Login to Account Create an Account
PE Tool for creating patches
Posted 25 November 2012 - 05:22 PM
The way I test it is to copy the new kernel32 to kernel32_new.dll, and have my test program perform tests against the normal kernel32 and the rewritten one and compare the results. My WinExec test attempts to spawn calc.exe from both of them. It works with the normal kernel32, but the rewritten one doesn't fully spawn the process. I get a running calc.exe in Task Manager but the window never appears and it seems to want to consume about 5% CPU until I kill it. I've been fighting with this for a couple of weeks and I'm stumped.
Testing this way lets me protect my system since I don't have to replace kernel32, though so far I haven't tested any kernel32 routines that change anything--only the ones that read info or do things that don't affect the system.
Posted 25 November 2012 - 10:04 PM
Posted 09 December 2012 - 11:44 PM
But exfat drive was not read from windows 2000.
It's in this update:
If you can post it somewhere I can do a quick run through in Ida tomorrow and see what it spits out.
That extracts out to a directory containing the following:Volume in drive G is DATA Volume Serial Number is 7A4C-636C Directory of G:\exfat 10/16/2012 06:58 PM <DIR> . 10/16/2012 06:58 PM <DIR> .. 10/16/2012 06:58 PM 0 dirlist.txt 10/16/2012 06:55 PM <DIR> SP2GDR 10/16/2012 06:55 PM <DIR> SP2QFE 10/16/2012 06:55 PM <DIR> SP3GDR 10/16/2012 06:55 PM <DIR> SP3QFE 11/30/2007 07:18 AM 17,272 spmsg.dll 11/30/2007 07:18 AM 231,288 spuninst.exe 10/16/2012 06:55 PM <DIR> update 3 File(s) 248,560 bytes Directory of G:\exfat\SP2GDR 10/16/2012 06:55 PM <DIR> . 10/16/2012 06:55 PM <DIR> .. 09/29/2008 05:58 AM 133,632 exfat.sys 09/30/2008 02:44 AM 18,944 fmifs.dll 09/29/2008 05:59 AM 30,720 format.com 09/29/2008 05:58 AM 9,216 fs_rec.sys 09/30/2008 02:44 AM 77,824 ifsutil.dll 09/30/2008 02:44 AM 8,455,168 shell32.dll 09/30/2008 02:44 AM 57,344 uexfat.dll 09/30/2008 02:44 AM 278,528 ulib.dll 8 File(s) 9,061,376 bytes Directory of G:\exfat\SP2QFE 10/16/2012 06:55 PM <DIR> . 10/16/2012 06:55 PM <DIR> .. 09/29/2008 05:53 AM 133,632 exfat.sys 09/30/2008 02:05 AM 18,944 fmifs.dll 09/29/2008 05:54 AM 30,720 format.com 09/29/2008 05:53 AM 9,216 fs_rec.sys 09/30/2008 02:05 AM 77,824 ifsutil.dll 09/30/2008 11:35 AM 8,461,312 shell32.dll 09/30/2008 02:05 AM 57,344 uexfat.dll 09/30/2008 02:05 AM 278,528 ulib.dll 09/29/2008 05:46 AM 351,744 xpsp3res.dll 9 File(s) 9,419,264 bytes Directory of G:\exfat\SP3GDR 10/16/2012 06:55 PM <DIR> . 10/16/2012 06:55 PM <DIR> .. 09/29/2008 06:21 AM 133,632 exfat.sys 09/30/2008 02:19 AM 18,944 fmifs.dll 09/29/2008 06:22 AM 30,720 format.com 09/29/2008 06:20 AM 9,216 fs_rec.sys 09/30/2008 02:19 AM 77,824 ifsutil.dll 09/30/2008 02:19 AM 8,461,824 shell32.dll 09/30/2008 02:19 AM 57,344 uexfat.dll 09/30/2008 02:19 AM 278,528 ulib.dll 8 File(s) 9,068,032 bytes Directory of G:\exfat\SP3QFE 10/16/2012 06:55 PM <DIR> . 10/16/2012 06:55 PM <DIR> .. 09/29/2008 06:51 AM 133,632 exfat.sys 09/30/2008 01:56 AM 18,944 fmifs.dll 09/29/2008 06:52 AM 30,720 format.com 09/29/2008 06:50 AM 9,216 fs_rec.sys 09/30/2008 01:56 AM 77,824 ifsutil.dll 09/30/2008 01:56 AM 8,462,336 shell32.dll 09/30/2008 01:56 AM 57,344 uexfat.dll 09/30/2008 01:56 AM 278,528 ulib.dll 8 File(s) 9,068,544 bytes Directory of G:\exfat\update 10/16/2012 06:55 PM <DIR> . 10/16/2012 06:55 PM <DIR> .. 09/30/2008 02:32 AM 926 branches.inf 11/30/2007 10:17 AM 804 eula.txt 09/30/2008 06:29 AM 22,668 KB955704.CAT 11/30/2007 07:18 AM 26,488 spcustom.dll 11/30/2007 07:18 AM 755,576 update.exe 09/30/2008 04:49 PM 3,028 update.ver 09/30/2008 02:32 AM 678 updatebr.inf 09/30/2008 06:36 AM 24,318 update_SP2GDR.inf 09/30/2008 06:32 AM 25,523 update_SP2QFE.inf 09/30/2008 06:38 AM 27,395 update_SP3GDR.inf 09/30/2008 06:29 AM 27,395 update_SP3QFE.inf 07/09/2008 03:38 AM 382,840 updspapi.dll 12 File(s) 1,297,639 bytes Total Files Listed: 48 File(s) 38,163,415 bytes 17 Dir(s) 402,366,476,288 bytes freeSo it looks like it's a _lot_ more than just the exfat.sys driver file
Maybe in code, it's just a function or two ?
Posted 17 December 2012 - 09:26 PM
The update, as usual, also includes some new API goodies:
Posted 18 December 2012 - 07:10 PM
You know, on some days it's really tough.
I just posted MS11-011 V15 (KB2393802). I found the same bug I fixed in V14 in a different place and had to fix it. Sorry for the inconvenience, folks. The lesson: it's possible to follow the XP code too closely.
Posted 16 January 2013 - 10:49 PM
As of tonight the VM boots, but Explorer, Task Manager, etc. crash when I do certain things. I think I'm just a bugfix or two from really cooking with gas.
Posted 18 January 2013 - 07:50 PM
Still some application errors in Event Viewer, but the VM finally runs with it
Posted 19 January 2013 - 12:16 AM
Posted 19 January 2013 - 03:20 AM
Posted 19 January 2013 - 11:17 AM
Posted 07 February 2013 - 10:01 PM
These functions were already present, and I simply added them to the export table and bumped up the version one tick. The idea is to hopefully help with driver compatibility.
There's also one new file:
usbser.sys (5.1.2600.5512 from XPSP3)
Why the new file? I picked up an Arduino Uno a while ago and no matter what I did, I couldn't get the Arduino software to program it (I can program my older Arduino Duemilanove just fine). Someone on a help forum had the same problem and had to use the XP usbser.sys driver to make it work. I gave it a try and presto, it works like a charm. So consider v16 the Arduino Uno version of the update
I don't know if XP has a newer rev of the driver or not; this one is straight from the SP3 distro and works for me.
In kernel32 news...
This is somewhat frustrating. I'm *this close*, but there is still a memory corruption bug somewhere (at least I think that's what it is). It only shows up on the kernel side so it's hard to track down. My VM boots just fine, but ESENT and the Distributed LinkTracking Client report errors in Event Viewer and windbg reports some exceptions at certain times during bootup. I'm working on cleaning up the code to try to track the remaining bug(s) down.
Edited by WildBill, 07 February 2013 - 10:03 PM.
Posted 07 February 2013 - 10:22 PM
No, it hasn't. 5512 is the latest build available.
usbser.sys (5.1.2600.5512 from XPSP3)
I don't know if XP has a newer rev of the driver or not; this one is straight from the SP3 distro and works for me.
Posted 12 March 2013 - 11:49 PM
It appears that this update replaces the previously released KB2792100 - the new patch appears to have all the fixes from the previous hotfix in addition to an updated mshtml.dll, and new timestamps on all the rest of the files.
Edited by jimmsta, 13 March 2013 - 12:02 AM.
Posted 18 March 2013 - 02:00 PM
Edited by GaryMX, 18 March 2013 - 02:02 PM.
Posted 18 March 2013 - 05:32 PM
PS Make sure to install my unofficial Update Rollup 2 before installing it. Having IE6 with the newest Cumulative Update (which is 2809289) installed is also recommended.
Edited by tomasz86, 18 March 2013 - 05:36 PM.
Posted 20 March 2013 - 09:37 AM
W2K Update Rollup-KB891861-v2.EXE (First rollup of updates and additions since SP4.) The MS$ file name may not be exact, but it is the official one.
Your Update Rollup2 (I may not have the exact file name: Windows2000-UpdateRollup2-x86)
Windows2000-UURollup-v10d-x86-ENU.exe (which "updated" my W2K to be able to run certain apps, such as the newer Firefox/SeaMonkey)
I have tried my hardest to find your download link for UURollup-v11and Google does not have any download sites. I know you have SkyDrive, but I am unable to see anything on it as of yet a search for "tomasz86" or "UURollup-v11" brings no results. I tried DropBox and can't seem to find you there either. A link to these latest updates would be helpful. I have a dual-drive setup and tested your UURollup-v10d-x86 extensively with good results, except for an icon problem which I fixed (some of the file associations disappeared, along with the icons!) I just put them back in the registry and did a "restore" in Folder Options/File Types. If v11 of the UURollup allows me to run Macrium Reflect Free, that would be great.
There was one other issue, which isn't critical to me, but is annoying: since I installed the UURollup-v10d, all of my scheduled tasks will not run. I went in to each one and reentered my logon/password combination (I run as Administrator with full rights.) Nonetheless, they will not run. I have a scheduled Microsoft Backup which used to work, but now, when I manually run it, I get errors in my log file, "You do not have permission to access portions of [folder name]. Please see the owner or administrator to get permission" for EACH folder that I have selected to be backed up. I have FULL permissions. I have tried various tricks, to no avail. There is no help online for this problem. The .BKF file that Microsoft Backup creates is not usable and will not restore files. Any suggestions?
One more thing: on your website, "http://windows2000.tk/#archive" you mention the Application Compatibility Launcher and mention running the Firefox install. I used your link in MozillaZine instead: http://forums.mozill...?f=23&t=2482475 with great results. I am running SeaMonkey 2.16 (Firefox 19 platform) with no problems whatsoever.
Thanks for your prompt reply to my posts.
Posted 20 March 2013 - 10:18 AM
Another question about UURollup: I noticed that I can't update Adobe Reader 9.5 to v 10 (or later) as it "knows" that I am not running XP. Some other programs warn me that "this update may not work, but do you want to continue anyway?" and I click yes. No problems there. Is there no way to fool the Adobe Reader update program to allow me to update the Reader to a newer version?
Posted 20 March 2013 - 04:27 PM
- Update Rollup 2 - The old one (Update Rollup-KB891861-v2.EXE) is obsolete and shouldn't be used any more. It probably won't harm you if you've already installed it but there were several bugs in it. The only one version of Update Rollup 2 used now is available on my website (Windows2000-UpdateRollup2-x86-ENU.exe) with its extension for Windows 2000 Server (Windows2000-UpdateRollup2-SrvExt-v2-XXX.exe).
- SkyDrive - The SkyDrive archive was set up when Dropbox blocked access to the original one but it's not used at the moment since Dropbox is working again so you can safely just ignore it. The main archive which is constantly updated is the Download Archive located in Dropbox which link to you can find at my website here.
- UURollup - The stable version of UURollup (Windows2000-UURollup-v10d-x86-ENU.exe) is also available at my website here (Windows2000-UURollup-v10d-x86). The test versions (weekly & daily) are available in the Download Archive, ex. for UURollup-v11 you need to navigate to Windows2000 -> UnofficialUpdatesRollup and then choose between Daily / Stable / Weekly.
- Task Scheduler - Are you sure that it was UURollup to break it? I use Task Scheduler on my computer all the time and haven't experienced any problems at all.
- Firefox - The instructions at mozillaZine is for UURollup-v10. In case of UURollup-v11 you only need to install the program using Application Compatibility Launcher and disable hardware acceleration in its settings. The other steps are no longer required.
- Acrobat Reader - The newest version works but in order to install it you have to modify the installer. It's an MSI installer so Application Compatibility Launcher doesn't work in this case. Feel free to try the one which I've just uploaded to the Download Archive (Windows2000 -> Programs).
Posted 20 March 2013 - 08:13 PM
I read on one of the forums that you can run Adobe Reader v10 or v11 directly by copying the files from a computer that has it to the W2K computer. I am a bit skeptical of that, as I just installed v11 on my XP computer and it makes several changes to the Registry. I am going to try using your AcrobatReader_Windows2000.7z file from Dropbox.
Regarding Microsoft Backup: here is the sequence of events (I have two distinct hard drives on my W2K computer; drive C main boot, drive D alternate boot) I image copied Drive C to my USB hard drive using Drive Image (had to boot into XP using Hiren's Boot CD to do it) then, I "restored" the C drive image on top of D drive, which did not have a fully functional W2K install. I made drive D bootable, switched the boot selection to use D as default. I installed all of your updates including UURollup on drive D. I then tested the install extensively for a month (Feb 7 - March 7.) All of my regular functions necessary for my business worked, all CAD/CAM software, and especially, my Internet browser was now up to date!! By March 7th, I felt confident to go back to Drive C and install UURollup there (I had the original image saved, so I wasn't worried.) The reason for this was my Add/Remove programs list would not show, running on Drive D. Maybe a bug because they were installed on drive C, and my running operating system was on drive D!
I changed the boot order back to C drive, by default, then installed all of the updates in the order that they were to be installed, with UURollup v10d being the last one. I noticed the Add/Remove programs list was back; I had minor issues with some of the icons (fixed it); updated the browser. Everything else worked smoothly. But one issue carried over from D drive -- I could no longer run Microsoft Backup automatically (Task Scheduler.) If I ran it manually, I got the error in the log as I said in the previous post. Both D and C drives gave me this error, regardless of where I booted. It's puzzling how, as Administrator, I cannot have permission to "access portions of [folder name.] As I said before, I went through Microsoft forums, including MSDN, with no answers. I'll probably post this on a Microsoft forum if no one here has any suggestions as to how to fix this.
I have one more (wild) theory -- is it perhaps because I "restored" the drive image to Drive D while running Windows XP (instead of W2K,) is it possible that the NTFS file permissions changed because I was running XP? Just a wild theory ..
Thanks for your prompt replies!
Edited by GaryMX, 20 March 2013 - 08:30 PM.
Posted 21 March 2013 - 06:41 PM
I don't think I can really help with the other problem as I've never experienced such issues myself I'd suggest creating a separate topic related to that particular problem with Task Scheduler and file permissions.
Edited by tomasz86, 21 March 2013 - 06:42 PM.
Posted 23 March 2013 - 11:20 AM
Posted 23 March 2013 - 09:47 PM
Edited by tomasz86, 23 March 2013 - 09:48 PM.
Posted 24 March 2013 - 06:25 PM
I want to thank you for all the hard and difficult work you have done. I have been a longtime lurker and this is my first post. I have several older machines that I was ready to throw away and they came to life with windows 2k. The newer linux distributions bring these dinosaurs to their knees, although I run a win2k VM under linux mint. I cannot believe the difference in performance, it is fantastic! I am going to the older windows releases, because like most others I hate windows 8. Your progression and improvements to win2k put it on almost an equal footing with windows xp, and far less system resources used for getting the same jobs done.
Posted 31 March 2013 - 07:00 PM
The VM with my rewritten kernel32 comes up with no errors. I have maybe half a dozen more routines to add, and then the question is, how to test it in the community?
4 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users