Jump to content

UxTheme Signature Bypass


bigmuscle

Recommended Posts


5 minutes ago, UCyborg said:

Still works on version 17134.191 for me. I use my loader DLL, which must be referenced in AppInit_DLLs setting in registry. It ensures UxTSB can't mess with any other process besides winlogon.exe and explorer.exe.

But it can't help with secure boot enabled... And... You use different visual style? Not atlas? What theme you're use?

Edited by CKyHC
Link to comment
Share on other sites

1 hour ago, CKyHC said:

But it can't help with secure boot enabled

Forget about UxTSB method then. AppInit_DLLs is the only known reliable way to get that DLL in winlogon.exe without causing chaos.

I don't think anything will be done about this. It's just too messy. I mean, remember UxStyle? A kernel driver just to be able to load those stupid .msstyles, which are nothing more than a bunch of images and some other random data values.

1 hour ago, CKyHC said:

And... You use different visual style?

Yes, a slightly modified version of this theme.

9 hours ago, CKyHC said:

3rd party visual styles didn't work. On applying screen is goes black and my integrated Intel HD 530 driver stops to work!

In log all right, UxTSB injects into all processes normal without errors.

When I installed 17134 build for the first time, I wanted to give the method that Aero Glass uses a shot again. At first, it seemed to have worked. But when shutting down, winlogon.exe was crashing continously, delaying the shutdown process.


On the unrelated note, an interesting project, NTVDM for 64-bit Windows. I mention it because it also relies on AppInit_DLLs. The thing is, the obsession with security, or more precisely, protecting the clueless users from bad software has gone through the roof.

There are so many restrictions in place; it's nuts. Recent builds of Windows 10 can even hijack CPU virtualization feature to protect its important processes or something along those lines. Well, it's off by default, but think about it. I rather have virtual machines running smoothly than having something as radical as that enabled for the false sense of security. Though it's also true that not everyone uses virtual machines.

Edited by UCyborg
Re-ordered text a little
Link to comment
Share on other sites

7 hours ago, dhjohns said:

I haven't had any issues with 3rd party themes in ages.  Everything is unchanged from RS3 to RS6.  All themes I have downloaded work great.

You want to say that on 17134.191 build you can use 3rd party theme working on previous versions?

For me on 17134.165 all works fine, on 17134.191 themes didn't work.

Link to comment
Share on other sites

13 hours ago, UCyborg said:

Forget about UxTSB method then. AppInit_DLLs is the only known reliable way to get that DLL in winlogon.exe without causing chaos.

I don't think anything will be done about this. It's just too messy. I mean, remember UxStyle? A kernel driver just to be able to load those stupid .msstyles, which are nothing more than a bunch of images and some other random data values.

Yes, a slightly modified version of this theme.

When I installed 17134 build for the first time, I wanted to give the method that Aero Glass uses a shot again. At first, it seemed to have worked. But when shutting down, winlogon.exe was crashing continously, delaying the shutdown process.


On the unrelated note, an interesting project, NTVDM for 64-bit Windows. I mention it because it also relies on AppInit_DLLs. The thing is, the obsession with security, or more precisely, protecting the clueless users from bad software has gone through the roof.

There are so many restrictions in place; it's nuts. Recent builds of Windows 10 can even hijack CPU virtualization feature to protect its important processes or something along those lines. Well, it's off by default, but think about it. I rather have virtual machines running smoothly than having something as radical as that enabled for the false sense of security. Though it's also true that not everyone uses virtual machines.

I didn't care about security. But loading dll through AppInit_DLLs leads to loading it into all the processes. But loading visual style didn't need that, it's needto inject only in winlogon.exe and explorer.exe, what AeroGlass doeng...

But I don't think that the problem is in way to inject UxTSB.dll... It injects without problems into all nececcary process, Problem accures on applying style, not on injecting... So I think that loading through AppInit gives me nothing...

Can it be somehow connected with display driver? It's integrated Intel HD 530...

Maybe problem is in style itself?

Can someone check loading style on 17134.191?

Thats the file of style I trying to load: http://rusfriends.clan.su/Other/Aero_Glow_Square_10.rar

Edited by CKyHC
Link to comment
Share on other sites

6 hours ago, CKyHC said:

But loading dll through AppInit_DLLs leads to loading it into all the processes.

If you put UxTSB64Loader.dll in the same folder as UxTSB64.dll and put UxTSB64Loader.dll in AppInit_DLLs instead of UxTSB64.dll, the loader DLL will ensure that UxTSB64.dll is loaded only if process name is winlogon.exe or explorer.exe. The loader DLL is unloaded as soon as its DllMain runs.

6 hours ago, CKyHC said:

Can someone check loading style on 17134.191?

Thats the file of style I trying to load: http://rusfriends.clan.su/Other/Aero_Glow_Square_10.rar

Loads without issues:

fo1BMvR.png

6 hours ago, CKyHC said:

Maybe problem is in style itself?

I noticed it has weird red line above taskbar program preview thumbnails. It's the best to use styles made for the build of Windows you're on, if possible. Otherwise, there is a possibility of encountering glitches at certain places. Though there are also styles out there that simply aren't as polished and that could also be the reason for something looking strange.

6 hours ago, CKyHC said:

Can it be somehow connected with display driver? It's integrated Intel HD 530...

Sounds unlikely, though I don't have that card.

Edited by UCyborg
Embedding link didn't work the first time
Link to comment
Share on other sites

Checked style on 32-bit Windows 10 17134.191. Even on older 1.5.2 x86 version of AG (it didn't give aero effect on latest build of W10, I use it for 3rd party themes and atlases) my style loads normal...

And as @UCyborg checked, problem is not in style... What else can be a cause of my problem?

AeroGlass works normal, theme atlases works, no errors in debug.log. UxTSB.dll injects normal, on explorer ribboned windows titles text with glow - this is possible using atlas+UxTSB.dll injected... Without UxTSB text glow only on usual window titles, not ribboned...

When I try to load visual style via old personalization panel, screen became black and it's sound that device is disconnected - after reboot video driver wrote that it was restored after fail...

If style load through ediding registry (ThemeManager) - Windows not logons - winlogon.exe drops when try to load style...

I didn't know where I can dig else... System is almost new. Not much programs installed... No AV installed, using Windows Defender... Maybe I frogot something to tune? What else need to do to 3rd party themes work?

Edited by CKyHC
Link to comment
Share on other sites

23 hours ago, dhjohns said:

That is correct.

This means that problem is in my system... But what can be wrong? I run AG through service, UxTSB.dll injects.... But visual style didn't loads...

Maybe some settings or polices editing need to be done? I long time didn't tune up system on new install... Is there is some setting needed for AG and UxTSB.dll?

Link to comment
Share on other sites

Have you tried using other themes, in particular ones that were designed for Windows 10 1803 specifically? There's a Windows modder called 'CleoDesktop' who has made a large number of them (he tends to keep everything up to date). He does charge a bit of money, but the themes I have tried so far all worked perfectly.
 

Link to comment
Share on other sites

On 10/17/2017 at 9:08 PM, SnarkyBastard said:

does someone have a installer for theme signature bypass? thanks

Aero Glass is an installer for UxTSB.dll (Theme Signature Bypass).

Install any of the latest versions of AG that support UxTSB.dll, place UxTSB.dll in the same folder as AG and create a task to kill (reset) dwm.exe and you will have only one installed UxTSB.dll without glass effect.

If you want the glass effect too, use the correct AG version for your Windows version together with UxTSB.dll without the task to kill dwm.exe, of course.


Regards
GTI

Link to comment
Share on other sites

On 8/11/2018 at 11:14 AM, CKyHC said:

This means that problem is in my system... But what can be wrong?

Try to paste this shell:::{ED834ED6-4B5A-4bfe-8F11-A626DCB6A921} into the explorer address bar, hit enter and select the theme here.

It may fail the first time, select a default theme, reset the pc and try again.

 

Regards

GTI

 

Link to comment
Share on other sites

Thanks for advices! Comp is at home now. After work I will try to use via AppInit_Dll, will try other theme.

23 hours ago, Aethelflaed said:

Have you tried using other themes, in particular ones that were designed for Windows 10 1803 specifically? There's a Windows modder called 'CleoDesktop' who has made a large number of them (he tends to keep everything up to date). He does charge a bit of money, but the themes I have tried so far all worked perfectly.
 

Can you give me anyone of them to try, please?

7 hours ago, GTI.H said:

Try to paste this shell:::{ED834ED6-4B5A-4bfe-8F11-A626DCB6A921} into the explorer address bar, hit enter and select the theme here.

It may fail the first time, select a default theme, reset the pc and try again.

 

Regards

GTI

 

Via this old personalization panel I'm always appliing the 3rd party themes. I know that through modern personalization themes didn't applies, because UxTSB.dll didn't injects into it, only in explorer.exe.

 

Another one thought: Intel® TXE: Intel® Trusted Execution Engine

I use one of the latest Core i3-6100 CPU with Intel HD 530 integrated GPU with full latest set of drivers on Asus H110 MB.

May this TXE technology brokes theme signing bypassing?

Anyone use Windows 10 x64 on Core i3-6xxx CPU?

Can theme be applied on safe mode somehow?

Edited by CKyHC
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...