Tank you Dioptimizer Translation of important parts of patch code. â– Install on Athlon XP's FMV-NB16CA Let's examine hal.dll / halmacpi.dll first. HalpInterruptInitSystem 800476BB push 5Ch HalpDpStartProcessor 80049239 push 5Ch *HalpPiix4Detect *8004A637 push 5Ch HalpInterruptSwapProcessorIdentifiers 8004ACD0 push 5Ch HalpAddDevice 8004E2C9 push 5Ch HalpReportResourceUsage 800578A8 push 5Ch *HalpPiix4Detect *80058174 push 5Ch HalpAcpiInitializePmRegisters 8005A3FB push 5Ch It is said that Windows 8 does not support 82371 AB (PIIX 4), but IGP 320 + M 1535 chipset also produces HAL_INITIALIZATION_ FAILED. Rewriting the location of HalpPiix4Detect to Push 50 changed to PAGE_FAULT_IN_NONPAGED_AREA, so we could identify the location. Search for 85c078408b9d54fffffff6c301 and rewrite it as 0003298D - 909090909090 and save it. Recalculate and write the checksum. call HalpGetChipHacksï¼ 16; HalpGetChipHacks(x,x,x,x) test eax, eax js short loc_8004A5C4 mov ebx, [ebp+var_AC] test bl, 1 jnz loc_8004A626 (0F8593000000 --> 909090909090) test bl, 2 jz short loc_8004A59F mov _HalpDisableHibernate, 1
And Bypassing RDMSR "><Ntoskrnl.exe avoids freezing trying to read MSR> RDMSR@4 8DP and 8.1 are identical mov ecx, 0C0010114h call @ RDMSR @ 4; RDMSR (x) and eax, 10h xor edx, edx or eax, edx jnz 8DP works even if you fill call @RDMSR@4. When filled with 8.1, 0x0000000 A black screen occurs. 890dac2d5e00e920aaffff3c02 loc - 63 A 6 E 3: cmp al, 2 jnz loc - 631 A 4 0F 85 B9 AA FF FF 90 E9 B9 AA FF FF Try to force JMP (right then do not do RDMSR) But it seems not to be good. Black screen with 0000000 A I put 0C0010114h in ECX and RDMSR Using this number freezes MSR Editor of Crystal CPUID. This is a value that can not be used with this hardware. According to the information of CPU-Z mobile AMD Athlon (tm) XP 2200+ MSR 0xC0010114 0x8279D6C0 0xFFFFFF37 MSR 0xC0010015 0x00000000 0x06031000 MSR 0xC0010042 0x000D0D0D 0x00150603 MSR 0xC0010041 0x00000000 0x00110D03 AMD FX (tm) -4100 Quad-Core Processor looks something like this MSR 0xC0010114 0x00000000 0x00000018 0x000000114 (EDX = 0x00000000 EAX = 0x00000000) Let's rewrite it. 243001000001740681ce00000004 B9 14 01 01 C0 B9 14 01 00 00 Black screen was displayed at 0x0000000A. The meaning is an intrusion into the page address. EBX and ECX may change due to rewriting, so it may become amusing. I will try to rewrite it to MSR 0xC0010015 in a place where there is no harm mov ecx, C0010015h call @RDMSR@4; RDMSR (x) and eax, 10h xor edx, edx or eax, edx jnz loc - 631 A4 jmp loc_63519E With PE tool 243001000001740681ce00000004 B9 14 01 01 C0 B9 15 00 01 C0
And Bypassing RDMSR "><Ntoskrnl.exe avoids freezing trying to read MSR> RDMSR@4 8DP and 8.1 are identical mov ecx, 0C0010114h call @ RDMSR @ 4; RDMSR (x) and eax, 10h xor edx, edx or eax, edx jnz 8DP works even if you fill call @RDMSR@4. When filled with 8.1, 0x0000000 A black screen occurs. 890dac2d5e00e920aaffff3c02 loc_63A6E3: cmp al, 2 jnz loc - 631 A 4 0F 85 B9 AA FF FF 90 E9 B9 AA FF FF Try to force JMP (right then do not do RDMSR) But it seems not to be good. Black screen with 0000000 A I put 0C0010114h in ECX and RDMSR Using this number freezes MSR Editor of Crystal CPUID. This is a value that can not be used with this hardware. According to the information of CPU-Z mobile AMD Athlon (tm) XP 2200+ MSR 0xC0010114 0x8279D6C0 0xFFFFFF37 MSR 0xC0010015 0x00000000 0x06031000 MSR 0xC0010042 0x000D0D0D 0x00150603 MSR 0xC0010041 0x00000000 0x00110D03 AMD FX (tm) -4100 Quad-Core Processor looks something like this MSR 0xC0010114 0x00000000 0x00000018 0x000000114 (EDX = 0x00000000 EAX = 0x00000000) Let's rewrite it. 243001000001740681ce00000004 B9 14 01 01 C0 B9 14 01 00 00 Black screen was displayed at 0x0000000A. The meaning is an intrusion into the page address. EBX and ECX may change due to rewriting, so it may become amusing. I will try to rewrite it to MSR 0xC0010015 in a place where there is no harm mov ecx, C0010015h call @RDMSR@4; RDMSR (x) and eax, 10h xor edx, edx or eax, edx jnz loc - 631 A4 jmp loc_63519E With PE tool 243001000001740681ce00000004 B9 14 01 01 C0 B9 15 00 01 C0
Although I can do the analysis of IA-32 somehow, I am not familiar with AMD64 and I do not have analysis tools. Since Athron64 will be caught by the check of PIIX4, patch will be necessary.
Hello 2 All. I have Socket 478 P-4 CPU with EMT64 or x64 capable but without NX bit support and want to install Win 8.1 x64 or even better Win 10 x64 (early version will be enought) but two version of patch doesn't work Who helps me pathed OS files? I prepared a lot of different builds on any case http -> s000.tinyupload.com/?file_id=52846987144325374894
Hi, I have same problem when I try to apply patch. so many try no success. which version of win8.1 you installed and could you send me your patched ntoskrnl.exe and winload.exe ? thanks