How to replace shell32.dll ?


Recommended Posts

OK I got aqua shell32.dll, and I tried replacing the original shell32.dll by booting into recovery console and replacing the original shell32.dll. But once I reboot everything is the same. When I check the shell32.dll is the original shell32.dll.

I guess somehow when I reboot, the system checks for the original shell32.dll, and if it is different it replaces it with the original.

Any sugestion on how I can install my custom shell32.dll?

Thx

Link to comment
https://www.neowin.net/forum/topic/16187-how-to-replace-shell32dll/
Share on other sites

this is how i do it, i've tried several ways, this is the easiest to me. first, make sure you back the file up. second, delete the file in your windowssystem32dllcache folder, otherwise it'll just overwrite the one you put in. next, go back to system32, find the file, rename it to shell32.dll.bak. wait a sec, a little window should pop up, hit cancel if it asks you to put in your XP cd, hit yes when it asks if you want to keep these unrecognized versions. then drag in the new shell32.dll. wait a sec, a little window should pop up, hit cancel if it asks you to put in your XP cd, hit yes when it asks if you want to keep these unrecognized versions. then just kill explorer.exe, and run it, or log off/on, or restart.

cheers,

joe

hmm, you may want to try doing it through MS DOS, get an extra disk and install MS DOS on it and boot to it.

if that doesn't work you're going to need to get rid of WFP, Windows File Protection.. I remember reading up on how to get rid of it somewhere but I don't remember where. Check www.tweakxp.com and see if it'll tell you there if not search on google.

Microsoft actually provide a way to replace in-use files, with a handy utility, inuse.exe, available free from their site, forWinNT/2k/XP. (There is a different method for win9x/me involving wininit.ini).

http://www.microsoft.com/technet/treeview/...side/6-7-99.asp

Newsbreak! The INUSE Utility is Here

It points to a kb article :-

How to Replace Currently Locked Files with Inuse.exe (Q228930)

which provides examples of it's use. You can download inuse.exe here

All this does (and the program that ChaNinja mentioned) is to modify a simple reg key, PendingFileRenameOperations, with the new filename and the old filename details, so when windows next reboots, the operations are performed and then this key is deleted.

Some more information on this reg key, are available here:- MV.exe (from Windows NT/2k/XP Resource Kit)

Brochaos's way is the way I do it, no command prompt or anything. Make sure you delete it from dll cache

Then rename the original in system32

"Windows file protection" will pop up (if it hasn't you've done something wrong already)

Click cancel then yes

put the modified one in system32

"Windows file protection" will pop up again

Click cancel then yes

Now restart.

Hey Dazzla,

Windows File Protection never pops up.

I also try renaming the file but after ten seconds, the original file is back.

I also tried disbaling the WFP in the registry and still the same problem.

I found the dllcache directory in C:WINDOWSLastGoodSystem32

Is that the corect one?

I deleted everything in it and try to replace shell32.dll and it still didnt let me do that. I also try renaming the shell32.dll in shell32.bak, and then I copied the custom shell32.dll into the system32 folder, but after ten second my custom file was overwriten by the original file. It was done automaticly.

Damn, how the hell can I do this.....

F***in microsoft.

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Posts

    • It has the same switch to allow whitelisting or not as the regular AdBlock extension.
    • These 20 crypto phishing applications are scamming Play Store users by Hamid Ganji Google Play Store is the main venue for Android users to download applications. While Google has strict rules and policies for verifying apps, some malicious apps somehow slip through anyway. Meanwhile, when it comes to crypto wallet apps, both Google app auditors and Play Store users need to be even more cautious. Cyble Research and Intelligence Labs has identified at least 20 crypto phishing applications on the Google Play Store that impersonate legitimate and popular crypto wallet apps and try to steal users' crypto credentials. By impersonation, these malicious apps trick users into downloading them and then start to capture the user's actual login data. "What makes this campaign particularly dangerous is the use of seemingly legitimate applications, hosted under previously benign or compromised developer accounts, combined with a large-scale phishing infrastructure linked to over 50 domains. This extends the campaign's reach and lowers the likelihood of immediate detection by traditional defenses." Cyble writes. Some of these malicious apps have the same name but come with a different package name. After removing duplicate names, here's the list of 9 newly discovered crypto phishing applications on the Play Store: Pancake Swap Suite Wallet Hyperliquid Raydium BullX Crypto OpenOcean Exchange Meteora Exchange SushiSwap Harvest Finance Blog According to Cyble, these apps prompt users to enter their 12-word mnemonic phrase to access the fake crypto wallet. Also, scammers use accounts that were previously used to distribute legitimate apps to minimize the risk of getting caught by Google. These accounts are more likely to be compromised and then taken over by scammers. If you've downloaded any of these fake crypto wallet apps from the Play Store, make sure to delete them as soon as possible. In 2024, revenue from crypto scams was estimated to be around $9.9 billion. This billion-dollar crypto scam business is expected to grow massively in 2025 thanks to AI.
    • Again...just because Microsoft never managed to be as successful as Google in that business that doesn't mean they are not exactly what Google is. An online advertising company. Edge's built in ad block in case you don't know whitelists their own advertising platform. According to Microsoft... Google ads and tracking bad, Microsoft ads and tracking good:)
  • Recent Achievements

    • Week One Done
      LunaFerret earned a badge
      Week One Done
    • Week One Done
      Ricky Chan earned a badge
      Week One Done
    • Week One Done
      maimutza earned a badge
      Week One Done
    • Week One Done
      abortretryfail earned a badge
      Week One Done
    • First Post
      Mr bot earned a badge
      First Post
  • Popular Contributors

    1. 1
      +primortal
      483
    2. 2
      +FloatingFatMan
      264
    3. 3
      snowy owl
      239
    4. 4
      ATLien_0
      229
    5. 5
      Edouard
      179
  • Tell a friend

    Love Neowin? Tell a friend!