D.Draker Posted June 19, 2022 Share Posted June 19, 2022 (edited) 13 hours ago, burd said: Thanks for your find. Thank you, I try to do my best. I know this software and what are you talking about . But I'm going to write a tutorial and some might not like the use of additional software that may or may not be flagged by their KGB/FSB "antivirus". So I'm looking for an official way to switch it off without the use of third party apps. As for me , I solved this issue and currently using 376.11 for myself . That's why I asked win32 about self-signing (maybe, as a solution) the drivers before this tutorial. EDIT for @win32 : Win32 , just so you know, you suggested 84C0740AB8BB0000C0 replacing with 84C0EB0AB8BB0000C0 because there's no first line in the later drivers (after 376.11). Unfortunately it results in BSOD , not always , but frequent. But the first solution worked ! Any ideas what to patch here in the nvlddmkm.sys , so I could include in the tutorilal also ? I mean besides the obvious memcpy_s KeQueryLogicalProcessorRelationship. I only ask about this one dll because I already patched the other four needed to be patched. Thanks . Link: https://catalog.s.download.windowsupdate.com/d/msdownload/update/driver/drvs/2017/01/af7be83e-225c-46a1-8114-1f80f2b96027_5017e2509def8c6ae40e1668f0de20e02a8cf1d2.cab Edited June 19, 2022 by D.Draker 1 Link to comment Share on other sites More sharing options...
winvispixp Posted June 19, 2022 Share Posted June 19, 2022 23 minutes ago, D.Draker said: some might not like the use of additional software that may or may not be flagged by their KGB/FSB "antivirus" you could just write a disclaimer or warning of false positives 1 Link to comment Share on other sites More sharing options...
SigmaTel71 Posted June 19, 2022 Share Posted June 19, 2022 22 hours ago, D.Draker said: I'm sorry man , I'm not into discussing the games in the ex-kernel topic. Sorry for that as well, but I wasn't disuccing games in particular but interesting in conditions you made things run. Don't you mind if I switch to PMs to continue on this topic? Link to comment Share on other sites More sharing options...
D.Draker Posted June 19, 2022 Share Posted June 19, 2022 @win32, the same question about patching the .sys dll in x86 so I could finish the tutorial. Thanks. 376.11 https://drivers.softpedia.com/get/GRAPHICS-BOARD/NVIDIA-GeForce-iCafe-Graphics-Driver-37611.shtml 376.53 https://catalog.s.download.windowsupdate.com/c/msdownload/update/driver/drvs/2017/01/09bbba90-cd9e-4d71-ba33-8e39ef592e62_e10b0f9502ad039a23bbf8b913230c827b0b437a.cab Link to comment Share on other sites More sharing options...
win32 Posted June 19, 2022 Author Share Posted June 19, 2022 (edited) 3 hours ago, D.Draker said: @win32, the same question about patching the .sys dll in x86 so I could finish the tutorial. Thanks. For 376.11 x86, the version check can be bypassed by finding the line: 53 FF D6 E8 86 97 4E FF 84 C0 74 0A B8 BB 00 00 Change it to this: 53 FF D6 E8 86 97 4E FF EB 0C 74 0A B8 BB 00 00 376.53 is very similar: 53 FF D6 E8 82 55 4E FF 84 C0 74 0A B8 BB 00 00 to 53 FF D6 E8 82 55 4E FF EB 0C 74 0A B8 BB 00 00 Edited June 19, 2022 by win32 2 Link to comment Share on other sites More sharing options...
D.Draker Posted June 21, 2022 Share Posted June 21, 2022 On 6/19/2022 at 9:57 PM, win32 said: For 376.11 x86, the version check can be bypassed by finding the line: 53 FF D6 E8 86 97 4E FF 84 C0 74 0A B8 BB 00 00 Change it to this: 53 FF D6 E8 86 97 4E FF EB 0C 74 0A B8 BB 00 00 376.53 is very similar: 53 FF D6 E8 82 55 4E FF 84 C0 74 0A B8 BB 00 00 to 53 FF D6 E8 82 55 4E FF EB 0C 74 0A B8 BB 00 00 Thanks , I tried . None of these fixes for 32-bit worked . None. Instant BSOD. Only 64-bit versions of certain drivers with certain combinations of replaced functions work . I'm currently testing a newer version . It's Quadro driver 376.84 64-bit and it works flawlessly , only after I got the replacements right (certain combination again) . I had to use software that signs the driver files , otherwise - no loading at all. Upon issuing all of the well known commands to stop the checks , it allows me to load the pathced driver only one time if I bypass it in the f8 menu, but the software - self-signed work! So why 32-bit not working even if signed ? They should ! 32 bit OS supposed to have less integrity checks , no ? Link to comment Share on other sites More sharing options...
D.Draker Posted June 23, 2022 Share Posted June 23, 2022 On 6/19/2022 at 10:45 AM, winvispixp said: you could just write a disclaimer or warning of false positives Done . @win32, the tutorial is finished . Yet the question about the BSODding 32 bit drivers remains open. 1 Link to comment Share on other sites More sharing options...
win32 Posted June 23, 2022 Author Share Posted June 23, 2022 (edited) I do not have a good answer for the 32 bit driver issues. I presume that the same functions are called as on 64 bit, right? If so they should work equally as well, unless there was an obscure issue specific to the architecture (in the last XP x64 NVIDIA drivers, multi monitor capability is broken because of an signed 32 bit integer becoming a unsigned 64 bit integer, iirc). Edited June 23, 2022 by win32 1 Link to comment Share on other sites More sharing options...
D.Draker Posted June 24, 2022 Share Posted June 24, 2022 On 6/23/2022 at 8:39 PM, win32 said: 1 - I do not have a good answer for the 32 bit driver issues. 2 - I presume that the same functions are called as on 64 bit, right? 3 - If so they should work equally as well, unless there was an obscure issue specific to the architecture (in the last XP x64 NVIDIA drivers, multi monitor capability is broken because of an signed 32 bit integer becoming a unsigned 64 bit integer, iirc). 1 - I tested 64bit on a board from 2010 and 32bit on a bloody kabylake from 2017. I can't test both on kabylake due to the well known bloody bug with the startup. 2- Right. 3 - Well , earlier I wrote that the first solution worked . I mean patching to EB24 worked , but the second not . By the second I mean EB0C. What's the difference between ? EB24 and EB0C ? 9451 vs 3307 ? Link to comment Share on other sites More sharing options...
win32 Posted June 24, 2022 Author Share Posted June 24, 2022 12 minutes ago, D.Draker said: 3 - Well , earlier I wrote that the first solution worked . I mean patching to EB24 worked , but the second not . By the second I mean EB0C. What's the difference between ? EB24 and EB0C ? 9451 vs 3307 ? I see that EB 24 is from my x64 patching instructions for 376.11, while EB 0C is from x86. The difference is that the x64 patch would "jump" over more code than x86, but I think they should actually be equivalent, as the x86 and x64 compilers arranged the version checking code differently. I'm not sure about 94 51 / 33 07, as I don't seem to have encountered them. You could alternatively take the 74 0A next to the 84 C0 and make that EB 0A, but I am not sure if it would make a difference. I suspect there is a deeper issue on x86. 1 Link to comment Share on other sites More sharing options...
D.Draker Posted June 25, 2022 Share Posted June 25, 2022 18 hours ago, win32 said: I'm not sure about 94 51 / 33 07, as I don't seem to have encountered them. But you did , lol. Invert, then do Hexadecimal - Decimal EB24 --> 24EB --> 9451 EB0C --> 0CEB --> 3307 Link to comment Share on other sites More sharing options...
SigmaTel71 Posted June 26, 2022 Share Posted June 26, 2022 So I've managed to install the the June 10 release of Extended kernel, and... everything goes wrong. First, I got kernelol.dll error. Is it supposed to be the old kernel32.dll hanging in System32 and SysWOW64 directories? At least I can confirm that Vivaldi 4.0 installer is starting with some issues, if I set 6.1.7601 version in osver.ini to global section, it starts up correctly, but says that the installer's archive was damaged and the installation will be aborted. Anyway, the extracted one from the installer works fine. I have even reverted the changes made to osver.ini to have correct version showing in the properties. Crash details of Vivaldi update notifier (it crashes twice at launch): Сигнатура проблемы: Имя события проблемы: APPCRASH Имя приложения: update_notifier.exe Версия приложения: 4.0.2312.36 Штамп времени приложения: 60dcf375 Имя модуля с ошибкой: webservices.dll Версия модуля с ошибкой: 6.0.6002.19623 Штамп времени модуля с ошибкой: 56ec4641 Код исключения: c0000135 Смещение исключения: 00000000000b7e68 Версия ОС: 6.1.7601.2.2.0.256.1 Код языка: 1049 Дополнительные сведения 1: fa3e Дополнительные сведения 2: ac0507478d1c5bd693cfc4fe3987e900 Дополнительные сведения 3: fa3e Дополнительные сведения 4: ac0507478d1c5bd693cfc4fe3987e900 Discord client installed through DiscordSetup crashes at startup. Сигнатура проблемы: Имя события проблемы: BEX Имя приложения: Discord.exe Версия приложения: 1.0.9005.0 Штамп времени приложения: 6255d9bd Имя модуля с ошибкой: StackHash_9c79 Версия модуля с ошибкой: 0.0.0.0 Штамп времени модуля с ошибкой: 00000000 Смещение исключения: 0a56f176 Код исключения: c0000005 Данные исключения: badc0de1 Версия ОС: 6.1.7601.2.2.0.256.1 Код языка: 1049 Дополнительные сведения 1: 9c79 Дополнительные сведения 2: 18d391556384f03f39cb1810be4919d6 Дополнительные сведения 3: cbd8 Дополнительные сведения 4: 7823eb2f440e23b0eb8dcc58dcf1c44e To what I've noticed is that almost every application had been crashing with BEX until I disabled DEP through bcdedit. Could the renamed kernel32.dll to kernelol.dll be the issue? Link to comment Share on other sites More sharing options...
winvispixp Posted June 26, 2022 Share Posted June 26, 2022 1 hour ago, SigmaTel71 said: Is it supposed to be the old kernel32.dll hanging in System32 and SysWOW64 directories? had the same issue. copy kernel32.dll.bak (if you already have the ex kernel) from SysWOW64 to SysWOW64(yea same folder) and rename it to kernelol.dll Link to comment Share on other sites More sharing options...
Sergiaws Posted June 26, 2022 Share Posted June 26, 2022 in that case, deactivating DEP is the solution for the ExKernel problems? Link to comment Share on other sites More sharing options...
SigmaTel71 Posted June 27, 2022 Share Posted June 27, 2022 12 hours ago, Sergiaws said: deactivating DEP is the solution for the ExKernel problems? Fifty-fifty. In some cases, applications continue to crash with BEX error at WerFault log. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now