• Announcements

    • xper

      MSFN Sponsorship and AdBlockers!   07/10/2016

      Dear members, MSFN is made available via subscriptions, donations and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, become a site sponsor and ads will be disabled automatically and by subscribing you get other sponsor benefits.
blackwingcat

KernelEx for Win2000

883 posts in this topic

Sounds like something to do with Unicode

0

Share this post


Link to post
Share on other sites

I can tell you that kernel32.dll contains some code specific to converting to and from the Korean locale. In several places throughout the NLS code it checks for the Korean locale and consults a special "KoreanWeights" table when it needs to. It was one of those things I had to reverse-engineer and have no way to test.

0

Share this post


Link to post
Share on other sites

I was trying to apply the Extended Kernel update to install the recent nVidia Driver. But Extended Kernel failed to install due to missing "MS12-052 (KB2722913)". The download for this that I was able to find was 3.3 GB, which is excessive. Could you list links to all the required components part of the update in your first post?

0

Share this post


Link to post
Share on other sites

You can find it from http://w2k.flxsrv.org/wlu/wlu.htm

and you had better install [MS13-028]Cumulative Security Update for Windows 2000 Internet Explorer 6 SP1 (2817183) .You can also find it.

It also requires roots update 2012.

You can download from http://www.microsoft.com/en-us/download/details.aspx?id=35945

I was trying to apply the Extended Kernel update to install the recent nVidia Driver. But Extended Kernel failed to install due to missing "MS12-052 (KB2722913)". The download for this that I was able to find was 3.3 GB, which is excessive. Could you list links to all the required components part of the update in your first post?

0

Share this post


Link to post
Share on other sites

Is anyone else having a problem with the latest Firefox 24 nightly? It won't download anything anymore but it does work in XP. I'm still on ExKernal v2.2n9 so maybe blackwingcat's latest version fixes it? Everything else is going good so that's why I tend not to upgrade.

Edit: after more testing it will download if you go to the Tools/Download box and retry. It just won't do it automatically anymore as it does in XP. It seems to be a change they made in the last few days that's affecting W2k.

Edited by DanR20
0

Share this post


Link to post
Share on other sites

Thank you BlackWingCat. I got them installed now. Also: nice, compact direct downloads of the Flash plugin.

0

Share this post


Link to post
Share on other sites

Hi blackwingcat, another new problem is that Oracle is no longer updating Java 6. I reinstalled Java 7 and while the present applets in the cache still work fine it's impossible to run new ones because they did away with low setting in the Security tab. That forces the Security permission box dialog to show every time. The problem is it's crashing and it won't permit the applet to run. Tested in XP and it's ok. Hopefully it can be fixed.

0

Share this post


Link to post
Share on other sites

Well.

I desire to fix this problem, But I don't know the cause of it.

I want any information for fix it.

Hi blackwingcat, another new problem is that Oracle is no longer updating Java 6. I reinstalled Java 7 and while the present applets in the cache still work fine it's impossible to run new ones because they did away with low setting in the Security tab. That forces the Security permission box dialog to show every time. The problem is it's crashing and it won't permit the applet to run. Tested in XP and it's ok. Hopefully it can be fixed.

Edited by blackwingcat
0

Share this post


Link to post
Share on other sites

Hi blackwingcat, wish there was something I could do, there's no error messages but it's the Permissions box that's crashing when pressing Run. As previously noted, java applets work smoothly if you copy the cache over from XP into W2k's with site permissions already granted. That way the Permissions box doesn't pop up. Are you able to reproduce the crash?

0

Share this post


Link to post
Share on other sites

I think Java 7 freeze on Windows 2000 whenever Application popup shows.

So, It is not that it has only securty dialog.

Hi blackwingcat, wish there was something I could do, there's no error messages but it's the Permissions box that's crashing when pressing Run. As previously noted, java applets work smoothly if you copy the cache over from XP into W2k's with site permissions already granted. That way the Permissions box doesn't pop up. Are you able to reproduce the crash?

Edited by blackwingcat
0

Share this post


Link to post
Share on other sites

If logging is turned on from the Control Pane\Java.cpl applet it creates a log file in C:\Sun\Java\Deployment\Logs. That tells you what's being loaded from the security end. This version wasn't a problem until they did away with the Low setting in the Security tab since that didn't force the Security Warning popup.

0

Share this post


Link to post
Share on other sites

In other words, even if we make force security warning, when java applet shows dialog , the app will freeze certain reason.

I want to know the obstacle

0

Share this post


Link to post
Share on other sites

Hello, blackwingcat.

Thank you for your work on this first.

I have found one bug or error in user32.dll in version 18e, but it is also there in version 18e - I have checked it.

The problem appears in starting process of Gameranger program.

Here are some details:

Registers:

eax=00000013 ebx=00000000 ecx=00000087 edx=00000012 esi=000001a0 edi=006b7070
eip=77e16078 esp=0012ef68 ebp=0012ef78 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246

Code:

77e16059 64a118000000 mov eax,fs:[00000018] fs:00000018=????????
77e1605f 8b4040 mov eax,[eax+0x40] ds:00949ef9=????????
77e16062 c3 ret
77e16063 55 push ebp <== your function starts here
77e16064 8bec mov ebp,esp
77e16066 51 push ecx
77e16067 51 push ecx
77e16068 8065fe00 and byte ptr [ebp+0xfe],0x0 ss:00a78e5e=??
77e1606c 8065ff00 and byte ptr [ebp+0xff],0x0 ss:00a78e5e=??
77e16070 53 push ebx
77e16071 8b5d08 mov ebx,[ebp+0x8] ss:00a78e5e=????????
77e16074 56 push esi
77e16075 8b750c mov esi,[ebp+0xc] ss:00a78e5e=????????
FAULT ->77e16078 8b03 mov eax,[ebx] ds:00000000=????????
77e1607a 81fee0030000 cmp esi,0x3e0

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name
0012EF78 77E1B894 00000000 000001A0 00000000 00000012 !IsWindowVisible [omap]
0012EFEC 77E1BA6B 000201BA 00000153 00000000 00000012 !GetWindowLongW [omap]
0012F010 77E3A454 000201BA 00000153 00000000 00000012 !GetWindowLongW [omap]
0012F030 77E14750 77E1BA04 000201BA 00000153 00000000 !SetWindowPlacement [omap]

Full details Report is atached!

I think the second first parameter of this function is 0 and 77e16071 - mov ebx,[ebp+0x8]

sets ebx to 0 where [ebp+0x8] is second parameter to this function is first parameter i think and then 77e16078 mov eax,[ebx] causes reading from 0x00000000 address.

I reversed abit user32 and saw you called this function often from many functions and usually check if first parameter is zero and if it is you skip this function calling. But however seems it is posible (in some rare cases) second parameter to be Zero too. But maybe is better to check always if first parameter is Zero.

I think you can easily fix it by add check for second parameter in this function before all calls. The other way is to figure out where this call was generated with second first parameter Zero, but I'm not curently using extended kernel, but I can install it and then debug Gameranger to see where the call is made with second first parameter Zero to your function. But I think you can see it in Stack back trace to figure out. It looks like some chain of calls which maybe do not produce this result always, because I have not seen this in any other program. Gameranger works fine without extended kernel (tuned a little bit to fit support :ph34r: ofcourse, but it works without crash).

Another , maybe more practical way to fix it to add check if secont parameter is zero before call of your function. I have seen you skipped some original code and instead of it you call your code - so I think you have some space for this check. This is what come to my mind lastly. There are 90+ calls to your function, I hope you figure out where exactly things go wrong if you dont chouse to change it in general. I think I can try to add check before all calls to see if it works fine because there is always some original code you skip with jump, so there is room for it.

And again this is for version 18e (the adresses may differ for other version of user32), but this crash hapans also in 18g (I have checked it).

Another clue for you is maybe esi=000001a0 which you use to check which function called your function and which is third second parameter of this funtion (by my view) - 77e16075 - mov esi,[ebp+0xc].

I got confused by stack frame which shifts stack with push ebp first to +4 to all things. So +0 is saved ebp, +4 is return adress +8 is first parameter and etc.

Report.zip

Edited by leonidij
0

Share this post


Link to post
Share on other sites

Hi, Thx for your report.

It seems to cause of Windows 2000 narive bug.

I try to fix it on v2.3f3.

Will you test it?

Hello, blackwingcat.

Thank you for your work on this first.

I have found one bug or error in user32.dll in version 18e, but it is also there in version 18e - I have checked it.

The problem appears in starting process of Gameranger program.

0

Share this post


Link to post
Share on other sites

I released Extended kernel v2.3g3 and game support version.

nProtect which is wellknown Korea protect from game cheat solution has critical bug.

So I must create another version extended kernel to avoid its bug. :thumbdown

The differences are kernel32 and rpcrt4.dll

I stripped some functions from them and changed a little bit on Procedure call routine.

Edited by blackwingcat
0

Share this post


Link to post
Share on other sites

Hello blackwingcat.

v23f is JPN and I'm on ENU machine and user. What is the difference between those, and can it be installed on english machine? Maybe not very wise. But if user32.dll is basicly the same as ENU version could I just try to replace it in let say ver 18g. In short to put user32.dll from v23f in v18g and then isntall v18g or they are not compatible?

And I ave read in your blog that versions 2X use more faking of XP things while version 1X more like update win2k (add support). So I'm willing to stuck with 1X way.

Is that fix in v23f also available in v23g3 (your last release) because v23g have ENU version while v23f have not.

I'm not sure what exaclty you changed but I think if add check before of each call of that function of yours for first parameter if it is zero would solve the problem (or maybe not?) and make it more universal fix in case of other similar bugs? (or maybe this is not that easy as how it looks?)

Ah I just saw you actually have aditional v23f ENU releases under field of v23e - are they the ENU of v23f and what is the difference between v23f and v23f3?

v23f is removed so only v23f3 remains. Is it v23f ENU or is mistake?

Hmmm the file size of v23f3 is just 1kb less than v23e - it maybe is mistake or not?

I will wait for replay from you and then will test it.

Edited by leonidij
0

Share this post


Link to post
Share on other sites

Hi.

Different language version are imcompatible in kernel32 and user32 cause of relocation address problem.

Because English version 23f/f2/3 is made by me with emergency basis, I has many problems, so I think they should delete.

Although I don't know why you use version 1.8g, If it is reason that some games don't work on version 2.x, plz try to install Game supported version 2.3g3. :)

Hello blackwingcat.

v23f is JPN and I'm on ENU machine and user. What is the difference between those, and can it be installed on english machine? Maybe not very wise. But if user32.dll is basicly the same as ENU version could I just try to replace it in let say ver 18g. In short to put user32.dll from v23f in v18g and then isntall v18g or they are not compatible?

And I ave read in your blog that versions 2X use more faking of XP things while version 1X more like update win2k (add support). So I'm willing to stuck with 1X way.

Is that fix in v23f also available in v23g3 (your last release) because v23g have ENU version while v23f have not.

I'm not sure what exaclty you changed but I think if add check before of each call of that function of yours for first parameter if it is zero would solve the problem (or maybe not?) and make it more universal fix in case of other similar bugs? (or maybe this is not that easy as how it looks?)

Ah I just saw you actually have aditional v23f ENU releases under field of v23e - are they the ENU of v23f and what is the difference between v23f and v23f3?

v23f is removed so only v23f3 remains. Is it v23f ENU or is mistake?

Hmmm the file size of v23f3 is just 1kb less than v23e - it maybe is mistake or not?

I will wait for replay from you and then will test it.

0

Share this post


Link to post
Share on other sites

So in short v23g3 have that fix in user32.dll and I better try that instead of v23f3 and I shold test v23g3 instead to see of it is working?

And the reason I prefer 1.8g is that win2k lack some core things like vectored exception handling (VEH) and others (I'm not usre if you implement this), but some programs do check if this is available and if not they just dont uses it in case of win2k. But, If I'm not wrong, version 2X maybe try to fake version of window$ those programs detect and so they try to use some still unsupposrted things because they are confused. This is maybe the cause of gameguard problem. And maybe some other drivers or driver level programs which uses things like that. So I think is not bad idea to continue version 1X in paralel with 2X, if I understand it correctly. In short some programs better be fully aware that this is not XP. Some of them have anything that support win2k but just the compiller of this programs add some non needed stuff as addon which is not supported by win2k or just few non so important functions, while they kept support for complicated functions and routine. The developers of those programs maybe just didnt check if it still works on win2k after they change the compiller to vc10 or vc11.

And besides I like the "Stable" after some 1X versions :yes: . Because this is also work pc of someone else and I want to be able to relay on things and dont want to wonder what causes certian problem. If there is bug in 1.8 versions why not fix it and make them even more close to stable? They are btw working pretty stable indeed as far as I tested some long period of time and had no problems except this problem I posted above. And btw after I use recovery error with "CrashDoctor" program on gameranger after it crashes on your routine. then gameranger continues working. Crash doctor just handles internally (as far as I understand some exceptions and try to redirect execution code to other rutine. And I think it means only that trying to read from 0 address is the problem because first parameter is 0. If it was internal bug shold the program will not be able to continue or shold it be crashing on standart win2k?

Edited by leonidij
0

Share this post


Link to post
Share on other sites

Hi.

Well, I think Gameguard Problem fixed on "avoid Game Guard Bug version(Game Support version)" Extended kernel.

Although I said before, I think It is Gameguard bug which reference nullpointer crash.

So in short v23g3 have that fix in user32.dll and I better try that instead of v23f3 and I shold test v23g3 instead to see of it is working?

And the reason I prefer 1.8g is that win2k lack some core things like vectored exception handling (VEH) and others (I'm not usre if you implement this), but some programs do check if this is available and if not they just dont uses it in case of win2k. But, If I'm not wrong, version 2X maybe try to fake version of window$ those programs detect and so they try to use some still unsupposrted things because they are confused. This is maybe the cause of gameguard problem. And maybe some other drivers or driver level programs which uses things like that. So I think is not bad idea to continue version 1X in paralel with 2X, if I understand it correctly. In short some programs better be fully aware that this is not XP. Some of them have anything that support win2k but just the compiller of this programs add some non needed stuff as addon which is not supported by win2k or just few non so important functions, while they kept support for complicated functions and routine. The developers of those programs maybe just didnt check if it still works on win2k after they change the compiller to vc10 or vc11.

And besides I like the "Stable" after some 1X versions :yes: . Because this is also work pc of someone else and I want to be able to relay on things and dont want to wonder what causes certian problem. If there is bug in 1.8 versions why not fix it and make them even more close to stable? They are btw working pretty stable indeed as far as I tested some long period of time and had no problems except this problem I posted above. And btw after I use recovery error with "CrashDoctor" program on gameranger after it crashes on your routine. then gameranger continues working. Crash doctor just handles internally (as far as I understand some exceptions and try to redirect execution code to other rutine. And I think it means only that trying to read from 0 address is the problem because first parameter is 0. If it was internal bug shold the program will not be able to continue or shold it be crashing on standart win2k?

0

Share this post


Link to post
Share on other sites

Hello.

And you misunderstood it. It is not GmeGuard but it is GameRanger.

They are totally different things. Gameguard you know what it is already, but gameranger is program for online multiplayer of many local games.

www.gameranger.com

Here you can download and try it yourself if you want. But it needs some tweaking because is downloading some dlls which do requare xp.

Seems you are very obsessed with Gameguard fixing lately and tough of it but it have nothing to do.

It is one MFC & MSVCRT based application. It have no much internal code nor drivers or etc. The problem is caused before initalizing main window. So it have something to do with creating interface as you can see from stack back treace.

Edited by leonidij
0

Share this post


Link to post
Share on other sites

Umm.....

Does it correct the following ?

+------------+------+----------------+-----+--------------------+

| ExKernel | 1.8x |1.8+Fixed User32|2.3g3|2.3g3 gamefixversion|

+------------+------+----------------+-----+--------------------+

| GameGuard | Ok | Ok | Bad | Ok |

+------------+------+----------------+-----+--------------------+

| GameRanger | Bad | Ok | Ok | Ok |

+------------+------+----------------+-----+--------------------+

| Any Game | Ok | Ok | Bad?| Bad? |

|InGameRanger| | | | |

+------------+------+----------------+-----+--------------------+

Hello.

And you misunderstood it. It is not GmeGuard but it is GameRanger.

They are totally different things. Gameguard you know what it is already, but gameranger is program for online multiplayer of many local games.

www.gameranger.com

Here you can download and try it yourself if you want. But it needs some tweaking because is downloading some dlls which do requare xp.

Seems you are very obsessed with Gameguard fixing lately and tough of it but it have nothing to do.

It is one MFC & MSVCRT based application. It have no much internal code nor drivers or etc. The problem is caused before initalizing main window. So it have something to do with creating interface as you can see from stack back treace.

Edited by blackwingcat
0

Share this post


Link to post
Share on other sites

GameRanger nor the ancient game I play with it uses Gameguard. Gameranger just launches the game and redirect its online servers to Gameranger server using dll injection. From there on Gameranger have nothing to do with game except to wait it to close. NO GAMEGUARD so it is not at fault at all. I do not have gameguard on my pc in anyway nor something which could ses it. So the deal is only between gameranger.exe and user32.dll, and i can not even test it vs gameguard.

How to get this "1.8+Fixed User32"? To copy user32.dll from v23g3 ENU to installation package of v1.8x ENU? If that is so I cand do it. And v23g3 have that fixed user32.dll? I could try both variants. Just didnt got where that so called fixed user32.dll is located (in v23g3 by my last nderstanding).

EDIT:

Ok I did tested it with 1.8g + fixed user32 and it do work! Thank you. Wanted to test first 2.3g3 but it wanted one update for IE6 which I probably have locally but do not want to install it right now, but it shold work too.

We can consider this solved!

EDIT2:

I forgot to tell you that I got that fixed user32.dll from 2.3g3 in case there are more variants.

Edited by leonidij
0

Share this post


Link to post
Share on other sites

Another program that have some trouble this time with BOTH normal win2k and with kernel ex is this one:

http://www.manhunter.ru/releases/108_32_bit_asm_calculator_1_5.html

This is awesome asm programmer calculator, but its tool tips make program crash before show on win2k.

Otherwise the program is woking fine if the tool tip creation routine is patched and avoided (as I did). But not tool tips then.

Ok it is not about the tool tips of this program (I dont actually need them) but this seems is general flaw of win2k (not sure that exactly is the problem), But it may appear on other soft which uses similar way to create tool tips.

If you are interested may see what is going on if not leave it be. THIS IS NOT A REQUEST. As I said I do not need this particular tool tips that much. This is just a notice because this thing looks more general problem.

So if you have time and and interest can look at it if not so be it.

0

Share this post


Link to post
Share on other sites

I find Windows 2000 bug.

http://blog.livedoor.jp/blackwingcat/archives/1816967.html

I will release fixed version extended kernel user32. on 5.00.2195.7160

Thx.

Another program that have some trouble this time with BOTH normal win2k and with kernel ex is this one:

http://www.manhunter.ru/releases/108_32_bit_asm_calculator_1_5.html

This is awesome asm programmer calculator, but its tool tips make program crash before show on win2k.

Otherwise the program is woking fine if the tool tip creation routine is patched and avoided (as I did). But not tool tips then.

Ok it is not about the tool tips of this program (I dont actually need them) but this seems is general flaw of win2k (not sure that exactly is the problem), But it may appear on other soft which uses similar way to create tool tips.

If you are interested may see what is going on if not leave it be. THIS IS NOT A REQUEST. As I said I do not need this particular tool tips that much. This is just a notice because this thing looks more general problem.

So if you have time and and interest can look at it if not so be it.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.