[Solved]IDA 5.2 can't recognize XP SP3 symbols

[WhoCares]

I'm using IDA v5.2. It can identify XP SP0 symbols but can't identify XP SP3 symbols. Don't know why.

I downloaded "WindowsXP-KB936929-SP3-x86-symbols-full-ENU.exe" and extracted "ntdll.pdb" to system32 directory(sure current OS is XP SP3), then loaded ntdll.dll and ntdll.pdb with IDA. It could't identify "sub_7C93B077" as "LdrpInitialize" though it said "total 1016 symbols loaded" in the log window.

But the same procedure works for XP SP0 ntdll.dll/ntdll.pdb.

BTW:
IDA v5.4 can use windbg engine now:
_http://www.hex-rays.com/idapro/debugger/windbg_tut.pdf


Edit:
Finally I found the answer: just create an empty directory "symsrv.yes" in IDA directory, it will load SP3 pdb symbols.
_http://hi.baidu.com/0xfei/blog/item/9c74aad9f710f4ef39012fa4.html

[bilbo]

Strangely enough, I don't have your problem and I don't find anywhere the script quoted in BAIDU forum.

If I try to create the directory SYMSRV.YES it stays empty all the time. The symbols are downloaded even without the presence of that directory (the symbols file name is NTDLL.PD_ and not NTDLL.PDB). The symbols are not saved on the hard disk.

Best regards, bilbo

[WhoCares]

I download all symbol packages manually from MS official site(_http://www.microsoft.com/whdc/DevTools/Debugging/symbolpkg.mspx), not by IDA symbol retriever, so the file suffix is "pdb".

The script is the decompiled procedure of IDA end user license agreement dialog(with HexRays decompiler).

The "symsrv.yes" trick works for me.(XP SP3 and IDA v5.2). Actually the empty "symsrv.yes" file/directory is used by Microsoft "symsrv.dll" for the agreement of license agreement. You can also find this empty file in windbg directory.