Link to home
Start Free TrialLog in
Avatar of DigitalGlobeIS
DigitalGlobeISFlag for United States of America

asked on

How to use a kernel debuger

Im trying to set HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SFCDisable = 1 (Decimal) to disalble SFC.
To do so the KB article (http://support.microsoft.com/kb/222473) says I must hook up a kernel debuger and to make it work.  I have windbg installed but can't get it to connect no do I know what to do after that?
Avatar of Member_2_49692
Member_2_49692

Here is a better guide as the microsoft information is no longer accurate after service pack they replaced the DLL that runs it and therefore that procedure in that KB will no longer work without some additional work

http://www.windowsnetworking.com/articles_tutorials/Tweaking-XP-Windows-File-Protection-SP2.html


You can also use this tool here

http://www.litepc.com/xppreview.html

which can remove the windows file protection but you would have to rebuild your windows os. You can also do it using Nlite which is free http://www.nliteos.com
Avatar of DigitalGlobeIS

ASKER

The problem is that I am using Server 2003 and the SFC_OS.dll files are different.
I tried modifying the XP pre SP2 SFC_OS.dll and copying to dllcache and system32 and overwriting but it did not work.  I has the original Server 2003 SFC_OS.dll in there.  The DOS copy did complete but after I rebooted the original was back.  Also I was going to just modify the SFC_OS.dll (at the same 0xECE9 location) from Server 2003 but now it is "In use" all the time and I cant change it.
ASKER CERTIFIED SOLUTION
Avatar of Member_2_49692
Member_2_49692

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
OK, I'll try that.
This worked, it took me a while to figure out I had to use the Win2K3 cd for the source files.

Thanks
no problem glad it worked :)