search

leecher1337 / ntvdmx64

Run Microsoft Windows NTVDM (DOS) on 64bit Editions
812 stars 81 forks source link

Install on Windows Server 2012 R2 (Worked 1 time) #46

Closed Houdhey closed 5 years ago

Houdhey commented 5 years ago

Hello,

First of all, thank you for this amazing program. I'm running your program on a Windows Server 2012. The first time, I downloaded the program from here : http://www.columbia.edu/~em36/ntvdmx64.html

Then, I installed it on my Windows Server 2012 R2 (64 bits), and what a surprise ! My 16-bit DOS Application worked !

case1

But I wanted to be sure of this manipulation, so I opened an old Windows Server 2012 R2 that I created yesterday. When I did the same manipulations, it did not work for this server. I used exactly the same files.

case2

I checked the register Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows for the two servers, and it is exactly the same.

How is it possible? I don't want to make it work randomly, because I want to set this in enterprise. Could you please explain me or guide me on this?

I tried with the new versions of ntvdmx64 you uploaded. It did not work. Same thing. I joined screenshots.

leecher1337 commented 5 years ago

There may be issues with the Antivirus protection of Windows defender. It sometimes detects the loader as a hostlie program and then blocks its execution. It could also be an issue that it was unable to download the Symbols form the Microsoft Symbol server. First, check with Sysinternals Process Explorer, if ldntvdm.dll got loaded into every process. If not, some Antivirus or security settings (i.e. Secure Boot) may have blocked it. ensure that the ldntvdm.dll is present in system32 and syswow64 directory and be sure to add an exception for this process to Windows Defender, so that it doesn't delete or block it. If the loader gets injected correctly into every process, please verify the loader's output. For this, you can use DbgView from Sysinternals, it should tell you if there is an error.

Houdhey commented 5 years ago

Thank you for your answer. I didn't know about Sysinternals Process Explorer, it is really useful ! So here are the steps I did :

screen1

PS : I did not do the Compilation steps, because it seems too difficult to me, I'll ask you about it here #47

I don't set this issue "solved" now, because I'm going to try this method and the Process Explorer on the computer in which I met problems.

leecher1337 commented 5 years ago

Please be aware that running a DOS application on first run MAY fail, as it needs to pull symbols from the microsoft Symbol server first. For this, an Internet connection is required. If the symbols got loaded correctly, it should then work until there is a windows update in which case the new symbols may need to get fetched. This is, because the loader needs to hook some internal functions which only can be resolved using the debug symbols of the system DLLs, so it doesn't work out-of-the-box. This may explain the behaviour.

Houdhey commented 5 years ago

Ok, I see the problem. But I tested my Internet connection before doing all of these things, Internet was working. I've noticed that my Windows Update was disabled. Is that because of this? Should I have enable Windows Update? update

leecher1337 commented 5 years ago

Windows update settings shouldn't be an Issue, Symbol Server is independent from it. As said, the loader kann tell you something about the things it tries in DbgView.

Another common problem is the type of application where you start DOS applications from. In GUI applications, the loader can inject nicely via AppInit, as it is a mechanism provided by Windows, however to inject into console processes, quite some trickery is needed and this method may also be a bit unstable, as there is no official way for that, that's why there can be more issues when trying to launch DOS applications from console processes.

Houdhey commented 5 years ago

Thank you very much, I understand now. But I can confirm you that the program worked well on Windows Server 2012. Now, it's just a matter of configuration on my side, but when I create a new Windows Server 2012 and follow my same steps, it works. Solved for this issue ! (I don't know how to set "Solved" state)