Do you know what this file is/does? when i search on google it also seems that dwup.inf is only related to windows 2000, is it usual to find it on an xp system? (as it is on the one i am currently investigating).
TA
TA,
Couple of things…
First off, a path would be useful…exactly where the file is located. Many files have a default or normal location, and may have a different effect (ie, none at all) if in another location.
Second, what are the contents of the file? *.inf files are usually flat ASCII text files, and therefore easily readable.
Hope this helps,
Harlan
The dwup file is located in c\WINDOWS\INF. However FTK reported 357 hits for "dwup" and 142 hits for "dwup.inf". The file in that directory is a flat ASCII file and is easily readable. However an "associate" of mine has informed me that
"Actions with DWUP files can compromise the security settings on a computer…You will need to check this out"
Has anyone heard that this is indeed the case? know how they can compromise the security settings? If this is false and i can say that DWUP files can't do this then that would be great.
Thanks very much for any help
dwup.inf is part of a security template.
MSDN
To configure a security setting, you need to add the Security Templates snap-in to the blank Microsoft Management Console, expand the template you want to use, open the various containers, and select the settings you want. Don't forget to save the template when you have completed your changes.
When the Security Templates console is opened, the default path (%systemroot%\security\templates) for security templates is exposed. When this path is expanded, multiple templates are displayed. Microsoft provides these templates as examples of different security levels you might want to apply. These templates can be modified, and additional templates are available from Microsoft and other vendors.
It was rolled out in SP4 of W2K but persists in XP (not sure about Vista, I will have to check when I have a Vista machine in front of me). I have it in the following locations on a clean XP SP2 install
C\WINDOWS\$NtServicePackUninstall$
C\WINDOWS\inf
C\WINDOWS\ServicePackFiles\i386
The first part of the file
; © Microsoft Corporation 1997-2000
;
; Security Configuration Template for Security Configuration Editor
;
; Template Name DWUp.INF
; Template Version 05.10.DK.0000
;
; Default Security Settings applied on Professional Upgrade
[Profile Description]
%SCEDWUpProfileDescription%
[version]
signature="$CHICAGO$"
revision=1
DriverVer=07/01/2001,5.1.2600.2180
[System Access]
LSAAnonymousNameLookup = 0
From EliteHackers
Beating down windows xp sp2 file protection
I was tweaking my windows and I felt the frustration caused by the file protection.
First I checked the "documentation" in help & support distributed with sp2, if you can call it documentation p
Windows File Protection "article" didn't teach me anything I didn't already know, so I started doing some research.
Windows File Protection checks the file's digital signature to determine if the new file is the correct Microsoft version, but it must know which files to check and which not right? So there must be a list of those files right? And of course there must be a copy of the "correct" file somewhere on the disk in order to replace the "bad" file.
The backup files are in %systemroot%\servicepackfiles and so are the files which contain the list of "oh so necessary windows to run" files. I have found few not very much commented *.inf files that contain that list of files.
Which one file protection actually uses, who knows. Anyways those files are
defltwk.inf
dwup.inf
layout.inf
These files are very much alike so its best to remove the line of the file you want to delete/replace from all of them. Also these files are sort of "linked" they all have a line of each other. defltwk.inf has dwup.inf and layout.inf and so on. Before you delete the file, make sure the same isn't running in background, then search for that file and make sure you see both files, one in %systemroot%\servicepackfiles and the other in %systemroot%\system32 select both of them and shift delete them. You'll never see that file again.
The dwup file is located in c\WINDOWS\INF. However FTK reported 357 hits for "dwup" and 142 hits for "dwup.inf". The file in that directory is a flat ASCII file and is easily readable. However an "associate" of mine has informed me that
"Actions with DWUP files can compromise the security settings on a computer…You will need to check this out"
Has anyone heard that this is indeed the case? know how they can compromise the security settings? If this is false and i can say that DWUP files can't do this then that would be great.
Thanks very much for any help
I'd recommend starting with your associate, and asking him/her what they meant.
I'd recommend starting with your associate, and asking him/her what they meant.
My associate is very dim. Dimmer than me lets put it that way wink
If that's the case, then why are you letting something he told you drive you post to the list, rather than researching it yourself?
The file you're asking about is capable of making security settings on your box, as mentioned. To see what these settings are, look at the file.
You're "associate" is partially correct, in that applying something like dwup.inf can potentially "un-set" security settings made by other policies.
HTH,
Harlan