Saturday, April 19, 2008

Bypass Windows File Protection in Windows XP

There are two different solutions, depending on whether you have SP2 installed or not.

If you don’t have SP2 installed
Locate the file sfc_os.dll, which should be in your System32 folder. Copy it and name it sfc_os.bak. Open this file using a hex editor such as XVI32,which is an excellent freeware. This is an extremely simple edit and does not require an editor with advanced features. All you need to do is change two values. The location of these values will vary depending on whether you’re using Windows XP without a Service Pack or Windows XP with SP1, but the actual hex values to change will be the same.For Windows XP with no Service Pack installed, go to offset 0000E2B8 (E2B8 hex). For Windows XP with SP1, go to offset 0000E3BB (E3BB hex). At those offsets, change the hex values 8BC6 to 9090.Note: Depending on your hex editor, you may see the value separated by a space, as in “8B C6”. If you can’t find the values, do not proceed. It could be that your version of XP is different. The edit as described here only applies to English retail versions of Windows XP.

If you have SP2 installed
Disabling System File Protection in XP prior to SP2 involved editing the sfc_os.dll file, but the version of sfc_os.dll that comes with SP2 is different, and you cannot disable file protection with it. With SP2, you need to use the previous version of the sfc_os.dll file, which is 5.1.2600.1106 (the one with SP2 is5.1.2600.2180). Open sfc_os.dll with a hex editor and go to offset 0xECE9. The values to change are 33 C0 40. Change these to 90 90 90. Save your changes. Rename the file with a .bak extension (sfc_os.bak). The original exists in two locations: the\Windows\System32 folder, and the\Windows\System32\dllcache folder. Place a copy of sfc_oc.bak in both these folders. Then in the dllcache folder, look for cmd.exe, double-click it, and enter this command: copy SFC_OS.BAK SFC_OS.DLL /Y Next, go to your System32 folder and do the same thing. Look for cmd.exe, double- click it, and enter exactly the samecommand.
Points to remember
* If you have a problem overwriting the files, you can do the copying within the Recovery Console, or you can try Safe Mode.
*The dllcache folder is a hidden folder.
*It is important to copy the file to yourdllcache folder first.
*If you’re prompted to pop in your Windows CD, click Cancel.

Once the files have been copied, shut down your computer and restart it. The final step is to disable System File Protection in the Registry. Go to HKEY_LOCAL_MACHINE\SOFTWARE\
Microsoft\Windows NT\CurrentVersion\Winlogon. In the right-hand pane, if it doesn’t exist, create a new DWORD value named SFCDisable. Double-click it and ente “FFFFFF9D”. Exit the Registry Editor and reboot. You’re done.


0 comments to "Bypass Windows File Protection in Windows XP"


Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com