How to make a tcpip.sys patch without press F8
Wednesday, January 14, 2009
A friend of mine asked me, how to make a Vista tcpip.sys File Patch not needing press F8 key.
This is not difficult, just sign tcpip.sys with a test signature.
More information about tcpip.sys File Patch, you can visit: TCP/IP Patcher Compare Technical Features.
http://deepxw.blogspot.com/2008/12/on-internet-there-are-all-kinds-of-tcp.html
Here is detail of patch tcpip.sys with test signature, perhaps these will help you.
1) All operation needs "Run as Administrator".
2) Set testsigning to on:
Bcdedit -set TESTSIGNING ON
All tcpip.sys File Patch must do this; otherwise, BSOD will occur after tcpip.sys has been modified.
After Testsigning on, "Test Mode" will dispaly in the 4 corners of desktop.
You can get rid of it through modify "user32.dll.mui". The string ID is 738 & 723.
3) Reboot, check if testsigning is on correctly. (This step is optional.)
You can check it by bcdedit, or check it in the registry.
4) Modify half open connection limited value in file "tcpip.sys".
First, make a temporary copy of tcpip.sys for modify.
You can disassemble tcpip.sys and get the limited offset.
In tcpip.sys, asm code like this:
NT5: mov _ActiveOpenProgressThreshold, 0Ah
NT6: cmp edx, 0Ah
NT5, you can set new value up to 0xFFFFFFFF.
NT6, new value is up to 0xFF! Only 1 byte available for use!
If you are a lazy guy, you can get these offset by the TCP-Z tool. In "patch" tab, you can get the limited offset.
Default, TCP-Z does not show the file offset.But you can run tcpz.exe with argument: tcpz.exe -showoffset.
5) Re-Checksum tcpip.sys.
You can use setcsum.exe.
Or do it in your program by API CheckSumMappedFile().
6) Create a test certificate by the makecert.exe tool.
Makecert -r -pe -ss PrivateCertStore -n "CN=TcpipCert" tcpipcert.cer
7) Sign tcpip.sys with the signtool.exe.
signtool sign /a /s PrivateCertStore /n "TcpipCert" tcpip.sys
You can verify the signature of tcpip.sys:
signtool verify tcpip.sys
Because our signature is not a valid signature, so signtool will report "File not valid".
If returns "A certificate chain processed", it means the Test Signature is OK.
8) Now copy the temporary tcpip.sys to driver folder, overwrite the original tcpip.sys.
Before copy, takeown and icacls tcpip.sys is required.
9) All done, restart your computer to take effect!
Posted by deepxw at 18:00 |
Labels: Patcher
64 comments:
Posts
Regarding Windows 7 (x86), if anyone has successfully managed to replace the default tcpip.sys, please post. I tried it last week, replacing not only the one in the Drivers directory, but also the two in the Winsxs directories, but upon booting Win7, the new Startup Repair *always* ran, told me there was a problem, and replaced the file (somehow) with the original one.
The thing is very smart, and it defeated me. So while I didn't have a problem doing this with Vista, Win7 is much more difficult.
I tried, it is no problem.
look:
win7_x86_7000_mod_tcpip.sys.png
Main point:
Sign tcpip.sys with a test signature;
Set testsigning on with bcedit.
Signing wouldn't matter for this problem, since the file was different than the original and would always be, and that's all that Win7 needs to know to want to replace it.
Did your Win7 installation have the hidden 200MB recovery partition? Mine did, and I now know that it's what does repairs like this. If there's any way to tell it to ignore a certain file for good, I don't know what it is (this is not to be confused with disabling driver signing checking, which is unrelated). It may be impossible for all I know.
Since Vista never had a recovery partition (it was a manual process via DVD), this wasn't a problem there.
I expect your system does not have this partition. You only get it on certain kinds of clean installs.
My Win7 is on a virtual machine. It also have a hidden 200MB recovery partition.
After I replace tcpip.sys, the system does not prompt the repair window at boot time.
All seem to have no problem.
I record a video, and upload to here:
http://www.rayfile.com/files/384892f3-e493-11dd-9f9e-0014221b798a/
Wow, that's really interesting. I wonder what the other variable is then, since the crazy thing was very persistent here. I imagine it might actually be useful in most normal cases where a system has an actual corrupt file(s), but not in this case. I'll try it on another system once I get it going.
Do you bother to replace the two files in Winsxs too? I did, but maybe I shouldn't have.
On an unrelated note, I didn't know VMWare had a recording function. That's great, and it's tempting to switch to it now.
I just replace one file in \drivers.
You can try to restore the two files in winsxs.
Yes, VMWare has recording function.
Recording in windows, video quality is good.
But recording at boot time, video quality is bad.
Hi Deepxw
Thanks for all your suggestions - replacing the tcpipsys will be really good! But I don't quite get your instructions - I'm new to W7 and wondered if you can elaborate a little more in how to do it - or create another video exactly with step-by-step instructions - your video you have already uploaded is excellent!
Thanks in advance...
Thans your suggestion!
I have to create a tcpip.sys File Patch, it will be avalibled at some time later.
Fantastic! My P2P progs aren't working properly so I can't see the football!!
Cheers!
Hello can u make it clearer so i can understand clearly. sorry for my bad english.
"I have been reading your posts regularly. I need to say that you are doing a fantastic job. Please keep up the great work."
I'm so excited. I really appreciate sharing this great post. Keep up your excellent work.
bojanke
bojanke za printanje
gledanje u solju
This is great, I will bookmark this site.
Perfect website, well done!
Ekologija
recepti
advokatska kancelarija
Cool article, I really like to read useful things.
Knjigovodstvena agencija
it's the same style as one of my sites actually but yours is a bit refreshing looking.
Good written, well done.
Plasticne kese
Ekologija
Celik
Knjigovodstvo
Celici
biografija žarko lauševic
types of lenses
I saw this really great post today….
nice blog...friends..
Its a great pleasure reading your post.Its full of information I am looking for and I love to post a comment that "The content of your post is awesome" Great work
I really admire the important ideas that you offer in the content. I am looking forward for more important thoughts and more blogs.
Really well created post i have got here.
I am sure this post has touched all the internet viewers, its really really nice piece of writing on building up new blog.
Look into my blog : Obat Infeksi Kornea Mata Herbal | Pengobatan Herbal Kerusakan Retina Mata
thank you very much for sharing information that is helpful at all
kenapa keputihan tidak normal dan mengeluarkan nanah obat kutil herbal di kemaluan cara menghilangkan kutil kemaluan secara alami tips menghindari kutil kelamin tips menghilangkan kencing nanah cara mengobati kelamin keluar nanah obat alam tradisional kencing bernanah obat kutil di kemaluan pria obat kemaluan keluar nanah Obat Ambeien Ampuh Tradisional Resep Obat Wasir obat alami untuk gejala wasir Mengobati Wasir Secara Alami Obat ampuh atasi wasir Obat herbal efektif menyembuhkan wasir Obat untuk kelamin laki laki keluar cairan nanah Obat kemaluan keluar nanah atau gonore Obat cairan nanah keluar dari alat kelamin Mengapa kencing sakit dan keluar cairan nanah Mengapa kencing perih dan keluar nanah Mengapa nanah keluar dari kelamin Obat untuk kutil di sekitar bibir vagina Obat kencing nanah manjur menghilangkan benjolan kutil di vagina wanita
This article is really fantastic and thanks for sharing the valuable post.
----
juegos de kizi | juegoskizi | jogos friv | jogos do friv | clickjogos | juegos de pou | juegos de terror | jogos online | unblockedgames
Harga paket wisata bromo midnight dari kota malang atau surabaya sangatlah murah, yaitu bertarif 300.000/pax dan minimal jumlah rombongan 6 orang. Wisata bromo ini berkunjung ke 4 titik objek wisata yaitu kawah, sunrise, pasir dan bukit savana. Detail harga murah paket wisata bromo midnight dari malang atau surabaya lihat info lengkap.
Salah satu kebutuhan wisatawan malang adalah alat transportasi yang bisa mengantarkan ke berbagai objek wisata di kota malang batu. Para wisatawan bisa menggunakan jasa rental mobil wisata malang yang murah dan tentunya dengan pelayanan yang ramah dan professional. Harga rental mobil wisata di kota malang batu lihat blog ini.
Butuh transportasi jemputan ke bandara juanda surabaya? Kami dari sewa mobil surabaya melayani antar jemput bandara juanda dan juga bisa keliling kota surabaya untuk berbagai keperluan. Sewa mobil di tempat kami sudah beserta sopir yang paham seluk-beluk sudut seluruh kota surabaya dan sekitarnya. Penawaran harga murah dari kami akan sangat bersahabat dengan kantong anda. Tarif sewa mobil di surabaya baca link blog.
Jika butuh sewa mobil harga murah di jogja maka silahkan hubungi kantor sewa mobil jogja kami. Nomor telepon kantor rent car jogja kami sudah jelas tertera di website kami. Kami akan membalas pertanyaan anda dengan ramah dan fast respon. Pelayanan sewa mobil yogyakarta di tempat kami sangat professional dan murah, tapi tidak murahan. Baca detail info sewa mobil jogja di tempat kami link blog ini.
Daftar harga sewa mobil di bali, khususnya di kota denpasar antara perusahaan yang satu dengan yang lainnya sangatlah bersaing dab murah. Bahkan ada yang nenawarkan harga sewa mobil bali jenis avanza 350.000 rupiah saja. Itu bisa dipakai seharian (fullday) dan sudah include mobil, sopir, bbm, tapi tidak termasuk parkir dan makan sopir. Selengkapnya daftar harga sewa mobil bali dengan pilihan mobil terbaik baca website kami.
گن لاغري کاسمارا اصل
گن لاغري کاسمارا
گن لاغري مردانه
خريد گن لاغري مردانه
گن زنانه
خريد گن لاغري
خريد گن لاغري زنانه کاسمارا
آموزش خياطي خانم عمراني
آموزش خياطي
خياطي خانم عمراني
خياطي سيما عمراني
آموزش آرايشگري
آموزش آشپزي
آموزش بافت مو
آموزش زبان انگليسي
آموزش ژيمناستيک
آموزش ميوه آرايي
آموزش سفره آرايي
آموزش شنا
آموزش فوتبال
آموزش فوتسال
آموزش کشتي
چاي سبز لاغري
چاي سبز
دستگاه بافت مو
عينک آفتابي
خريد عينک آفتابي
خريد اينترنتي عينک آفتابي
عينک آفتابي پليس
عينک پليس
خريد عينک پليس
عينک آفتابي پورشه
عطر 212
عطر مردانه
Obat Penggemuk Badan
Obat Pemerah Bibir
Obat Pemutih Badan
Cream Pembesar Payudara
Obat Pembesar Payudara
گيفت ويزا کارت
گيفت آيتونز
لوازم آشپزخانه
تجهيزات آشپزخانه صنعتي
Thanks very practical. Will certainly share site with my buddies http://allgomedic.com/generic-levitra-online-20mg-10mg.html
thank you so much great job
دوربین مدار بسته
طراحی سایت
درج آگهی رایگان
Shared this Obat benjolan keloid more Obat jari tangan yang kaku enough Obat luka dekubitus just Obat badan lemas dan lesu karena maag silva Obat untuk mempercepat datangnya haid messi Obat penyempitan saluran kencing CR7 Obat hidrokel rakitic Obat gondok beracun kane Obat penghilang koreng di kulit kepala sterling Obat herpes zoster Thank you so much... hehehe
An impressive share, I just given this onto a colleague who was doing a little analysis on this. And he in fact bought me breakfast because I found it for him.. smile. So let me reword that: Thnx for the treat! But yeah Thnkx for spending the time to discuss this, I feel strongly about it and love reading more on this topic. If possible, as you become expertise, would you mind updating your blog with more details? It is highly helpful for me. Big thumb up for this blog post!
Click Here
Docker.com
شركة رش مبيدات بتبوك
شركة رش مبيدات بحائل
شركة رش مبيدات بنجران
Great Article! SudutZ.com
I’m impressed, I must say. Really rarely do I encounter a blog that’s both educative and entertaining, and let me tell you, you have hit the nail on the head. Your idea is outstanding; the issue is something that not enough people are speaking intelligently about. I am very happy that I stumbled across this in my search for something relating to this.
Click Here
Crowdrise.com
I loved the way you discuss the topic great work thanks for the share Your informative post.
drawing games
do not need to restart the computer. Universal Tcpip.sys Patch is a File Patch. It direct modifies the file tcpip.sys on hard disk. It is a patch without press F8 key.
download
sys Patch is an alternative to EvID4226Patch. They do the same thing which is intelligently patching the TCPIP.SYS file to increase the number of half open ...
URL
I really wanted to send a small word to say thanks to you for the fantastic points you are writing on this site
MyBlogger Club
Guest Posting Site
Best Guest Blogging Site
Guest Blogger
Guest Blogging Site
Nice Blog. Thanks for sharing.
Best MBA College in Dehradun
How Online Education is helpful for B.Tech Students?
How do I prepare for college placement session?
kami hadirkan kepada anda situs dominoqq yang terbaik dan terbesar saat ini yang terbukti membayar dan dapat menghasilkan banyak uang hanya di http://180.215.13.115
mainkan judi slot online hanya disini https://www.jackpot168slot.com
If you are a lazy guy, you can get these offset by the TCP-Z tool. In "patch" tab, you can get the limited offset. new bed sheet , double bed comforter , gul ahmed comforter price , fancy bed sheets designs , duvet sets
Kami juga memiliki artikel yang menarik untuk kalian baca silahkan klik link dibawah ini untuk masuk ke artikel kami: asian clothes uk ready made , asian attire uk , asian dresses online uk , asian ready made suits uk , kurta pyjama uk , pakistani readymade suits uk , buy salwar kameez online usa , white chikankari anarkali suit , baby pink chikankari kurta , chikankari gota patti suits , cotton chikankari kurti
Supreme merupakan merek dagang pakaian skateboard yang sukses asal Amerika Serikat dengan berbagai kolaborasi mulai dari sepatu dan lainnya. https://supremeindonesia.web.id/ Produk rilisannya tidak hanya berbasis fashion saja, melainkan juga produk-produk non-fashion.
Agen Judi Casino Up-to-date Terpercaya dengan Tambahan Bervariasi dengan Sangat Komplit – Pemilihan bandar judi https://genehughescasinos.com bisa terlampau melelahkan untuk para yang sebetulnya belum paham dari mana sepatutnya validasi pencarian dilakukan.
I like your site and content. thanks for sharing the information keep updating, looking forward for more posts. 바카라사이트
Simply desire to say your article is as amazing. The clarity on your post is just excellent and that i hink you’re knowledgeable in this subject. 바카라사이트
Really satisfied with all the information I have found in this article. It gives immense knowledge on physical education, it is very helpful and quite generous to spread a good message. 온라인카지노
Everything is very open with a really clear explanation of the challenges. It was definitely informative. Your site is useful. Thank you for sharing. Feel free to visit my website; 바카라사이트
bandar casino
168galaxy เว็บไซต์รวม สล็อต ทุกค่าย ฝาก ถอน ไม่มีอย่างต่ำเป็นเว็บไซต์ที่ให้บริการเกมค่าย pg slot เว็บไซต์ตรง แล้วก็เป็นแหล่งรวมค่าย สล็อตใหญ่ที่สุดในประเทศ และมาแรงที่สุด
allingame2 เป็นเกมส์ที่มีความน่าสนใจและเป็นที่นิยมของผู้เล่นในปัจจุบัน สมัครได้โดยเกมส์นี้ถูกพัฒนาโดยทีมผู้เชี่ยวชาญด้านการออกแบบเกมส์ PG SLOT
Everything is very open with a really clear explanation of the challenges.
Many thanks for sharing!
This is incredibly charming substance! I have taken a lot of joy.
Many thanks for the efforts you have put into writing this site.
I AM REALLY LOOKING FORWARD TO READ MORE ABOUT THIS.
This is really helpful post and very informative there is no doubt about it.
Everyone an extremely breathtaking chance to read from this blog.
Nice post. I learn something totally new and challenging on blogs I stumbleupon everyday.