How To Change Win2kboot Logo

How to change Win2k Boot Logo:Author: Tabish Ali Rizvi ([email protected]) Nick:Neo Disclaimer: ----------I will not accept any responsibility for ANY data loss if you attempt this procedure on your own. This information is for educational and informational purposes only! Use at your own risk! Tools Required: --------------1."Resourse Hacker".( You can get it from astalavista.com) 2. Any "Image Editor" Process: -------Process is divided in 13 steps. Simply follow the steps and change yr Win2k boot logo as you want. Step 1. Make a copy of C:\WINNT\SYSTEM32\NTOSKRNL.EXE called KERNEL01.EXE and place it in the C:\WINNT\SYSTEM32\ folder. Step 2. Get the "Resource Hacker",once you got it, then launch "ResHacker.exe". Step 3. Click "File", then "Open" (after launching the Reshakcer), and browse to the C:\WinNT\System32\ directory. Open the file we just created in the first step called KERNEL01.EXE Step 4. On the left-hand side of the screen, double-click on the word "Bitmap" and then the number "1". Click the icon that reads "1033" and you should see the Windows 2000 bootlogo on the right side of the screen. Now Minimize the ResHacker and make yr own new image. Step 5. Using any image editor, create a Bitmap image that is 640 x 480 using 16 colors.I've found the easiest way to create an image is to take a copy the current image and open it with Photoshop and then edit the top portion. Set the "mode" to "indexed colors" and set the number of colors to 16. Save the file as a BMP file with RLE Compression enabled and you're all set. (Important! Do not deviate from 640x480 and 16 colors or your results may vary! I've tried it with more colors, and all you'll see is a black screen during the boot sequesnce, in place of the boot logo.) Step 6. Once you have created the image, save it somewhere on your drive taking note of its location. Step 7. Within Resource Hacker, click on "Action", then "Replace Bitmap" and a new window will pop-up at this point. Then click on the "Open file with new bitmap"

button and browse to the 16-color image you just created. It should look similar to the prevoius picture on the right. Step 8. Once you have selected the file, click on the "Replace" button and you should return to the "root" of Resource Hacker. Just for the hell of it, make sure your change took effect. Step 9. Once everything looks good, click "File" then "Save". Step 10. Time for a quick recap of what we've done so far. We've made a copy of our NTOSKRNL.EXE file and placed it in the C:\WINNT\SYSTEM32\ folder. The copy was named KERNEL01.EXE and was opened using Resource Hacker. The bitmap resource image for the boot logo was replaced with our own customized version, and the file was saved. Step 11. Conceptually, the next step is to "tell Win2K to use the new KERNEL01.EXE file when it boots, instead of it's normal NTOSKRNL.EXE file". We are going to do this by modifying the BOOT.INI file which is located in the root of your C: drive. The file is marked hidden and read-only by default so the first thing we should do is turn off the read-only attribute. Do this by right clicking on the boot.ini file and then clicking on properties. Uncheck the read-only box and click OK to apply changes. NOTE:- if you cannot find your boot.ini file, you probably have Windows Explorer setup so that it cannot view hidden files. Correct this by clicking on Tools and then Folder Options. Go to the View Tab and toggle the radio button to Show Hidden Files and Folders. Uncheck This Box: Hide protected Operating System files

Step 12. We're now ready to open the BOOT.INI file and modify its contents. I've listed below what my current BOOT.INI file looked like before any changes were made to it. Yours should be somewhat similar. [boot loader] timeout=3 default=multi(0)disk(0)rdisk(0)partition(1)\WINNT [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows 2000 Professional" /fastdetect The line we're concerned with is the one under [operating systems] - this is the line that NTLDR parses to determine the location of the operating system boot partition. Make a copy of this line and paste is below the existing one. You should also take a minute and make sure the timeout=X line under the [boot loader] section has a value other than zero. This is the number of seconds that the boot menu will be displayed, before it accepts the default value and continues. The default value will be whatever is listed first under the [operating system] section.

[boot loader] timeout=3 default=multi(0)disk(0)rdisk(0)partition(1)\WINNT [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows 2000 Professional" /fastdetect multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows 2000 Professional" /fastdetect Modify the line directly below the [operating systems] heading, adding the following switch to the end: /KERNEL=KERNEL01.EXE (KERNEL01.EXE is the name of the file we modified in the previous steps) By doing this, we are telling NTLDR that we want to boot our system using the specified Kernel file, instead of the default NTOSKRNL file that is used when the /kernel= option does not exist. You should also change the description on this line from "Microsoft Windows 2000 Professional" to something like "Microsoft Windows 2000 Hacked Logo" so you know which option is which. Your boot.ini file should now look like this: [boot loader] timeout=3 default=multi(0)disk(0)rdisk(0)partition(1)\WINNT [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows 2000 Hacked Logo" /fastdetect /kernel=kernel01.exe multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows 2000 Professional" /fastdetect Before we save this file and move to the dreaded Step 13, let's recap what we've done here just to make sure everything is right. We've opened up the boot.ini in edit mode (with read-only turned off) and have made the following changes: the timeout value is greater than zero, the default operating system line was copied and modified to include the /kernel switch pointing to the modified file from the previous steps. The original default operating system line was not changed in any way, it was just "bumped down" a spot to make room for our new kernel file. Step 13. There really isn't much to Step 13, just reboot your system. You should be prompted with a menu for a period of 3 seconds asking you which boot option you would like: "The Hacked Logo" or the "Professional Boring" version. It should default to "The Hacked Logo" version after those 3 seconds have expired, since it resides at the top of the list. However should something go amuck and you've totally screwed up your "Hacked Logo" kernel file by using a 16-bit color bitmap image, instead of a 16 color image, you can still boot your system up using the original kernel file by choosing the second option on the menu. That's why is was so important to not make any changes to that line. Now Enjoyed the Hack Logo. Author: Tabish Ali Rizvi ([email protected]) Nick:Neo