Hi, I'm going to show how to patch setupapi.dll for most Windows XP/Server 2003 installations including betas. Why to patch setupapi.dll: Because in Windows XP Setup, files are protected by catalog files. If file verification fails, setup won't proceed any further. Why to use this method: As we know setupapi.dll patches are only available for Windows XP SP3 (5.1.2600.5512) and Windows Server 2003 SP2 (5.2.3790.3959) From now we can patch setupapi.dll for any versions including most betas. Limitations: *Currently only works for 32-Bit ISOs. *After applying this patch, it will trigger unsigned drivers warnings. However it can be bypassed by unattended method. Prerequisites: *7-zip *IDA Pro (32-Bit) *Makecab (Optional, if you want to compress patched files) *PEChecksum *AnyBurn (or any ISO editing tool) *Windows XP/2003 installation ISO *Virtual Machine program (for testing) Tutorial: 1- Extract setupapi.dll file located in I386 folder. It might show as setupapi.dl_, meaning it is compressed. 2- Open IDA Pro (32-Bit) version. 3- Import setupapi.dll 4- Under Exports menu, find "pSetupVerifyFile" function. 5- Open Hex-View 1 menu and press F2 to edit. 6- Replace first five values with: 33 C0 C2 30 00. It is likely to have the values before patching: 55 8B EC 8B 45. Right click and click on "Save to File" to apply patch. 7- Open the IDA View-A tab and compare the screenshot with your screen to verify. If it looks the same, patch is successful. Otherwise the patch cannot be applied to the file. 8- Edit -> Patch Program -> apply patches to input file... 9- Open the command prompt as Administrator. And apply this command on the work directory: pechecksum -c setupapi.dll makecab setupapi.dll setupapi.dl_ (This is optional) 10- Open any ISO editor, replace the original setupapi file with patched one, save the changes to ISO. 11- Install the OS from newly-created ISO on Virtual Machine for testing. Spoiler: Screenshot If you face issues with the tutorial, I'll gladly help.
Some help will be welcome to automate this procedure to be used from a Windows batch script. What are the bytes to change to patch x64 and IA64 versions ?
I tried the same bytes for x64, however setup crashed. As for IA64, I won't be doing this as there're no IA64 emulator available and I don't own a IA64 machine. I have yet to find a solution for that.
@example12345678912345678 Instead of patching setupapi.dll you can patch sfc_os.dll + registry setting for SFC - the installer does not display a warning during installation, e.g. a ported NVMe driver when copying (overwriting) storport.sys 6.1.7601.25735 to WINDOWS\system32\drivers How disable Warn while install driver protected by OS Patched sfc_os.dll 64-bit
Well, the problem is I can't find the function on other versions. So, it won't work well on all versions (I meant 2600 without SP3 or 3790 without SP2).
Try the Sysprep method from my guide and make ISO (boot.wim + install.wim): https://forums.mydigitallife.net/threads/winxp-64-bit-on-a-modern-pc-iso-boot-wim-install-wim.88435/
Instead of install.wim, you can make a disk image and restore to the target computer - see my previous version of the guide where I use Macrium: https://forums.mydigitallife.net/threads/winxp-64-bit-on-a-modern-pc-in-pure-uefi-gpt-or-mbr.87961/
@example12345678912345678 Çould you check your tutorial. Because If I repalce "55 8B EC 8B 45" with "33 C0 C2 30 00" then I dont get the same result as you have on your screenshot. But if I move 4 character to the left and replace "8B FF 55 8B EC" with "33 C0 C2 30 00" then I do get the same result. Edit: If using a Hex Editor then replacing "8B FF 55 8B EC 8B 45 2C" with "33 C0 C2 30 00 8B 45 2C" should do the trick too.
Alright, I found out that syssetup.dll would be a better patch. Because sfc_os.dll is not compatible with setupapi.dll. The thing is I could not found an universal patch for that.
Alright, I patched setupapi.dll + syssetup.dll + sfc_os.dll files. I got the installation completed but I get 0x0000007B BSOD after installation for some reason. Here is the list of bytes I replaced per file: Code: SETUPAPI.DLL Before: 558BEC8B452C SETUPAPI.DLL After: 33C0C230002C SYSSETUP.DLL Before: 0575076A01 SYSSETUP.DLL After: 0590906A01 SFC_OS.DLL Before: 75078BC6A3 SFC_OS.DLL After: 75079090A3 Any ideas? @George King, @Gelip I used setupapi.dll to bypass catalog error and syssetup + sfc_os to get rid of driver signature errors.
Not working. I'm using IDA Pro, and the function and section I am searching for does not exist on 32-Bit at all. I used nLite to patch SFC_OS.DLL, gave me other bytes but I still got driver warnings despite the SFC_OS.DLL patch. You have to give me a better advice other than patching SFC_OS.DLL. It does not work at all. Spoiler: Left is 32-Bit, Right is 64-Bit; Both are 3790.3959 SP2 Spoiler: Other search results for 32-Bit The bytes 41 0F 44 CF do not exist on x86 I'm trying to say. This patch is x64 only.
You use only patched sfc_os.dll or you use patched by nLite ISO? nLite also add registry settings in HIVESFT.INF Code: HKLM,"SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon","SfcDisable",0x00010001,0xFFFFFF9D
Write what exactly you want to achieve - you want to use modified system files in the ISO image? What files are these? What ISO - WinXP SP2 x86 ?
Well, I want to be able to modify setup files freely without triggering catalog errors for my project aka ConvertNT5SKUs. I have to patch some files in order to bypass this error. Formerly I used to have pre-patched setupapi.dll/syssetup.dll files. However my copyright concerns and setup being always English were big problems. So, I have decided to patch files by using a command-line hex-editor. First of all I used a decompiler to understand the patch nLite applies. Then I assemblied some lines and worked for setupapi.dll and sfc_os.dll. However the problem is setupapi.dll + sfc_os.dll does skip signature verification but not driver warnings. After that I tried on some more patches. I got partially successful. It hid the driver warnings, however after installation I get instant 0xc0000007b BSOD. That's why I have to find something better.