me it was in use.
5. Strangely I was allowed to rename shell32.dll in system 32 to something else and then copy in my customized shell32.dll (as a work around to overwriting), but it seems as if windows automatically replaced my custom dll with the original version - I opened it up with Resource Hacker immediately after copying into system 32 and found that all the icons I changed had reverted back. The renamed original was also still there beside my copy.
6. Amazingly, even booting from linux on a USB to delete shell32.dll and copy in my own custom version didn't work. I suspect windows detected the change while booting up afterwards and again restored the original shell32.dll.
Latest idea:
Can I replace shell32.dll in system32 and also replace it wherever windows keeps its restore backups?