ACPI.SYS issue while transplanting Win7 from X570 to TRX40 board

I am attempting to transplant an already working Win7 to the TRX40 board (Gigabyte TRX40 Aorus Pro WiFi, I can successfully clean install a modded Win7 ISO so I know it’s possible). The Win7 in question is currently running stable on a X570 board (Asus ROG Crosshair VIII Dark Hero) and is fully loaded with all USB3 and storage drivers.

Current state:

  • Win7 on Asus X570 happily runs with the original Microsoft ACPI.SYS (tested revisions 23403 and 24056). Can’t explain why/how it works, but it does.
  • Gigabyte TRX40 immediately does A5 BSOD with the original Microsoft ACPI.SYS, so I replaced it with the latest modded one. This resulted in a 7B BSOD which I first thought was due to a missing storage driver until I investigated deeper.

The strange part:
While trying to better prep the X570 Win7 for the next transplantation attempt, I tried to update its original Microsoft ACPI.SYS to the latest modded one. Result: exactly the same 7B BSOD on X570 (where it already worked fine) as on the TRX40. In the end I tried three different versions:

  • @canonkong ACPI.SYS 2020.10.23: Signature error 0xc0000428 on boot attempt
  • @canonkong ACPI.SYS 2022.12.23: Signature error 0xc0000428 on boot attempt
  • @canonkong ACPI.SYS 2023.02.17: 7B BSOD on boot attempt

Facts about the Win7 in question:

  • Happily survived an earlier transplantation from MSI X470 to Asus X570
  • Should already have all the necessary AMD drivers
  • Has both KB4474419 and KB3033929 updates for SHA256
  • Is currently fully updated using Simplix UpdatePack7R2-24.5.15
  • Driver test signing is on (“Test mode” mark in lower right corner, bcdedit says testsigning=Yes)

My questions:

  • What am I missing, why does signature verification fail?
  • How does @canonkong’s distribution work with the modded drivers while testsigning is off?
  • I read somewhere that modded ntoskrnl.exe, winload.efi and winload.exe can bypass the certificate enforcement, but apparently @canonkong’s install.wim is using the original Microsoft versions. What am I missing here?

Thanks in advance.

Do not use new vison UpdatePack7R2, becasue MS new patchs will make the signature verification fail.

Thanks for the answer, unfortunately I had already applied the patch.

Is there any way to uninstall the exact KB update that enforces new MS signatures?

What would happen if I manually revert to (overwrite) using older versions of ntoskrnl.exe, winload.efi and winload.exe?

  • My current versions: 6.1.7601.27117
  • @canonkong’s install.wim: 6.1.7601.26321

Hope that my summary (days of experiments) helps someone:

  • My Win7 survived its third transplantation: Intel X99 → AMD X470 → AMD X570 → AMD TRX40. May be tricky, but surely doable.
  • 7B BSOD can be annoyingly misleading. In my case it was due to old incompatible drivers that still lingered on my system from previous hardware. Getting rid of unused Intel and older AMD RAID drivers from HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CriticalDeviceDatabase resolved the BSOD and the system booted happily.
  • Switching testsigning on (‘bcdedit /set testsigning on’) works quite differently compared to the boot menu option Disable driver signature enforcement. Testsigning allows you to use third party device drivers with any signature, but won’t tolerate any integral Windows drivers (e.g. ACPI.SYS) with signatures Windows does not trust (more on this in the next point). The only way to avoid error 0xc0000428 on boot is to select Disable driver signature enforcement in the boot menu (you can enable this menu using ‘bcdedit /set {globalsettings} advancedoptions true’ command. Setting testsigning alone has no effect.
  • Not knowing Microsoft still messes with Windows 7 certificates I updated (actually messed up!) my system using Simplix UpdatePack7R2-24.5.15.exe, and now the modded ACPI.SYS is flagged as corrupt (error 0xc0000428) unless I use Disable driver signature enforcement which is really, really annoying as now on every boot I need to manually select this option. To make matters even worse, having advanced boot options enabled makes the dreaded Repair your computer option the default! So on every boot I need to carefully evade this death sentence option! Yuck!
  • Reverting to older versions of ntoskrnl.exe, winload.efi and winload.exe makes no effect. The certificates are stored somewhere else.

Where I am now and what I need:

  • A way to revert to the old Microsoft certificates, where modded ACPI.SYS is trusted. Anyone have any clue? These certificates must be stored somewhere?

Try this ACPI.SYS file:ACPI A5 Fix

2 Likes

Excellent job, I can confirm this new ACPI.SYS dated 02.07.2024. works correctly on both:

  • Asus ROG Crosshair VIII Dark Hero X570
  • Gigabyte TRX40 Aorus Pro WiFi

No more need for manually selecting Disable driver signature enforcement on boot. Currently I cannot test whether testsigning is still mandatory (because I need it for some other third party drivers). Anyway, this update resolves the most important issue, thank you.