Leaderboard

NTOSKRNL Emu_Extender Library of missing functions for Windows XP/2003/Vista/7 NTOSKRNL.EXE Project is intended to help in porting drivers from Windows 7/8/8.1/10 for work with Windows XP/2003/Vista/7 How-To: Compile sources to make ntoskrn8.sys Make corrections to target driver XXX.sys so that it loads ntoskrn8.sys instead of the original ntoskrnl.exe If XXX.sys is driver made for Windows 8, change security_cookie to random value, security_cookie is constant 0x4EE640BB(x32) / 0x32A2DF2D992B(x64) inside file, change only first match ! Place ntoskrn8.sys to X:/Windows/system32/drivers/ folder Compiling: 1) Install Windows 7 DDK v7.1.0 (download from Microsoft site) 1a) Original DDK header files has mistake with definintion of MmAllocateContiguousMemorySpecifyCacheNode, apply fix to two files \WinDDK\Win7\inc\ddk\ntddk.h and \WinDDK\Win7\inc\ddk\wdm.h: replace: #if (NTDDI_VERSION >= NTDDI_WIN2K) typedef ULONG NODE_REQUIREMENT; to: #if (NTDDI_VERSION >= NTDDI_VISTA) typedef ULONG NODE_REQUIREMENT; 2) Download project files to any local folder git clone https://github.com/MovAX0xDEAD/NTOSKRNL_Emu 3) Choose Target OS (XP, 2003, Vista or WIndows 7) for which OS Emu_Extender will be compiled. Keep in mind that depending on the target operating system the way of exporting the functions changes, if a function already exists in the kernel it will be simply redirected without injecting emulation code 4) Run shell: "Start Menu\Programs\Windows Driver Kits\Win7 7600.16385.1\Build Environments\Windows XXX\YYY Free Build Environment" (XXX - target OS, YYY - target CPU) 5) In shell change current directory to local project folder 6) Use shell command BLD to compile project 7) Compiled ntoskrn8.sys will be in ntoskrn8/objfre_XXX_x86/YYY folder STORPORT Windows 7 Emu_Extender This is Library of missing functions for Windows 7' STORPORT.SYS v6.1.7601.23403 to emulate Windows 8' STORPORT.SYS How-To: Compile ntoskrnl Emu_Extender Place storpor8.sys to X:/Windows/system32/drivers/ folder Make corrections to target xxx.sys so that it loads storpor8.sys instead of the original storport.sys Place backported storport.sys from Windows 7 to X:/Windows/system32/drivers/ folder Ported drivers: Windows 7's WDF 1.11 for Windows XP/2003 x32 Last version for Windows XP/2003 is 1.9, but possible to backport 1.11 version: 1) Get files from Windows 7 Updates (KB3125574): WDF01000.SYS v 1.11.9200.20755 WdfLdr.sys v 1.11.9200.16384 2) In WDF01000.SYS replace string ntoskrnl.exe to ntoskrn8.sys in import section 3) Recalc checksum If need coexist with original WDF1.9 drivers: 4) Rename WDF01000.SYS->WDF01_W8.SYS, WdfLdr.sys->WdfLdr8.sys 5) In WDF01_W8.SYS replace string WdfLdr.sys to WdfLdr8.sys in import section 6) In WdfLdr8.sys replace unicode string \Registry\Machine\System\CurrentControlSet\Services\Wdf%02d000 to \Registry\Machine\System\CurrentControlSet\Services\Wdf%02d_w8 7) In WdfLdr8.sys replace hex pattern F6 78 1B F6 to F6 EB 1B F6 (x32), ** ** to ** ** (x64) 8) In target driver XXX.sys replace string "WdfLdr.sys" to "WdfLdr8.sys" in import section 9) In .INF of ported driver add creating new service: AddService=WDF01_W8,, WDF.AddService .... [WDF.AddService] DisplayName = "Windows Driver Framework v1.11 for XP/2003" ServiceType = 1 ; SERVICE_KERNEL_DRIVER StartType = 3 ; SERVICE_DEMAND_START ErrorControl = 1 ; SERVICE_ERROR_NORMAL ServiceBinary = %12%\WDF01_W8.SYS LoadOrderGroup = Base Recalc checksum of all edited *.sys Windows 7's Storport.sys for Windows XP x32 Storport was released since Windows 2003, but possible to backport Windows 7 version: 1) Get files from Windows 7 Updates (KB3125574): storport.sys v 6.1.7600.23403 2) In storport.sys replace string ntoskrnl.exe to ntoskrn8.sys in import section, now storport.sys will import all kernel functions only from Emu_Extender 3) Storport uses MSI interrupts, need to force use only legacy/compatible interrupts x32 - replace hex pattern 8B 8E 3C 01 00 00 to B9 00 00 00 00 90 (mov ecx, [esi+13Ch] -> mov ecx, 0) x64 - replace hex pattern 8B 83 C0 01 00 00 to B8 00 00 00 00 90 (mov eax, [rbx+1C0h] -> mov eax, 0) 4) Recalc checksum Windows 7's NVMe driver for Windows XP x32 1) Get files from Windows 7 Updates (KB3125574): stornvme.sys v 6.1.7600.23403 2) MS Win7 NVMe driver require Win7 Storport.sys, use backported one Windows 8's USB3 driver for Windows XP x32 1) Get required files from Windows 8 (KB4534283/4556840, KB2984005, RTM ISO): ucx01000.sys v6.2.9200.22453 usbhub3.sys v6.2.9200.21180 usbxhci.sys v6.2.9200.22099 wpprecorder.sys v6.2.9200.16384 usbd.sys v6.2.9200.20761 from Vista Beta/Longhorn 5456.5: ksecdd.sys v6.0.5456.5 2) In files ucx01000.sys, usbhub3.sys, usbxhci.sys, wpprecorder.sys, usbd.sys change security_cookie to random value 3) In files ucx01000.sys, usbhub3.sys, usbxhci.sys, ksecdd.sys replace string name "ntoskrnl.exe" to "ntoskrn8.sys' in import section 4) Rename ksecdd.sys->ksecd8.sys, usbd.sys->usbd_w8.sys 5) In usbhub3.sys replace string name "ksecdd.sys" to "ksecd8.sys' in import section 6) In usbhub3.sys replace string name "usbd.sys" to "usbd_w8.sys' in import section, 7) recalc checksum Windows 8’s STORAHCI driver for Windows XP x32 STORAHCI driver requires storport.sys from Windows 8, but possible to use storport.sys v6.1.7601.23403 from Windows 7 Storport.sys from Windows 7 more compatible with Windows XP/2003 because it still call required PoStartNextPowerIrp when processing power IRPs. Microsoft removed calls to PoStartNextPowerIrp in Windows 8's storport.sys, without this call Windows XP/2003 kernel cannot finish current power IRP and start next IRP => it generate BSOD (0x0000009F). Also storport.sys from Windows 7 has compatibility mode to allow old XP/2003 kernels write crashdumps through storport based disk drivers. In storport.sys from Windows 8 compatibility mode was removed, writing crashdumps possible only with new kernels. Take attention: Windows 8's STORAHCI + Windows 7's STORPORT may have significal performance drop and high CPU usage, there is no fix yet 1) Get files from Windows 8 (RTM ISO): storahci.sys v 6.2.9200.16384 2) In storahci.sys replace string storport.sys to ntoskrn8.sys in import section 3) Storahci.sys was compiled with Windows 8 DDK's storport.h and writes values to new fields of _PORT_CONFIGURATION_INFORMATION struct, these fields not exist in Windows 7's storport.sys. Need to skip these writes to avoid damaging other structures in memory x32: Replace hex pattern 83 A6 C8 00 00 00 00 to 90 90 90 90 90 90 90 (and dword ptr [esi+0C8h], 0 -> nop) Replace hex pattern 83 8E CC 00 00 00 03 to 90 90 90 90 90 90 90 (or dword ptr [esi+0CCh], 3 -> nop) x64:Replace hex pattern 44 89 B7 D8 00 00 00 to 90 90 90 90 90 90 90 (mov [rdi+0D8h], r14d -> nop) Replace hex pattern 83 8F DC 00 00 00 03 to 90 90 90 90 90 90 90 (or dword ptr [rdi+0DCh], 3 -> nop) If you want compile storahci from sources (from Windows 8 DDK Samples), comment two lines ConfigInfo->BusResetHoldTime = 0; ConfigInfo->FeatureSupport |= STOR_ADAPTER_FEATURE_STOP_UNIT_DURING_POWER_DOWN; 4) In storahci.sys change security_cookie to random value 5) Recalc checksum Windows 7’s MSAHCI driver for Windows XP x32 1) Get files from Windows 7 Updates(KB3125574): atapi.sys v 6.1.7600.23403 ataport.sys v 6.1.7600.23403 msahci.sys v 6.1.7600.23403 pciidex.sys v 6.1.7600.23403 2) In ataport.sys, pciidex.sys replace string ntoskrnl.exe to ntoskrn8.sys in import section 3) Pciidex.sys uses MS Internal/Undocumented HalDispatchTable way to call functions from Kernel/HAL, for Windows XP/2003 need to use compatible variant: x32: Replace hex pattern FF 50 3C to FF 50 40 same in asm code: mov eax, ds:HalDispatchTable ... call dword ptr [eax+3Ch] => call dword ptr [eax+40h] x64: Replace hex pattern FF 50 78 to EB 2A 90 Replace hex pattern at offset +2Ch: CC CC CC CC CC CC CC CC to FF 90 80 00 00 00 EB CF, same in asm code: mov rax, cs:HalDispatchTable ... call qword ptr [rax+78h] => jmp patch orig: mov r10d, eax patch: call qword ptr [eax+80h] jmp orig 4) Recalc checksum 5) MSHDC.INF from Windows 7 conflict with original mshdc.inf from Windows XP/2003. msahci.sys enumerates IDE/SATA channels as "Internal_IDE_Channel" and compatible ID is "*PNP0600". Original mshdc.inf from Windows XP/2003 for compatible Device ID "*PNP0600" will install wrong "Standard IDE/ESDI Hard Disk Controller" driver Intel RSTe (Enterprise/Premium) AHCI/RAID driver 4.7.0.1098 for Windows XP/2003 Intel RST AHCI/RAID drivers (any version, last compatible is 16.8.3) for Windows XP/2003 These drivers require storport.sys from Windows 7, use backported version. 1) In file iaStorA.sys/iaStorAC.sys/iaStorAVC.sys replace string “ntoskrnl.exe” to “ntoskrn8.sys” in import section (do not change second string “NTOSKRNL.exe”) now these *.sys will import kernel functions only from Emu_Extender 3) Recalc checksum Implemented Func List v60: _chkstk _i64toa_s _i64tow_s _itoa_s _itow_s _ltoa_s _ltow_s _makepath_s _snprintf_s _snscanf_s _snwprintf_s _snwscanf_s _splitpath_s _strnset_s _strset_s _strtoui64 _swprintf _ui64toa_s _ui64tow_s _ultoa_s _ultow_s _vsnprintf_s _vsnwprintf_s _vswprintf _wcsnset_s _wcsset_s _wmakepath_s _wsplitpath_s _wtoi _wtol DbgkLkmdRegisterCallback EmClientQueryRuleState EtwActivityIdControl EtwEventEnabled EtwProviderEnabled EtwRegister EtwRegisterClassicProvider EtwUnregister EtwWrite EtwWriteString EtwWriteTransfer ExAcquireRundownProtectionCacheAware ExAcquireRundownProtectionCacheAwareEx ExAllocateCacheAwareRundownProtection ExDeleteLookasideListEx ExEnterCriticalRegionAndAcquireFastMutexUnsafe ExEnterCriticalRegionAndAcquireResourceExclusive ExEnterCriticalRegionAndAcquireResourceShared ExEnterPriorityRegionAndAcquireResourceExclusive ExEnterPriorityRegionAndAcquireResourceShared ExFreeCacheAwareRundownProtection ExfReleasePushLockShared ExfTryToWakePushLock ExGetFirmwareEnvironmentVariable ExInitializeLookasideListEx ExInitializeRundownProtectionCacheAware ExReInitializeRundownProtectionCacheAware ExReleaseFastMutexUnsafeAndLeaveCriticalRegion ExReleaseResourceAndLeaveCriticalRegion ExReleaseResourceAndLeavePriorityRegion ExReleaseRundownProtectionCacheAware ExReleaseRundownProtectionCacheAwareEx ExRundownCompletedCacheAware ExSetFirmwareEnvironmentVariable ExSizeOfRundownProtectionCacheAware ExWaitForRundownProtectionReleaseCacheAware IoAllocateSfioStreamIdentifier IoConnectInterruptEx IoDisconnectInterruptEx IoFreeSfioStreamIdentifier IoGetActivityIdIrp IoGetAffinityInterrupt IoGetDevicePropertyData IoGetIoPriorityHint IoGetSfioStreamIdentifier IoInitializeWorkItem IoQueueWorkItemEx IoSetActivityIdIrp IoSetDevicePropertyData IoSizeofWorkItem IoUninitializeWorkItem IoUnregisterPlugPlayNotificationEx KdRefreshDebuggerNotPresent KeAcquireGuardedMutex KeAcquireGuardedMutexUnsafe KeAlertThread KeAreAllApcsDisabled KeEnterGuardedRegion KeExpandKernelStackAndCallout KeGetCurrentNodeNumber KeGetCurrentProcessorNumberEx KeGetProcessorIndexFromNumber KeGetProcessorNumberFromIndex KeInitializeGuardedMutex KeInvalidateAllCaches KeInvalidateRangeAllCaches KeLeaveGuardedRegion KeQueryActiveGroupCount KeQueryActiveProcessorCount KeQueryActiveProcessorCountEx KeQueryDpcWatchdogInformation KeQueryGroupAffinity KeQueryHighestNodeNumber KeQueryLogicalProcessorRelationship KeQueryMaximumGroupCount KeQueryMaximumProcessorCount KeQueryMaximumProcessorCountEx KeQueryNodeActiveAffinity KeReleaseGuardedMutex KeReleaseGuardedMutexUnsafe KeRevertToUserAffinityThreadEx KeRevertToUserGroupAffinityThread KeSetActualBasePriorityThread KeSetCoalescableTimer KeSetSystemAffinityThreadEx KeSetSystemGroupAffinityThread KeSetTargetProcessorDpcEx KeTestAlertThread KeTryToAcquireGuardedMutex LdrResFindResource LdrResFindResourceDirectory LpcReplyWaitReplyPort LpcRequestWaitReplyPortEx LpcSendWaitReceivePort memcpy_s memmove_s MmAllocateContiguousMemorySpecifyCacheNode MmAllocateContiguousNodeMemory ObDeleteCapturedInsertInfo ObfDereferenceObjectWithTag ObfReferenceObjectWithTag ObGetObjectType ObQueryNameInfo PcwAddInstance PcwCloseInstance PcwCreateInstance PcwRegister PcwUnregister PoDisableSleepStates PoEndDeviceBusy PoGetSystemWake PoReenableSleepStates PoRegisterPowerSettingCallback PoSetDeviceBusyEx PoSetSystemWake PoStartDeviceBusy PoUnregisterPowerSettingCallback PoUserShutdownInitiated PsAcquireProcessExitSynchronization PsEnterPriorityRegion PsGetCurrentProcessWin32Process PsGetCurrentThreadProcess PsGetCurrentThreadProcessId PsGetCurrentThreadTeb PsGetCurrentThreadWin32Thread PsGetCurrentThreadWin32ThreadAndEnterCriticalRegion PsGetProcessSessionIdEx PsIsProtectedProcess PsIsSystemProcess PsLeavePriorityRegion PsReleaseProcessExitSynchronization PsSetCreateProcessNotifyRoutineEx RtlCheckPortableOperatingSystem RtlGetIntegerAtom RtlGetThreadLangIdByIndex RtlIsNtDdiVersionAvailable RtlQueryElevationFlags RtlQueryRegistryValuesEx RtlSetPortableOperatingSystem SeReportSecurityEventWithSubCategory SeSetAuditParameter SeSetAuthorizationCallbacks sprintf_s sscanf_s strcat_s strcpy_s strncat_s strncpy_s strnlen strtok_s swprintf_s swscanf_s vsprintf_s vswprintf_s wcscat_s wcscpy_s wcsncat_s wcsncpy_s wcsnlen wcstoul ZwAllocateLocallyUniqueId ZwAlpcConnectPort ZwAlpcSendWaitReceivePort ZwQueryLicenseValue ZwQueryVirtualMemory Download Sources https://github.com/MovAX0xDEAD/NTOSKRNL_Emu

I have been playing around with a dual-boot msdos 6.3 + 7.1 boot system. to help with a help file. There are things to do with these DOS versions yet, but the help-system from 6.22 has been updated to include most of msdos 5.x to 7.x, as well as interesting info on pcdos, versions of programs like emm386 and msd, which shipped with dos, and even basica / gwbasic, etc. http://www.os2fan2.com/files/dos7help.zip is the source. The version of qbasic has a number of known patches applied, inc;luding the *.* and phatcode patches. dos6.com is help.com, renamed so not to overwrite help, and so it's accessable from 4dos as well. qbed.com is edit.com renamed to not overwrite edit.com. The help and ini file are qbed.hlp and qbed.ini, for similar reasons. W

@Dave-H. Thanks. I did manage to get missing updates via MS Update Catalogue as you suggested. Had to changeout MSO.DLL again. Today I used ie8 Microsoft Update and it worked OK. I was offered Word KB4484380, which didn't seem to break anything.

Yes to both.

as least I knew git commit 8b37ac1bf00199d4654d09b876991e737d8d3197 is OK, trying next commit. yep the condition is getting worse, but it is not easy to move out from here.

I looked at the Vulkan driver (both vulkan dlls in VulkanRT-Installer.exe) and it doesn't seem to have any dependency issues on Vista. I'm stuck on a GTX 260/Quadro FX 3800 so I can't test anything though. Perhaps the Vulkan applications have their own compatibility issues? Though, while I'm at it, here are the missing functions in ntoskrnl required for Skylake graphics: strncpy_s wcscpy_s IoUnregisterPlugPlayNotificationEx swprintf_s strcpy_s RtlUnicodeToUTF8N vswprintf_s _vsnprintf_s vsprintf_s _snprintf_s KeSetCoalescableTimer strnlen sprintf_s strcat_s memcpy_s wcsncpy_s Most of these functions exist in Vista but without the "_s" appended to them.

@roytam1<-- Hope this is okay to say it here. https://www.cnn.com/2020/06/30/asia/hong-kong-china-national-security-law-intl-hnk/index.html Hong Kong is about to be governed by a law most residents have never seen. And it's already having an effect ; 2020.06.30 RT ... Just saying that I pay a bit of attention to HK News. Not looking to start up a political discussion here. But I guess now , that you (HK) have less freedom than you once did. Be well , and thanks on the RT Browsers.

Big thanks to you, Roy, Guess that several other download managers could be affected as they are nested in the about:downloads command. Looking forward... Thanks a lot, Siria!

Download Manager (S3) There's also a forum for it, 39 pages on mozillazine: http://forums.mozillazine.org/viewtopic.php?f=48&t=2793995

tried 20200530 build and no problem here, and it crashes since 20200606. I'll need more time for debugging and resolve this.

Incredible how SourceForge has managed to not shut down after all these years, looks like them getting a new CEO didn't exactly do much on their part other than kill some of the more stupid shenanigans the previous owners did. Always has been infested with advertising though, wish people would just switch to FossHub+GitLab. (Even if the name 'Fosshub' is inaccurate since not everything they offer is open source... but it beats SourceForge by a million miles)

Oh, noes, not again. Vista SP2 was eaten up by Windows 7, SP2 was simply too late: https://en.wikipedia.org/wiki/Windows_Vista#Service_Pack_2 Service Pack 2 for Windows Vista was released to manufacturing on April 28, 2009,and released to Microsoft Download Center and Windows Update on May 26, 2009 but the main original issue with the original release of Vista, 2 and 1/2 years before, was (apart some edges that needed to be rounded) essentially that it was widely installed on largely underpowered hardware. Vista, no matter what Service pack, was, is and will be (extremely) slow on underpowered machines. @aviv00 Server versions do not count , they are usually much better than corresponding "end customer" OS, either in terms of speed/optimization or in features/capabilities. jaclaz

As dencorso said, right after installing 95/98SE, just run PATCHMEM.EXE /M and forget about anything else. Don't bother with SPLIT8MB, Min/Max FileCache, or MaxPhysPage. For many years been running 98SE without ever tweaking FileCache settings, even before the RAM patch became available to public.

Lots of people do... however, most, like myself, lost interest in or otherwise gave up on 9x/ME forever, way back when. Still, most of the info you'll ever need is collected in the thread I've just pointed you to, which I no longer update, but which preserves most info you may require. ==== Additional info added later ==== MinFileCache is *never* needed. MaxFileCache and MaxPhysPage should be removed for using the RAM Limitation Patch. The most usual setting for the patch is to run it with the /M command-line parameter. SPLIT8MB shouldn't usually be needed. For more about that: