roytam1

BTW for those using USB WebCam with 4GB/64GB patch, it is better to replace usbvideo.sys from 2K3 SP2.

I haven't test "new" hal patch on the system that can crash(I have the patch from you running on the machine in $workplace, but since it is not using Realtek NIC I don't know how to crash it)

the assembly code around this is: INIT:8002DCF5 loc_8002DCF5: ; CODE XREF: HalInitSystem(x,x)+307jINIT:8002DCF5 mov _HalpPhysicalMemoryMayAppearAbove4GB, 1INIT:8002DCFCINIT:8002DCFC loc_8002DCFC: ; CODE XREF: HalInitSystem(x,x)+30FjINIT:8002DCFC push 1INIT:8002DCFE push 10hINIT:8002DD00 push 1000000hINIT:8002DD05 push ebxINIT:8002DD06 mov dword_800232C4, 40hINIT:8002DD10 mov esi, 10000hINIT:8002DD15 call _HalpAllocPhysicalMemory@16 ; HalpAllocPhysicalMemory(x,x,x,x)INIT:8002DD1A cmp eax, ediINIT:8002DD1C jnz short loc_8002DD20INIT:8002DD1E xor esi, esiEDIT: the page you found may be this (in Chinese):http://www.pediy.com/kssd/pediy12/142776.html

I did update it to latest version downloadable in realtek.com, but same BSoD happens.

But... let me understand this right: 1. ) You located the points to patch using the search hexstrings I provided, instead of fixed offsets, right? 2. ) You fixed the checksums, using pechecksum.exe (as recommended) or using modifype.exe, right? 3. ) You replaced usbport.sys by the one reccommended, right? 4. ) It worked, right? Your XP machine became able to see and access more that 4 GiB RAM, right? If all the above is right, please do post a new screenshot of the machine's My Computer's Properties, please. both 1 to 4 are "Yes". Then, congratulations! Now, was only because of your instigation that I came upon the idea of small unique search hexstrings unlike to change on localization as a method providing universal patches... and your success using them on a CHT version (which I did not investigate, all my work was done on the ENU version) constitutes the proof-of-concept for this method. So thanks! Now, as for your BSOD: if your debugging is right (and I do think it is), then the problem is solved for now. Let at least one week of intensive use pass before putting VPCNetS2.sys back. If no other BSOD happens, I think you can consider VPCNetS2.sys really was the source of the problem. In that case, maybe searching for a later, newer version of that file might be in order. Let's wait and see. Of course, please do keep me posted on what happens next, OK? I got another BSoD now.

Environment: VMPlayer 5.0.2 on XP SP3 with 4GB patch, i5-3450, Intel B75 chipset, 4GB DDR3 VM Settings: 1 core (ACPI Uniprocessor PC) 256MB RAM SCSI 4GB Disk (vmscsi) vmxnet with VMWare Tools 7.8.4 / 9.2.2 installed Extended Kernel v24b Game / Extended Core v14c

But... let me understand this right: 1. ) You located the points to patch using the search hexstrings I provided, instead of fixed offsets, right? 2. ) You fixed the checksums, using pechecksum.exe (as recommended) or using modifype.exe, right? 3. ) You replaced usbport.sys by the one reccommended, right? 4. ) It worked, right? Your XP machine became able to see and access more that 4 GiB RAM, right? If all the above is right, please do post a new screenshot of the machine's My Computer's Properties, please. Now... You've got a crash. Was it a BSOD? Was it a Black Screen? Was it a Full Freeze? Or did the machine just turn off? And what exactly were you doing at that precise moment? Please do bear with me, my crystal ball is out on the shop, for tunning (again!). both 1 to 4 are "Yes". screenshot: http://i.imgur.com/YtnYYBn.png and the crash was BSoD. in that moment I was messing Win 8.1 VM(1GB RAM, 32bit) using VMPlayer 5.0.2. dumpchk thinks VPCNetS2.sys cause the crash and I removed it now. windbg !analyze -v report: READ_ADDRESS: f7b5b000CURRENT_IRQL: 2FAULTING_IP:hal!HalpMovntiCopyBuffer+f806eebc7 8b06 mov eax,dword ptr [esi]CUSTOMER_CRASH_COUNT: 1DEFAULT_BUCKET_ID: DRIVER_FAULTBUGCHECK_STR: 0xAPROCESS_NAME: IdleLAST_CONTROL_TRANSFER: from 806ea404 to 806eebc7STACK_TEXT: 80551d30 806ea404 8a2a3ffe f7b5affe 00000002 hal!HalpMovntiCopyBuffer+0xf80551d50 806eb295 f7b5affe 8b2c2ef8 00000002 hal!HalpCopyBufferMap+0xb680551d9c 806ea62e 88ad4880 878cfc20 012c2ed4 hal!HalpMapTransfer+0x17980551dec 806eb6e4 8923b3f8 00000000 8b2c2ed4 hal!HalpAllocateAdapterCallback+0xa280551e18 806eacd9 02ad4880 8c18f324 00000006 hal!HalAllocateAdapterChannel+0x12680551e3c f6d9b4fe 88ad4880 8923b3f8 00000088 hal!HalBuildScatterGatherList+0x22380551e94 f6d82a08 86aceae8 8820d008 881ad140 NDIS!ndisMAllocSGList+0xd980551eb0 f75bb3e7 8820d600 86acea80 881ad140 NDIS!ndisMSendX+0x1a0WARNING: Stack unwind information not available. Following frames may be wrong.80551f00 f6d82985 8820d000 881ad140 00000002 VPCNetS2+0x43e780551f28 ae051d40 8815c008 881ad140 88157840 NDIS!ndisMSendX+0x1d680551f50 ae051916 88157840 881ad140 87494b88 tcpip!ARPSendData+0x19880551f7c ae05165a 88157840 80551f02 00000001 tcpip!ARPTransmit+0x19380551fac ae05179f 8816e888 8da8a8c0 881ad140 tcpip!SendIPPacket+0x193805520f8 ae055b07 ae08fb98 86bb9a28 86bb99c0 tcpip!IPTransmit+0x289e80552164 ae055923 11b5157f 00000002 00000000 tcpip!TCPSend+0x5d880552188 ae04ea0e 00000002 00000002 805521b4 tcpip!ProcessPerCpuTCBDelayQ+0x95805521bc ae04e955 00000002 ae04e901 ae04e3d6 tcpip!ProcessTCBDelayQ+0xc4805521c8 ae04e3d6 00000000 8917f130 ae04e7f8 tcpip!TCPRcvComplete+0x20805521d4 ae04e7f8 f6da4c40 88157840 00000000 tcpip!IPRcvComplete+0x21805521d8 f6da4c40 88157840 00000000 8746e710 tcpip!ARPRcvComplete+0x580552228 f75bb74b 00382d98 80552250 00000001 NDIS!ethFilterDprIndicateReceivePacket+0x5a48055226c f6da4b9f 8820d000 883b0120 00000000 VPCNetS2+0x474b805522a8 f63b6888 00000001 883b00e8 88379000 NDIS!ethFilterDprIndicateReceivePacket+0x1c2805522b8 882102f8 805523f8 f63b87cf 00382d98 Rtenicxp+0xd888805522bc 805523f8 f63b87cf 00382d98 80552360 0x882102f8805522c0 f63b87cf 00382d98 80552360 00000001 nt!KiDoubleFaultStack+0x2cf8805523f8 f63bbf92 88439578 8923b4f8 88ac3f90 Rtenicxp+0xf7cf80552410 f6d9ae99 88ac3000 8055d0c0 ffdff9c0 Rtenicxp+0x12f9280552428 80546f9f 88ac3fa4 88ac3f90 00000000 NDIS!ndisMDpcX+0x2180552450 80546e84 00000000 0000000e 00000000 nt!KiRetireDpcList+0x6180552454 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x28STACK_COMMAND: kbFOLLOWUP_IP:VPCNetS2+43e7f75bb3e7 ?? ???SYMBOL_STACK_INDEX: 8SYMBOL_NAME: VPCNetS2+43e7FOLLOWUP_NAME: MachineOwnerMODULE_NAME: VPCNetS2IMAGE_NAME: VPCNetS2.sysDEBUG_FLR_IMAGE_TIMESTAMP: 3e1f20e0FAILURE_BUCKET_ID: 0xA_VPCNetS2+43e7BUCKET_ID: 0xA_VPCNetS2+43e7

hal.dll hal.dll+8bc7 0x806e6000 0x80706d80 0x00020d80 0x47f3693d 2/4/2008 19:08:45 NDIS.sys NDIS.sys+19530 0xf6d82000 0xf6dae980 0x0002c980 0x48025d03 14/4/2008 03:20:35 ntoskrnl.exe ntoskrnl.exe+79d30 0x804d8000 0x806e6000 0x0020e000 0x51d4d90f 4/7/2013 10:08:15 I got a crash today. The offsets changed are as you posted before. I use /hal= and /kernel= switch for loading modified files.

@blackwingcat, I found that my win2000 VM can't reboot/shutdown when your updates(extended kernel and/or extended core). windows stalls after the progress dialog disappears(mouse cursor can be moved)

As you can see, my windows is localized, so the offsets are different. " - patch ntkrpamp.exe at offset 0x15DF1A from 75 1B to 90 90 " <- in my ntkrnlpa.exe 5.1.2600.6419 it is not 75 1B. There are some calls to ExVerifySuite(x): PAGE:0049CF88 loc_49CF88: ; CODE XREF: IoDeleteSymbolicLink(x)+4EjPAGE:0049CF88 call _ObIsLUIDDeviceMapsEnabled@0 ; ObIsLUIDDeviceMapsEnabled()PAGE:0049CF8D test eax, eaxPAGE:0049CF8F jnz short loc_49CFA2PAGE:0049CF91 push 4PAGE:0049CF93 call _ExVerifySuite@4 ; ExVerifySuite(x)PAGE:0049CF98 cmp al, 1PAGE:0049CF9A jnz short loc_49CFA2PAGE:0049CF9C push ebxPAGE:0049CF9D call _IopDeleteSessionSymLinks@4 ; IopDeleteSessionSymLinks(x)PAGELK:0057550D loc_57550D: ; CODE XREF: MmAddPhysicalMemoryEx(x,x,x)+BEjPAGELK:0057550D cmp ebx, ecxPAGELK:0057550F jnb short loc_5754ECPAGELK:00575511 push 7PAGELK:00575513 call _ExVerifySuite@4 ; ExVerifySuite(x)PAGELK:00575518 cmp al, 1PAGELK:0057551A jnz short loc_575523PAGELK:0057551C mov eax, 1000000hPAGELK:00575521 jmp short loc_575544PAGELK:00575523 ; ═════════════════════════════════════════════════════════════PAGELK:00575523PAGELK:00575523 loc_575523: ; CODE XREF: MmAddPhysicalMemoryEx(x,x,x)+D8jPAGELK:00575523 cmp _MmProductType, 690057hPAGELK:0057552D jz short loc_57553FPAGELK:0057552F push 1PAGELK:00575531 call _ExVerifySuite@4 ; ExVerifySuite(x)PAGELK:00575536 cmp al, 1PAGELK:00575538 mov eax, 800000hPAGELK:0057553D jz short loc_575544PAGELK:0057553FPAGELK:0057553F loc_57553F: ; CODE XREF: MmAddPhysicalMemoryEx(x,x,x)+EBjPAGELK:0057553F mov eax, 100000hPAGELK:00575544PAGELK:00575544 loc_575544: ; CODE XREF: MmAddPhysicalMemoryEx(x,x,x)+DFjPAGELK:00575544 ; MmAddPhysicalMemoryEx(x,x,x)+FBjPAGELK:00575544 mov ecx, _MmNumberOfPhysicalPagesPAGELK:0057554A lea edx, [ecx+esi]PAGELK:0057554D cmp edx, eaxPAGELK:0057554F jbe short loc_57555BPAGELK:00575551 sub eax, ecxPAGELK:00575553 mov esi, eaxPAGELK:00575555 lea eax, [esi+ebx]PAGELK:00575558 mov [ebp+arg_8], eaxPAGELK:0057A4E9 loc_57A4E9: ; CODE XREF: MmCreateMirror()+21jPAGELK:0057A4E9 push 7PAGELK:0057A4EB call _ExVerifySuite@4 ; ExVerifySuite(x)PAGELK:0057A4F0 cmp al, 1PAGELK:0057A4F2 jz short loc_57A515PAGELK:0057A4F4 cmp _MmProductType, 690057hPAGELK:0057A4FE jz short loc_57A50BPAGELK:0057A500 push 1PAGELK:0057A502 call _ExVerifySuite@4 ; ExVerifySuite(x)PAGELK:0057A507 cmp al, 1PAGELK:0057A509 jz short loc_57A515PAGELK:0057A50BPAGELK:0057A50B loc_57A50B: ; CODE XREF: MmCreateMirror()+42jPAGELK:0057A50B mov eax, 0C000026AhPAGELK:0057A510 jmp loc_57A93ASo which should be changed to NOPs?

I used this method (manual patching my latest ntkrnlpa.exe) http://www.overclock.net/t/77229/windows-xp-ram-limit/20#post_21874216 EDIT: added screenshots:

I wonder if we extending use of standalone Hyper-V server (even for daily desktop usage) any sugguestions?

actually you can just treat VM as real machine: install proper network driver and protocol stacks(TCP/IP and/or NetBEUI, MS client network), access network shares, and run desired program over network share.

I wonder if you can provide latest version CHT and CHS files of extended core and kernel? Please do so. I have some win2000 CHT workstations that need extended core and kernel for running newer Firefox.

I wonder if you can provide latest version CHT and CHS files of extended core and kernel?

When I remove the USB stick and boot directly from HD, I got hal.dll missing error. When I boot from USB stick, I got 0x0000007b (0xf789e528, 0xc0000034 BSoD. That's strange as 2nd GUI setup boots fine, but after that it don't boot.

@win2000: Will you make KDW/fcwin for NT 4.0 in the future?

Thanks! And LZMA SDK is 4.49 now. http://sourceforge.net/project/showfiles.p...lease_id=521029

Can you please post a link to the SDK or other sample files? I'll look into it. SDK: http://sourceforge.net/project/showfiles.p...lease_id=422185 the lzma.exe is the program. sample file: http://www.maradns.org/download/1.3/1.3.05...1.3.05.tar.lzma

will UniExtract support .lzma files in future? there's some softwares packed directly with lzma program in lzma sdk.