Bypass Windows File Protection in Win Xp


Bypass Windows File Protection in Windows Xp

If you don’t have SP2 installed

Locate the file sfc_os.dll, which should be in your System32 folder .Copy it and name it sfc_oc.bak. Open this file using hex editor such as XVI32,which is an excellent freeware.This is an extremely simple edit and does not require an editor with advanced features.All you need to do is change values.
The location of these values will vary depending on whether you’re using WindowXp without Service pack or Window XP with SP1,but the actual hez values to change will be same.
For Windows xp with no service pack installed , go to offset 0000E2B8 (E2B8 hex). For Windows xp with sp1, go to offset 0000E3BB (E3BB hex). At those offsets,change the hex values 8BC6 to 9090.
NOTE:- Depending on your hex editor,you may see the value separated by a space,as in “8B C6”.
If you can’t find the values, donot proceed. It could be that your version of XP is different.The edit as described here only applies to English retail versions of Windows Xp.

If you have SP2 Installed

Disabling system File Protection in XP prior to SP2 involved editing the sfc_os.dll fill, but the version of sfc_os.dll that comes with SP2 is different,and you cannot disable file protection with it.With SP2,you need to use the previous version of the sfc_os.dll file,which is 5.1.2600.1106 (the one with SP2 is 5.1.2600.2180).
Open sfc_os.dll with a hex editor and go to offset 0xECE9. The values to change are 33 C0 40. Change these to 90 90 90. Save your changes .Rename the file with a .bak extention (sfc_os.bak).
The original exits in two locations: the \Windows\system 32 folder,and the \windows\system32\dllcache folder. Place a copy of sfc_oc.bak in both these folders.Then in the dllcache folder,look for cmd.exe,double click it,and enter this command: copy SFC_OS.BAK SFC_OS.DLL /Y
Next go to your System 32 folder and do the same thing .Look for cmd.exe, double click it, and enter exactly the same command.

Points to remember:-

  • if you have a problem overwriting the files,you can do the coping within the recovery console, or you can try safe mode.
  • The dllcache folder is a hidden folder.
  • It is important to copy the file to your dllcache folder first.
  • If you’re prompted to pop in your Windows Cd, click cancle.

Once the files have beeb coped,shut down your computer and restart it.The final step is to disable system file Protection in the Registery.Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current version\Winlogon. In the right hand pane, if it does not exist, creat a new DWORD value named SFCDisable. Double click it and enter “FFFFFF9D”. Exit the Registery Editor and reboot .You’re Done.