Hi,

I am able to modify a solidified dll using a notepad on a Windows XP system.

The version of SolidCore deployed is 6.1.3.392.

Solidcore log when a dll is modified is shown below.

<FILE_MODIFIED  file_name="C:\Program Files\TF\ltif.dll" pid="2952" process_name="C:\WINDOWS\system32\notepad.exe" ppid="4924" parent_process_name="C:\WINDOWS\system32\rundll32.exe"  file_type="Unknown" is_system_file="false" user_name="Appox" workflow_id="PKGC_DEFAULT_ALLOW_UNINSTALL:  rundll32.exe" />

a) I took a backup of the dll before modifying.

b) I deleted the content of the original dll by opening it  in a notepad and saved it.

c) Application depending on this dll crashed when executed.

d) When I tried to replace this modified dll with the backup one, access denied message is displayed.

Why modification of the dll is allowed, but blocked from overwriting ?