UCyborg

The new experimental AG version released yesterday doesn't need any symbol files, at least until the next cumulative update for Windows 10. The huge memory leaks from the previous experimental build appear to be gone.

OK, I'll try again later and let you know...it's weird, I could post anywhere except there, maybe some cache got messed on my end, but one would expect that this would result in inability to post anywhere.

This one worked out-of-the box at the time, still have the screenshot: I mentioned Sound Blaster X-Fi MB3 installer in that post, which refused to install. I didn't modify the executable itself because GetVersionEx function was called from a bunch of different places. The installer could be launched and the welcome page worked without any workarounds, at which point I ran OllyDbg (version 2.01) , selected File->Attach and picked the installer's process. After analysis is complete, right-click in the main pane, Select module->ntdll, press Ctrl + N and start typing RtlGetVersion, double-click on the highlighted entry and press F2 to set the breakpoint at the function. The installer can now be unpaused hitting F9 key, and clicking Next should eventually cause RtlGetVersion to be called (it's used internally by GetVersionEx, which is what applications normally call). Pressing F8 a few times will eventually move the current instruction pointer to a series of instructions that look like this: MOV EAX,DWORD PTR DS:[EDI+0A4] MOV DWORD PTR DS:[ESI+4],EAX MOV EAX,DWORD PTR DS:[EDI+0A8] MOV DWORD PTR DS:[ESI+8],EAX MOVZX EAX,WORD PTR DS:[EDI+0AC] MOV DWORD PTR DS:[ESI+0C],EAX MOV EAX,DWORD PTR DS:[EDI+0B0] MOV DWORD PTR DS:[ESI+10],EAX These fill the first 4 significant members (dwMajorVersion, dwMinorVersion, dwBuildNumber, dwPlatformId) of OSVERSIONEX structure pointed to by the pointer passed to GetVersionEx called by application. When MOV EAX,DWORD PTR DS:[EDI+0A4] is highlighted, you should see something like this in a pane below: [0033A0A4]=6 The part after the equal sign is important, it represents the value that will be copied to dwMajorVersion, the pointer on the left could be anything. Pressing F8 two more times highlights the next instruction that takes the value that will be copied to dwMinorVersion. On Vista, this is 0, so you double-click the entry and change it to 1, which is what happens on Windows 7, so your OS version now reads 6.1 instead of 6.0. Selecting Detach from the File menu then detaches debugger from installer and continues its execution. So this was rather specific example. Some programs may need to be launched from debugger to be able to catch version check. For 64-bit applications, you'd need to use a 64-bit debugger (x64dbg comes in both 32 and 64-bit flavors) and the instructions look a bit different, but the pattern in the RtlGetVersion function is practically the same. Other programs may employ anti-debugging tricks, so you'd probably need some plugin for the debugger to hide it. I never dealt with that kind. PS: Equalizer APO might work on Vista, but wasn't tested by developers.

Official - Windows 10 Worst Crap Ever! - clicking Submit Reply in this thread gives me 403 Forbidden error...Help?

People either accepted the way Windows 10 looks by default and don't care anymore or are sticking with older Windows versions. Aero Glass forum used to be very alive in the Windows 8.x days.

FileZilla entry is outdated. Support for Vista was dropped with version 3.25.2-rc1, released on 23rd April 2017. Can't say whether it still works or not since I don't have Vista installed anywhere ATM. Here's the changelog.

I noticed that they show up only on the first launch, at least if you login and open Settings straight away. They disappear on subsequent launches.

I haven't found any setting for this neither. If there is a way, it probably involves hacking one of the system files.

Technically, they're still visual styles, just flat in appearance. Artificial restrictions that Windows has in the theming department are indeed silly.

http://www.glass8.eu/files/AeroGlassGUI.7z You have to log off for changes to take effect.

I don't know, the only thing I remember was having UxTSB DLL injected into every process via AppInit_DLLs method. This way, you could have the atlas image glow in captions of those windows. But this method has side effects: inability to open .deskthemepack files, colorization being applied to applications' texts other than the caption text and even causing access violation errors in some cases. So that's why I simply use modified theme and have my caption texts set to use composited glow rather than atlas image glow for consistent appearance. You need to edit TEXTGLOWSIZE and GLOWINTENSITY properties to enable glow on applications rendering caption text on their own. The default values of those settings on Windows 7 are 12 and 305.

I don't think anything changed here. aerohost.exe opens a file handle to DWMGlass.dll, preventing it from being renamed. You can still rename DLLs of other applications without having to do anything special. I have the same question. Windows 10 is still the buggy problem-ridden mess of an OS.

I figured what was TiWorker.exe doing for such a long time: installing update KB4074608, which BTW didn't end up in the update history, but was on the list of installed updates. I don't know when sleep mode broke on this PC (and other power saving modes too). It must have been some older update, not the latest. I only boot to Windows 10 occasionally to see how it changes over time. There's always something broken. Eternal beta at its finest.

Booted my Win10 install this evening, installed the update that was released today and rebooted. The system has been running for over an hour. TiWorker.exe process has been started approximately 20 minutes after the boot and has been occupying one CPU core ever since non stop; every once in a while, CPU usage drops for few moments, then it's back to full utilization, so consequently, the CPU hasn't got a chance to downclock to the normal idle frequency. It also allocates and frees memory randomly, one moment it will consume 60 MB, the other moment 700 MB. The change log says they fixed the random bug that occurs with legacy AMD GPUs with one display blinking after returning from sleep. Well, the system refuses to sleep now, only monitors turn off, maybe because of the above problem? Here's another issue that has been in there for who knows how long. Try to select anything in 7-Zip's file view by making the selection rectangle with a mouse and be sure you have horizontal scrollbar, This will make the mouse jump to the corner of the screen. On my laptop running 32-bit Windows 10, Windows Update doesn't detect today's update. Also noticed something odd there, the previous update is listed twice, the first instance says installed successfully, the second says failed with error code 0x80240034. Another thing I've noticed on multiple computers since FCU, mouse cursor sometimes briefly lags for no apparent reason.

The new experimental version has been released today. It has more fixes for the visual artifacts. Can't reproduce that problem on the above screenshot anymore. Nice work! We should've given more attention to the Remote Desktop in the past.

Just did a quick test on my end, installing Aero Glass in Program Files does not interfere with its functionality, symbols just end up in C:\ProgramData\dbg folder instead. If one has to have it installed in Program Files and wants symbols to appear in AeroGlass folder, "Authenticated Users" group must be granted at least read/write access to the folder (folder's properties, Security tab). My guess is that people here have some other problem, but since enabling verbose logging is too difficult, despite the fact that registry setting for it is documented on Aero Glass's website and a tool being available that makes enabling it as easy as flipping a single checkbox, we can't really know what's going on. Still, @bigmusclecould bundle dbghelp.dll and symsrv.dll files from the latest Debugging Tools for Windows. The versions provided are about 2.5 years old.

You need to modify your theme's .msstyles file, the path to stock one is "C:\Windows\Resources\Themes\aero\aero.msstyles". Make a copy of that file, name it something else, eg. aero2.msstyles. Download and run msstyleEditor and use it to open aero2.msstyles, navigate to Window->CAPTION, change TEXTCOLOR property on the right to the desired color and save the file. Afterwards, you need to modify your current .theme file with a text editor to point to the new .msstyles file, it is likely located in "C:\Users\<your name>\AppData\Local\Microsoft\Windows\Themes". Then the Personalization settings from Control Panel can be used to reload the theme with new settings. Your system must be patched to accept unsigned themes, otherwise it won't work. There are couple of options in that department, that topic has been beaten to death here and in other places, so I'll leave you on your own with this one.

You need to get a result like this: Read "The Magic Words are Squeamish Ossifrage." vertically. If you got something else, then it didn't work. You may also need to change cache hit threshold value by invoking the program like this: spectre-sse2.exe 90 Try some values between 40 - 300 for example.

I compiled 2 more versions (see link in one of my previous posts), one that has SSE2 but doesn't utilize RDTSCP instruction (not related to SSE2) and another without SSE2 but with RDTSCP (rather pointless, I was curious if it would output the magic string). Wondering if there's a CPU out there that would work with SSE version, or if there's something off in the code or maybe exploit simply doesn't work that way, who knows. The first set of extra instructions that predates SSE is MMX if I remember correctly. Isn't it supposed to work on CPUs without any such extensions? If so, we'd need a test that works on such CPUs. Supposedly there are certain x86 only CPUs that have SSE2, but not RDTSCP (the reason for the crash @Sampei.Nihira mentioned?).

I got the expected output with SSE2 version by invoking it like this: spectre-sse2.exe 100 I'm no expert, but isn't this supposed to be the kind of vulnerability that is difficult to exploit? Might take a clever hacker to put this to use in practice.

Here are the updated executables, there are both SSE and SSE2 versions and the issue with garbled text has been fixed by using more widely supported ' character instead of ’. https://drive.google.com/open?id=1WG-62M9ZZwDXNf0xlhx6NhR-_gtDv7AC

Something's fishy here, check the example output from the project's GitHub page. Don't forget you can also specify cache hit threshold.

I got the same output with the version of that program that uses SSE2 on my AMD Phenom II X4 920. Well, so far, I think I've figured out the garbled text problem on my end, the font I've chosen for command windows doesn't support that ’ character.

OK, will update the ZIP file with another .exe with manual closure. The thing about console programs, they run, do their thing and and then the process terminates. You can see their output if you run them from Command Prompt. The bigger problem that shouldn't occur is that part of the message it outputs is garbled for some reason, need to look into this as well.

Well, at least you found the solution that worked. I suspected the database Windows Update uses got mysteriously corrupted. Next thing I would suggest would be running DISM and sfc tools and only then, if no luck, resort to repair install.