Dibya

rloew helped me much . BWC helped in expanding section. jumper given all basic idea . I thought of forwarding function to real system dll seems to be more secure and easy Edit :: trying to back-port .net framework 4.6.1

Today I will send you

BWC Seem to be busy . I am using my old hex editing method. can you please test some my file ?

Hi I am starting this thread for some help in my project of bringing modern apps on XP. I have made a modified kernel . It is causing some BSOD and making pc to restart continuously so please if any one wish to help me i will pm him /her all files to check . I need some assistance as i am still novice in reverse engineering. Project Name : Extended XP Current Version : 0.02 i.Added Function to Kernel32.dll DecodePointer EncodePointer FlsAlloc FlsFree FlsGetValue FlsSetValue GetThreadId InitializeCriticalSectionEx InitOnceExecuteOnce K32EmptyWorkingSet K32EnumDeviceDrivers K32EnumProcesses K32EnumProcessModules K32GetDeviceDriverBaseNameW K32GetDeviceDriverFileNameA K32GetDeviceDriverFileNameW K32GetMappedFileNameA K32GetMappedFileNameW K32GetModuleBaseNameA K32GetModuleBaseNameW K32GetModuleFileNameExA K32GetModuleFileNameExW K32GetModuleInformation K32GetPerformanceInfo K32GetProcessImageFileNameA K32GetProcessImageFileNameW K32GetProcessMemoryInfo K32GetWsChanges K32InitializeProcessForWsWatch K32QueryWorkingSet SetThreadStackGuarantee GetTickCount64 ii.Prevented not a valid win32 Application Updated C Run-time Components i.Windows NT C++ Runtime Library DLL 7.0.6002.18005 ii.MFCDLL Shared Library - Retail Version 4.1.6151(ALL 4 DLLS) iii.Windows NT IOStreams DLL 7.0.6000.16386 iv. Windows NT CRT DLL 7.0.6002.22755 v.Windows Symbolic Debugger Engine 6.2.9200.16384 vi.Windows Image Helper 6.2.9200.16384 vii.WineD3D - DX10/11 wrapper by SyvetPro viii.Microsoft GDI+ 6.0.6002.23943 ix.Modified GDI32 with many Vista Functions x.MSXML 6.0 SP3 6.30.7601.22640

Thanks dencorso & LoneCrusader I will start a new thread

Any one can help me. Some unknown reason causing bsod with my modified Kernel32.dll. I wish to debug it . So question how can i shoot out problem with debugger

try universal vesa vbe driver

@jumper Thanks Jumper. I have modified few xp files if you have time can you check them? @MiKl An Entrypoint is not enough always . You have to add some extra function code inside your dll. for example AllocConsole of kernel32.dll has following extra function code 68 70 04 00 00 68 70 35 87 7C E8 4E F2 F8 FF A1 CC 66 88 7C 89 45 E4 33 DB 89 9D D4 FB FF FF 68 A0 66 88 7C FF 15 DC 10 80 7C 89 5D FC 64 A1 18 00 00 00 89 85 C4 FB FF FF 8B 40 30 8B 40 10 39 58 10 74 12 6A 05 E8 70 1D 01 00 89 9D D4 FB FF FF E9 4E 01 00 00 8D 85 DC FB FF FF 50 53 8D 85 D8 FB FF FF 50 53 8D 85 C8 FB FF FF 50 53 E8 03 A2 FB FF E8 F8 7B FA FF BE 0A 02 00 00 89 B5 D0 FB FF FF C7 85 CC FB FF FF 00 01 00 00 8D 85 E4 FE FF FF 50 8D 85 CC FB FF FF 50 8D 85 D8 FC FF FF 50 8D 85 D0 FB FF FF 50 E8 68 7C FA FF 8D 85 80 FB FF FF 50 E8 22 EB F8 FF 39 9D 8C FB FF FF 75 0A C7 85 8C FB FF FF EC F3 84 7C FF B5 8C FB FF FF E8 59 67 F9 FF 8D 44 00 02 0F B7 C0 89 85 C8 FB FF FF 3B C6 72 02 8B C6 0F B7 F8 89 BD C8 FB FF FF 8B 85 88 FB FF FF 3B C3 74 29 66 39 18 74 24 50 E8 28 67 F9 FF 8D 44 00 02 0F B7 C0 89 85 D8 FB FF FF 3B C6 72 02 8B C6 0F B7 C0 89 85 D8 FB FF FF EB 06 89 9D D8 FB FF FF 8D 85 DC FB FF FF 50 68 69 31 87 7C 68 08 73 87 7C FF B5 CC FB FF FF 8D 85 E4 FE FF FF 50 FF B5 D0 FB FF FF 8D 85 D8 FC FF FF 50 FF B5 D8 FB FF FF FF B5 88 FB FF FF 57 FF B5 8C FB FF FF E8 85 F9 FF FF 89 85 D4 FB FF FF 3B C3 74 2B 8D 85 DC FB FF FF 50 E8 A6 A2 FB FF E8 6E 41 FA FF 8B 85 E0 FB FF FF A3 34 60 88 7C E8 42 7A FA FF C7 85 D4 FB FF FF 01 00 00 00 83 4D FC FF E8 19 00 00 00 8B 85 D4 FB FF FF 8B 4D E4 E8 76 63 F9 FF E8 D8 F0 F8 FF C3 90 90 90 90 90 68 A0 66 88 7C FF 15 D8 10 80 7C C3 90 90 90 90 90 FF FF FF FF 00 00 00 00 5F 35 87 7C 90 90 90 90 90 68 18 01 00 00 68 70 36 87 7C E8 66 F0 F8 FF A1 CC 66 88 7C 89 45 E4 33 F6 89 B5 E4 FE FF FF 68 A0 66 88 7C FF 15 DC 10 80 7C 89 75 FC 64 A1 18 00 00 00 89 85 D8 FE FF FF 8B 40 30 8B 40 10 39 70 10 74 0F 6A 05 E8 88 1B 01 00 89 B5 E4 FE FF FF EB 6B 8D 85 E8 FE FF FF 50 56 8D 85 E0 FE FF FF 50 56 8D 85 DC FE FF FF 50 56 E8 1E A0 FB FF 8D 85 E8 FE FF FF 50 68 69 31 87 7C 68 08 73 87 7C FF 75 08 E8 0F FC FF FF 89 85 E4 FE FF FF 3B C6 74 2B 8D 85 E8 FE FF FF 50 E8 A4 A1 FB FF E8 6C 40 FA FF 8B 85 EC FE FF FF A3 34 60 88 7C E8 40 79 FA FF C7 85 E4 FE FF FF 01 00 00 00 83 4D FC FF E8 1B 00 00 00 8B 85 E4 FE FF FF 8B 4D E4 E8 74 62 F9 FF E8 D6 EF F8 FF C2 04 00 90 90 90 90 90 68 A0 66 88 7C FF 15 D8 10 80 7C C3 90 FF FF FF FF 00 00 00 00 63 36 87 7C 90 90 90 90 90 A1 34 60 88 7C C3 90 90 90 90 90 68 AC 00 00 00 68 40 37 87 7C E8 5B EF F8 FF A1 CC 66 88 7C 89 45 E4 8B 75 0C 64 A1 18 00 00 00 8B 40 30 8B 40 10 8B 40 10 89 85 6C FF FF FF 8B 45 08 89 85 70 FF FF FF 6A 0C 68 20 02 02 00 33 FF 57 8D 85 44 FF FF FF 50 FF 15 34 10 80 7C 39 BD 64 FF FF FF 7C 32 89 7D FC 8B 85 74 FF FF FF 89 06 83 4D FC FF 33 C0 40 EB 32 90 90 90 90 90 33 C0 40 C3 90 90 90 90 90 8B 65 E8 6A 0C E8 45 1A 01 00 83 4D FC FF EB 12 FF B5 64 FF FF FF FF 15 6C 10 80 7C 50 E8 2D 1A 01 00 33 C0 8B 4D E4 E8 99 61 F9 FF E8 FB EE F8 FF C2 08 00 90 90 90 90 90 90 90 FF FF FF FF FC 36 87 7C 05 37 87 7C 90 90 90 90 90 8B FF 55 8B EC 81 EC A4 00 00 00 A1 CC 66 88 7C 89 45 FC 64 A1 18 00 00 00 8B 40 30 8B 40 10 8B 40 10 89 45 84 8B 45 08 89 45 88 8B 45 0C 6A 10 89 45 8C 8B 45 10 68 21 02 02 00 89 45 90 6A 00 8D 85 5C FF FF FF 50 FF 15 34 10 80 7C 83 BD 7C FF FF FF 00 7C 05 33 C0 40 EB 14 FF B5 7C FF FF FF FF 15 6C 10 80 7C 50 E8 96 19 01 00 33 C0 8B 4D FC E8 02 61 F9 FF C9 C2 0C 00 90 90 90 90 90 68 C8 00 00 00 68 88 3A 87 7C E8 16 EE F8 FF A1 CC 66 88 7C 89 45 E4 8B 45 0C 89 85 34 FF FF FF 8B 45 14 89 85 2C FF FF FF 8B 5D 18 8B 75 24 64 A1 18 00 00 00 8B 40 30 8B 40 10 8B 40 10 89 85 6C FF FF FF 8B 45 08 89 85 70 FF FF FF 66 8B 45 20 66 89 85 74 FF FF FF 0F B7 C8 8D BD 76 FF FF FF 8B C1 C1 E9 02 F3 A5 8B C8 83 E1 03 F3 A4 8A 45 1C 88 45 E0 8B 75 10 8D 04 36 89 45 CC 89 45 D0 83 F8 50 76 2D 50 6A 01 FF 15 EC 11 80 7C 89 85 40 FF FF FF 33 FF 3B C7 75 07 6A 08 E9 A3 01 00 00 8D 4D C8 51 FF 75 D0 57 50 FF 15 F4 15 80 7C EB 12 8D 85 76 FF FF FF 89 45 C8 83 A5 40 FF FF FF 00 33 FF 89 9D 38

Unfortunately my Kernel mod not working . I will send files to BWC let him check what wrong I am asking many kernel modding experts for help. I believe they can help me to fix problem.

can you extract and check dropbox exe file whether it has any dependency , i will add it to kernel?

I have made a Comp ability layer with following components kernel32.dll with following function DecodePointer EncodePointer FlsAlloc FlsFree FlsGetValue FlsSetValue GetThreadId InitializeCriticalSectionEx InitOnceExecuteOnce SetThreadStackGuarantee GetTickCount64 Prevented not a valid win32 Application Updated C Run-time Components i.Windows NT C++ Runtime Library DLL 7.0.6002.18005 ii.MFCDLL Shared Library - Retail Version 4.1.6151(ALL 4 DLLS) iii.Windows NT IOStreams DLL 7.0.6000.16386 iv. Windows NT CRT DLL 7.0.6002.22755 I have to now debug this files then i have to test it in vm , if it work tomorrow surely i will post it here. few more functions i have added :- K32EnumProcesses K32EmptyWorkingSet K32EnumDeviceDrivers K32EnumProcesses K32EnumProcessModules K32GetDeviceDriverBaseNameW K32GetDeviceDriverFileNameA K32GetDeviceDriverFileNameW K32GetMappedFileNameA K32GetMappedFileNameW K32GetModuleBaseNameA K32GetModuleBaseNameW K32GetModuleFileNameExA K32GetModuleFileNameExW K32GetModuleInformation K32GetPerformanceInfo K32GetProcessImageFileNameA K32GetProcessImageFileNameW K32GetProcessMemoryInfo K32GetWsChanges K32InitializeProcessForWsWatch K32QueryWorkingSet Quite easy so added i donot know which app require this only added in case someone need it. I wanna add more function , if you guys and gals share some dependency issues

Jumper , You are doing nice job. can you suggest me good code cave tutorial ? If any you like Thanks for WSA POLL , it worked flawlessly

@tomasz86 I have browsed a long your site . It is very fast even on my super slow connection. any way those who wish to fix firefox . Function shown up red in dependency walker is quite harder to add

Thats really hell. I will stay with my sandybridge , Skylake and Buldozer cpu . Wanna know what gonna problem with hardware manufacturer to accept hell words from MS?

yep platform update missed I don't gonna believe good guys of ms anymore. Windows 10 is hell , i don't wanna upgrade to it.

GOOD NEWS FOR NFORCE RAID USER RUNNING WINDOWS !0 http://www.win-raid.com/t2202f37-RE-HOT-Win-Update-makes-nForce-RAID-arrays-unaccessable-10.html#msg30607 what left more to be broken in windows 10?

yo

Illustrator is little hardcore guy. First practice with old versions of illustrator 7.0 then 9.0 after that cs6 last of all cc. Smith micro manga studio is great. You can also add some nice effect with lightroom.

I will try .

making it run on vista is more problem. Word WDM 1.1 is blocked in hal.dll I should try

Dependency fixes are not enough . Amd guys blocked nt5.0/5.1/5.2/6.0. I should remove those codes by filling with nops by using ollydbg

if not working in your system it means it will not work anywhere. I will try next week again. which is the best version of crimson graphics?

I have forced installed nvdia xp over 10. More worse result came . 46% FPS Loss

I wished to do like that unfortunately Xeno86 was not active since long

It has official driver for XP.