================================================== =========================
Project : HelioS-Reset-DebugPort
Version : 1.0
Coder : [ELF]HelioS
Site : www.ArtificialAiming.net
================================================== =========================
What is this
------------
This tool enables you to reset the debugport for a given process.
This is usefull if you want to debug an already debugged process.
Some programs don't allow you to attach a debugger.
By resetting the debugport of the process you can attach a debugger again.
How does it work
----------------
There are 3 parts of this tool.
HelioS-Debug-Reset.sys : A kernel mode driver that is able to patch a process inside kernel memory.
HelioS-Debug-Reset.exe : A program that searches for a given process and handles the loading and unloading of the kernel driver.
It will pass the the needed parameters to the kernel driver so it can patch the process.
HelioS-Debug-Reset.bat : A simple batch script that you can edit to tell the .exe what process it should reset.
32bit vs 64bit
--------------
There are 2 versions of this tool.
This was needed because of the difference in kernel drivers used.
A 32bit Windows can only load 32bit drivers and a 64bit Windows can only load 64bit drivers.
How to use
----------
Pick a version that matches your operating system (32bit or 64bit).
Edit the HelioS-Debug-Reset.bat script by right-clicking on it and selecting "edit" from the menu.
You will see something like : HelioS-Debug-Reset.exe "%CD%HelioS-Debug-Reset.sys" "ProcessName.exe"
You can change "ProcessName.exe" to a different name for example "BF2.exe".
The processname you enter there will get its debugport reset.
Run the HelioS-Debug-Reset.bat batch script by double-clicking on it.
If all goes well you can now attach a the debugger to the process.
Test systems
------------
32bit : Pentium 4 CPU 2.6 GHz, running WindowsXP Pro with SP2
64bit : AMD Athlon 64 X2 Dual Core Processor 4400+, running WindowsXP Pro x64 with SP1
