Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.

Windows 7: Change Boot Logo/Screen?

11 Aug 2010   #131

Windows 7 Ultimate x64


My System SpecsSystem Spec
12 Aug 2010   #132

Win7 Ultimate x32

My understanding of the boot process:
1 - boot Bootmgr is the boot image.
it uses bootmgr.exe.mui for proper language.
bootmgr checks for checksum and digital signature on files such as WinLoad.exe and BootRes.dll and then uses bootmgr.exe.mui to display the errors in the proper language.

2 - bootmgr writes to bootstat.dat to record if there was a successful boot, what progress was made during boot ( "windows did not start up previously, do you want safe mode?" etc... is recorded in it for the next time you start your PC)

3 - it then passes on to winload.exe to actually load windows and records in bootsect.dat that it passed on to WinLoad.exe

if i'm correct in this, then what needs to be done is:
1 - replace bootmgr with a boot image file that doesn't check certs.
2 - replace bootsect.dat with a "i checked certs and passed on to winload" log.
3 - patch/replace winload.exe to load a custom bootres.dll (2nd check for cert in winload?)
4 - patch/replace bootres.dll with the new one for boot animation
5 - keep a process in the background - new process ensures that when MS Update replaces bootmgr with new cert checks the custom bootmgr is restored before next boot.

there still isn't a lot of info on the net concerning the win7 boot file process so alot of this is assumptions. but the theory may be sound.
PS: unsure where the grldr file comes in on all of this.

what i'm basing this theory on:
*bootmgr is a boot image file.

*bootmgr has several replacements in windows update temp files (updating cert checks that way?)

*bootmgr.exe.mui (the language file for bootmgr) contains such strings as:
#9018, "The file is possibly corrupt. Its header checksum does not match the computed checksum."
#9019, "Windows cannot verify the digital signature for this file."

*Winload.exe calls bootres.dll

a possible way to go get around the cert checks:
1 - use BCDEdit to:
bcdedit -set loadoptions DISABLE_INTEGRITY_CHECKS
bcdedit -set TESTSIGNING ON

copy the new bootmgr after the edit.
copy the bootsect.dat before rebooting (to keep the "do checks" log in tact)

2 - customize your winload.exe and your bootres.dll (keep backups) for custom boot screen.

3 - wright a background process to replace the bootmgr image with your edited one and copy the bootsect.dat backup back to bootsect.dat
A - before every reboot
B - after every windows update
C - after the bootmgr is edited by any other process

after any boot menu edits the process will have to be redone to save the new boot menu with the DISABLE_INTEGRITY_CHECKS and TESTSIGNING flags and still keep the new boot menu.

thoughts on this?
is anyone able to decompile the Bootmgr image file for verification of this theory?
Also - i only have a retail win7 32bit ultimate edition to draw theories on.
My System SpecsSystem Spec
12 Aug 2010   #133

Windows 7 Ultimate x64

sounds awesome keep up the good work im gonna start Heavy work on this in about an hour or two
My System SpecsSystem Spec

13 Aug 2010   #134

Windows 7

I await with bated breath the fruits of this endeavor.
My System SpecsSystem Spec
13 Aug 2010   #135

Windows 7 Ultimate x64

My System SpecsSystem Spec
13 Aug 2010   #136

Windows 7 Ultimate x64

im starting to get tired of all this signing and all that

btw tha you should make a gui tool for all this stuff it would make it a billion times better
My System SpecsSystem Spec
13 Aug 2010   #137

Win7 Ultimate x32

is signing a command line function?
if so then post up so links on how to do it.
I can do a GUI in VB or something.
My System SpecsSystem Spec
14 Aug 2010   #138

Windows 7 Ultimate x64

i dont have any links but here is a easy way of finding the command line parameters

copy all files from my windows 7 SDK archive to %HomeDrive%

click the start menu the type cmd tap control-shift-enter click yes (if UAC is enabled)

then type CD %HomeDrive%

then makecert.exe /?

and so on for all the files

i just uploaded them for your convience there are no viruses or any of that bullshit

My System SpecsSystem Spec
18 Aug 2010   #139

Windows 7 Pro 64 / 7 Pro 64 / 7 Home Prem 64

Hey, long time no post. My laptop was broke for the last week, and I have been busy.

Anyways, I have a few comments on things said here. I am fairly certain winload.exe does integrity checks. At least with the RC versions of Windows 7 it was the only thing that did the integrity checks. It even did the check on itself. Now with a retail version maybe bootmgr is doing it, or maybe now they are both doing it. I know that the methods for disabling winload.exe's integrity checks no longer works in retail versions.

About the certificate signing. It is easily amenable to a GUI with some minor exceptions.

First, given the tools marcusj posted, you can do most of the signing process automated. You would need 3 pieces of information: a dummy name, a name for the certificate file, and a password. Also, many of these "command line tools" use dialog boxes for the password entries. You will need to use the SendInput function (part of the Win API) to simulate typing into them.

I have re-worked the self-signing commands to make them more straight-forward hopefully, and amendable to automation.

To Make a Self-Signing Certificate Authority (only need to do this once, and I recommend only doing it once, otherwise you'll get annoyed later on)
Note: Maybe the program can save some registry values to know it has already made a self-signing certificate authority and store where it saves the pvk and cer files

makecert -r -n "CN=Dummy Name" -pe -ss CA -sr LocalMachine -a sha1 -sky signature -sv NameCA.pvk NameCA.cer

(type: password, tab, password, enter, password, enter)

certutil -f -addstore Root Name.cer

To Make a Self-Signing Certificate (only need to do this once, but it doesn't hurt to do it more than once)
Note: You can delete the NameCA.cer, NameCA.pvk, Name.pvk, and Name.cer after this step as long as you save the Name.pfx file. That file is all you need to sign unlimited documents after this step.

makecert -pe -n "CN=Dummy Name" -a sha1 -ic NameCA.cer -iv NameCA.pvk -sv Name.pvk Name.cer

(type: password, tab, password, enter, password, enter, password, enter)

pvk2pfx -pvk Name.pvk -pi PASSWORD -spc Name.cer -pfx Name.pfx -f

Sign Program (needs to be done every time the program changes)

signtool sign /v /f Name.pfx /p PASSWORD /t PROGRAM.EXE

Install Certificate
Note: This is only necessary on other computers that plan to use programs signed with your certificate. If you do this all on one computer, you don't need this. Also, I haven't bothered to find an automated way to do this (unless you saved NameCA.cer).

See the post I made earlier: Change Boot Logo/Screen?

So if you make a program (I may make a program this weekend) it should probably ask you to either pick a certificate PFX that you already made or make a new one. If you are using a new one, you ask for a name, file name, a password, and a program to sign. If it's reusing another PFX you just need the password and program to sign. Then you use the commands, simulating typing as necessary, and you have signed a program!
My System SpecsSystem Spec
19 Aug 2010   #140

Windows 7 Ultimate x64

awesome man sweet

how do we find out whitch executabole program is doing the checks and how its is being done?
My System SpecsSystem Spec

 Change Boot Logo/Screen?

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar help and support threads
Thread Forum
Boot freeze with black screen with lower Windows 7 Ultimate logo
Hi, i`m axl and i`m quite desperate about the actual situation of my only windows installation. i hope that someone here can help understand the problem because i`ve been working hours trying almost every single fix with every single combination i could find on internet. pc specs: notebook hp...
General Discussion
MSI Radeon 7850 won't boot past Windows Logo screen
Hello, My first time ever posting in a forum regarding help with a PC. I apologize if I ramble off too much. My Specs: Moba: ASrock Z77 Extreme 4 CPU:Interl i5-2500k @3.30 PSU: ZT 650W GPU: Radeon 7850
Graphic Cards
i see just a black screen after samsung boot logo
Hello there, just a similar question, thought maybe i will get any kind of help here. Situation is pretty obvious: i have got a Samsung Nb, model is NP355E5C, with windows 8 on board. Though it were simply to just erase it, i mean format partition and install windows 7 os. So what i have done:...
General Discussion
Windows 7 logo stuck at boot loading screen graphics card SLI ?
Hi guys. iv just encountered a weird problem with my graphics card. im currently running 2x 9800GT in sli mode. now the issue im getting is when i boot my computer and when the windows 7 logo appears, it will load for abit then freeze or go black screen. now funny thing is my actually...
Graphic Cards
How to change windows logo on logon screen?
Can't Boot Windows 7 - Stuck At Win Logo Screen
Can't even boot in safe mode or the repair mode or from the Windows installation disk.....always gets stuck at the Windows logo screen where it says "Windows Starting". When trying to boot normal, I get the "reboot and select proper boot device or insert boot media in selected boot device"...
BSOD Help and Support

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 16:11.

Twitter Facebook Google+

Windows 7 Forums

Seven Forums Android App Seven Forums IOS App