Change Boot Logo/Screen?

[ShopBunny]

Oh and let me add that this isnt possible.

No matter how you mod the bootres.dll it will require a digital signature and that disappears as soon as you mod it.. If there is no digital signature then it will just show the old vista bootscreen.. so just give up.

Which would be the wise thing to do.
I allready said that I'd strongly advise against it. It's a security hole.

 

[monkeys breath]

Oh and let me add that this isnt possible.

No matter how you mod the bootres.dll it will require a digital signature and that disappears as soon as you mod it.. If there is no digital signature then it will just show the old vista bootscreen.. so just give up.

Which would be the wise thing to do.
I allready said that I'd strongly advise against it. It's a security hole.

if it is a security hole it was done deliberately by microsour to keep people from modding. i am so sick and tired of microsour trying to force everyones pc to look the same. as for impossible, nothing is impossible. someone will get around microsours bulls##t.

 

[pallemans]

O, I did all the steps and I see the animation bitmap. This I can change to whatever.
But it doesn't show the 2 lines "windows starting" / "Copyright...." So I can't remove these lines, these words.
That means these words are not in the picture. So where are they from? Where is the file and the script where it says to show these words at the boot logo/screen and how to get rid off them?

Regards,
P.

I think I may have found where the "Starting Windows" for your boot logo is located. Give me a day or two to test a couple things and I will post instructions on how to change it....

How far are you?
Can it be done?
And for those here writing stuff totally off topic, please write that stuff somewhere else. Here we are trying to change/modify the bootscreen! Let the hackers do what they do best and help us noobs out.
In regards to "it cant be done because of a digital signature", can't that signature just be copied and replaced to the bootres.dll file after it being modified as we want it to be? (sorry for not knowing much about digital signatures and stuff...I'm a noob )

 

[ShopBunny]

Oh and let me add that this isnt possible.

No matter how you mod the bootres.dll it will require a digital signature and that disappears as soon as you mod it.. If there is no digital signature then it will just show the old vista bootscreen.. so just give up.

Which would be the wise thing to do.
I allready said that I'd strongly advise against it. It's a security hole.

if it is a security hole it was done deliberately by microsour to keep people from modding. i am so sick and tired of microsour trying to force everyones pc to look the same. as for impossible, nothing is impossible. someone will get around microsours bulls##t.

That's exactly why m$ put in the signature. To prevent ppl from making changes. BUT like I mentioned, with very good reason. It's actually one of the few things m$ really thought about and did right. It's a hacker's delight to gain access to your accounts.

O, I did all the steps and I see the animation bitmap. This I can change to whatever.
But it doesn't show the 2 lines "windows starting" / "Copyright...." So I can't remove these lines, these words.
That means these words are not in the picture. So where are they from? Where is the file and the script where it says to show these words at the boot logo/screen and how to get rid off them?

Regards,
P.

I think I may have found where the "Starting Windows" for your boot logo is located. Give me a day or two to test a couple things and I will post instructions on how to change it....

How far are you?
Can it be done?
And for those here writing stuff totally off topic, please write that stuff somewhere else. Here we are trying to change/modify the bootscreen! Let the hackers do what they do best and help us noobs out.
In regards to "it cant be done because of a digital signature", can't that signature just be copied and replaced to the bootres.dll file after it being modified as we want it to be? (sorry for not knowing much about digital signatures and stuff...I'm a noob )

I think it's rather GOOD to talk about stuff related to this bootscreen issue. Ppl really need to be aware of the possible consequences of changing that screen.

And as for the signature, duplicating and implementing it in another bmp is possible, but not quite that easy to do, so the question here is is it really worth the hassle ?

 

[Imurai]

Hell yea it's worth! I want my grinning eyepatched skull back with the text saying: Micro$hit Windows Pirated Edition, Right to copy

Bythe way,I never had a single virus with XP ('cept for blaster mybe ) and i used a TON of bootscreens (which were freakin' exe's! Dont tell me, THOSE weren't security risks!)

 

[ShopBunny]

Hell yea it's worth! I want my grinning eyepatched skull back with the text saying: Micro$hit Windows Pirated Edition, Right to copy

Bythe way,I never had a single virus with XP ('cept for blaster mybe ) and i used a TON of bootscreens (which were freakin' exe's! Dont tell me, THOSE weren't security risks!)

From m$ :

"The reasons for this should be pretty clear, which is that we cannot guarantee the security of the system to allow for arbitrary elements to be loaded into memory at boot time. In the early stages of starting Windows, the system needs to be locked down and execute along a very carefully monitored and known state, as tools such as firewalls and anti-virus checking are not yet available to secure the system. And, of course, even though we’re sure everyone would follow the requirements around image size, content, etc. due to performance, we would not want to build in all the code necessary to guarantee that all third parties would be doing so,"

You can read about it here :
No Custom Windows 7 Boot Screen - Just in case you were holding your breath - Softpedia

In my opinion it is pretty valid and understandeable standpoint, from a devolloper's perspective. Your memory will be exposed during time of the bootscreen when unsigned, hence the lockdown by the means of a digital signature.

 

[Imurai]

I fully understand your (and the devs') point, yet I think we are willing to take the risk. Customizing your OS always comes with risks, and it is our own decision whether we do it or not.
By the way, MS, by making this operation difficult just made it less likely that virus-writers would use it. See, changing XP's bootscreen was a piece of cake, yet I never heard of anything exploiting that. I'm not in worry about this issue.

 

[0tolerance]

The "Starting Windows" text is located in winload.exe.....however, as people have said, both bootres.dll and winload.exe are protected by digital signatures.....

I have figured out how to export the digital signature from the original files, however.....Unfortunately I haven't found a program that will convert the exported signature file into a useable format so that the modified files can be signed with it....

 

[monkeys breath]

in a nut shell it is a bootscreen it has no need to be tied to the boot processes. from vista on down you always had the option in the past of changing it or bypassing it altogether without messing up the system security. the only reason ms has it setup this way is so they always get their free advertising during every bootup.

 

[monkeys breath]

Hell yea it's worth! I want my grinning eyepatched skull back with the text saying: Micro$hit Windows Pirated Edition, Right to copy

Bythe way,I never had a single virus with XP ('cept for blaster mybe ) and i used a TON of bootscreens (which were freakin' exe's! Dont tell me, THOSE weren't security risks!)

From m$ :

"The reasons for this should be pretty clear, which is that we cannot guarantee the security of the system to allow for arbitrary elements to be loaded into memory at boot time. In the early stages of starting Windows, the system needs to be locked down and execute along a very carefully monitored and known state, as tools such as firewalls and anti-virus checking are not yet available to secure the system. And, of course, even though we’re sure everyone would follow the requirements around image size, content, etc. due to performance, we would not want to build in all the code necessary to guarantee that all third parties would be doing so,"

You can read about it here :
No Custom Windows 7 Boot Screen - Just in case you were holding your breath - Softpedia

In my opinion it is pretty valid and understandeable standpoint, from a devolloper's perspective. Your memory will be exposed during time of the bootscreen when unsigned, hence the lockdown by the means of a digital signature.

it is an image. now if someone is stupid enough not to scan the image for spyware, viruses, trojans, keyloggers, or rootkits before they use it as bootscreen then they get what they ask for. treating every user like they do not know what they are doing i a great way to loose customers.

 

[Greg S]

the only reason ms has it setup this way is so they always get their free advertising during every bootup.

Class action time for back wages on Advertising. Where's a good lawyer when you need one,lol. Just for the record, I agree with you about the free advertising

 

[pallemans]

The "Starting Windows" text is located in winload.exe.....however, as people have said, both bootres.dll and winload.exe are protected by digital signatures.....

I have figured out how to export the digital signature from the original files, however.....Unfortunately I haven't found a program that will convert the exported signature file into a useable format so that the modified files can be signed with it....

Ok, we now know where it is located. Now all we got to do is figure out how to modify the file and place back the digi-signature, right?
If you modify the winload.exe and just remove the lines "starting windows" and "(C) Microsoft Corporation", is this enough for the digital signature for it to be automatically removed?
Or even just to modify the colorcode of the letters from white to black, will this simple modification still remove the digital signature and leaves the file winload.exe unusable?

PS: how did you read and edit the file, to find the words? What executable-editor software?

 

[REB]

dont waste ur time palle... if it is ever to be possible to change that bootscreen, then it will be some guys who hack the system files, you'd have to wait for.

 

[0tolerance]

Ok, we now know where it is located. Now all we got to do is figure out how to modify the file and place back the digi-signature, right?

There is no way to replace the digital signature without Microsoft's private key, so the only way to make an unsigned file work is to figure out how to completely disable the code signing checks....

If you modify the winload.exe and just remove the lines "starting windows" and "(C) Microsoft Corporation", is this enough for the digital signature for it to be automatically removed?
Or even just to modify the colorcode of the letters from white to black, will this simple modification still remove the digital signature and leaves the file winload.exe unusable?

Any modification of a digitally signed file will cause the signature to be removed

PS: how did you read and edit the file, to find the words? What executable-editor software?

I used Resource Hacker to open and edit the file....The portion of the file you are wanting to change is located Message Table section....Once you change any of the text located there, you will need to click the "Compile Script" button at the top of the text window and then save your file

 

[CarlTR6]

My thanks to all who contributed to this thread, I learned a heck of a lot. I, too, liked the ease with which I could change the boot screen in XP.

 

[Greg S]

I, too, liked the ease with which I could change the boot screen in XP.

Me too as in it's easy to replace the file, getting my image into it is a crap shoot with the app I use. It usually takes about 3 times for it to take. On a sad note, I noticed today after the XP Win updates that ntoskrnl has been updated. There went my boot screen,lol. I think I'm done for now. Maybe later on I will replace the image but right now I find myself in Win 7 more than XP.

 

[monkeys breath]

the problem is not solved, and this thread should have not been marked as such. it is only solved until a practical way to change the win 7 bootscreen is found. meaning a a way to change it that regardless of the users level of computer skills can apply the solution without any worries of doing harm to their system by accident.

 

[pallemans]

the problem is not solved, and this thread should have not been marked as such. it is only solved until a practical way to change the win 7 bootscreen is found. meaning a a way to change it that regardless of the users level of computer skills can apply the solution without any worries of doing harm to their system by accident.

Indeed! I totally agree with you.
The problem hasn't been solved yet. And considering the huge amount of interest in this thread, sooner or later some smart fellow will find a way to change the bootscr with some kind of homemade editor!
(hopefully.....)

So come'on hackers, I can't believe you can hack Win7 installation or any other programs from high value software companies but you cannot hack a digi signature in one small file! :huh:
I reckon it won't be long till it someone invents it!

 

[0tolerance]

It seems that there are people out there who are hex editing winload.exe and the windows kernel to disable PatchGuard....and somehow the digital signatures on these modified files remain intact...I also found some instructions on how to manually disable PatchGuard and driver signing checks with a hex editor, although I haven't found the spot in the code that they are saying to modify yet....The link to those instructions follows....


http://fyyre.ivory-tower.de/txt/bootloader.txt


I am currently using a version of Winload that was edited by the author of the above linked text, and it works fine.....however with this edited winload.exe, I now see a Vista style boot screen rather than the Windows 7 one....

 

[monkeys breath]

It seems that there are people out there who are hex editing winload.exe and the windows kernel to disable PatchGuard....and somehow the digital signatures on these modified files remain intact...I also found some instructions on how to manually disable PatchGuard and driver signing checks with a hex editor, although I haven't found the spot in the code that they are saying to modify yet....The link to those instructions follows....


http://fyyre.ivory-tower.de/txt/bootloader.txt


I am currently using a version of Winload that was edited by the author of the above linked text, and it works fine.....however with this edited winload.exe, I now see a Vista style boot screen rather than the Windows 7 one....

still the fact is that most users that want to change their boot screen will want a simple app like the one that came with tuneup utilities for xp and vista. do not get me wrong there are a lot of thing that i tweak in 7 by editing, however if i goof with those hack they will not mess up the security or damage the os.