Jump to content

ntoskrnl.exe SP2


Recommended Posts

does anyone know where i can find complete and sp2 compliant ntoskrnl.exe?

the ones from themesxp.org are not sp2 compliant.

thanks

Some of the more recent submissions are for service pack 2. Just make sure that they include version 2180 for SP2. This dude who goes by the handle 'Hungherk' is submitting lots of SP2 kernels. There are others as well.

Link to comment
Share on other sites


I don't need to edit the progress bar, it is a precustom image i just edited part of it, but left the progress bar part alone, so theoretically it work

The problem is that the progress bar uses the same palette as the main image in the kernel. If you change the palette, then the original progress bar image is going to use that palette and will be colored differently.

Link to comment
Share on other sites

Just go into reshacker, save bitmap 8. Load it into psp and then load the palette you saved from your custom image. You'll see what I mean when you load your new palette. Then just recolor it using the colors of the new palette. I find zooming the image and using a 1 pixel brush works well. It shoudn't take long as the image is pretty small. Save the image and use reshacker to replace the old image with the new.

Link to comment
Share on other sites

would it work if i just replaced the appropriate progress bar image with the one from the custom theme that i downloaded and am now editing? or do i still need to do something with the palette, or is it just a matter of either eidting the progress bar image with the palette colours, or using a custom image that is already designed for the palette.

Link to comment
Share on other sites

If you changed the palette of the custom ntoskrnl you are now editing then you will have to recolor the progress bar as well.

When you finish the main image (bitmap 1), save the palette. I think you have already done that but I'm not sure. Grab Bitmap 8 from that custom ntoskrnl and load it into PSP. Load the palette you saved. If the image looks okay to you, then you can use it as is. If it looks funny (chances are it will) then just recolor it using the new palette that you loaded.

I know it seems like a pain but once you get the hang of it, it's not so bad. :)

Link to comment
Share on other sites

astalavista, the best way i find would be to make your own.

EDIT: I've alterted the tutorial slightly, please if anyone notices a mistake please post a reply in this thread.

Step1:Once you install windows xp sp2, copy the ntoskrnl.exe(this may not be the right one if using multi processors from what i understand)to a new directory.

Step2:Then rename it(but do not change the extension).

Step3:Then download the theme you like from themexp.com.

Step4:Once you have the theme, open it with a program callled resource hack(do a search in msfn forums for this program)

Step5:Next check the bitmaps for your version of XP the 1st one is the main one, 8 is the progress bar for XP Pro, and 9 is the progress bar for XP Home.

Step6:If these bmps are black, then get a program called boot editor(once again do a search for this program on the MSFN forums).

Step7:If they are not black, click action(in resource hack)and save bmp(ignore the booteditor step if not black images)

Step8:(Can skip this step if images were not black)Once you have boot editor, load the kernel file from themexp.org, it will then save the images.

Step9:(Do this task even if you didn't do the boot editor part)

Then open the ist image pic1.bmp with paintshop pro(i use 8 so this is the one i'm gonna describe for)

Step10:Next go to image, palette, save palette.

Step11:Name the palette whatever you want.

Step12:Then go to image, palette, load palette.

Step13:Select the name you chose, and click load.

Step14:Then go to image, palette, edit palette(the palette should be loaded from the previous task)

Step15:This will bring up a screen that shows the order of the palette in question.

Step16:From the left start with the very first colour, record the hex value(it says html right above the hex value)

Step17:Next choose the next colour right after the first one, do exactly the same thing as the previous step, then repeat until you have recorded all the palette colours.

Step18:Now that you have recorded the hex values you will need to reverse them..Example if the hex value is FFEECC then you need to reverse it to CCEEFF. Do this for all the hex values that you recorded.

Step19:Once you have done this, you will need to get a hex program, i used ultra edit, but from what I understand you can use any hex editor.

Step20:Once you have your hex editor, do a search for the following : 00 00 00 00 15 1A 20 00 46 46 46 00 D2 3E 2D 00 01 65 53 00 05 35 B2 00 7E 7E 7E 00 00 92 89 00 FC 7F 5E 00 20 6B F7 00 FF A6 8D 00 04 DC 8E 00 1B BC F3 00 BC BC BC 00 FC FC FC FF FF FF You may have to shorten it slightley to : 00 00 00 00 15 1A 20 00 46 46 46 00 D2 3E 2D 00 01 65

Step21:Now once you have done the search in the hex editor, you need to import your palette that your recorded and reversed into the kernel file.

Step22:To do that you start at the first set of zeros(00 00 00)(which is at the very beginning of the hex numbers you searched for) just

Step23:Replace 00 00 00 with the first REVERSED hex value from your palette that you created from your image. Example:00 00 00 replaced with EE FF CC

Step24:Once the first set of numbers is replaced you need to add 2 zeros following it. Example:00 00 00 00(the last zeros are needed after the first set of three)

Step25:Next you replace the next set of three numbers 15 1A 20 with the next set of reversed hex numbers from your pallette. Once again you need to add the 2 zeros after like in the previous step.

Step26:Continue replacing the hex values until you have no more reversed hex values to add. Once again add the 2 zeros.

Step27:Once that is all done save the kernel file(remember do NOT use the original kernel, always use a copy of your kernel).

Step28:Now you need to add your image back in. Open the kernel file(the one you just edited)with resource hack again and select the bitmap you wish to replace.

Step29:Select action, replace bitmap, then selct your custom bitmap and click replace.

Step30:Now save the kernel and that is it FOR NOW. I will edit this post a little later with corrections and how to make sure the progress bar and other bmps that may need to be edited work correctly.

NOTE: Please post your comments on my tutorial, and please point out mistakes. I will be editing it again with any corrections that are needed, such as reducing the amount of steps, adding information on colour depth, and editing the progress bar to work with the customized main bmp.

Link to comment
Share on other sites

Once you convert your palette to the appropriate format it's just a matter of loading ntoskrnl.exe into your hex editor, going to the appropriate address and overwriting the old values with the new.

I just grab a pencil and paper, look at the palette in PSP like I mentioned before, and then write down the values starting with the first color, add 00, go to the next color, add 00 and so on remembering to reverse the order of the hex pairs.

There's a program called booteditor that makes this a lot easier but currently it doesn't support SP2. I think a new release is soon to come however.

Link to comment
Share on other sites

I've already added the palette to the ntoskrnl.exe Now that it is added i only have to edit the progress bar images so they use that pallette right? and what you think of my tutorial, is there anything i should add besides colour depth and the progress bar thing.

Link to comment
Share on other sites

Bloodstalker: The first color is 00 00 00 not 15 1A 20.

Use the go to feature of your hex editor: 75688 is the address the palette starts at or 79C08 for hyperthreading/multprocessor systems.

The appropriate ntoskrnl will be in the system32 for either.

That tutorial is a bit hard to read because it's all run together.

For SP2, the only bitmaps you have to worry about are 1 and 8.

Remeber, the SP2 kernel doesn't use the professional and home overlays.

Link to comment
Share on other sites

There are 5 locations (2 hex pairs each) which store the progress bar vertical position and height. Actually 3 for the position and 2 for position+height.

The first 3 offsets for the vertical position:

37344, 3912D, 391B9 - Default values are 62 01

This actually translates to 0162 hex ; 354 decimal. That is the number of pixels from the top of the screen the p-bar is positioned at by default.

The last 2 offsets are for the vertical position+progress bar height in pixels:

373C2, 391AF - Default values are 6A 01

Translates to 016A hex; 362 decimal. This is 354 (p-bar vertical position) + 8 pixel height.

As an example, if you wanted to position the p-bar 200 pixels from the top:

Convert 200 to hex: 00 C8

Swap the hex pairs C8 00. This is what you will write at the first 3 offsets.

The p-bar's height is 8 pixels, so add 8 to 200, convert to Hex: 00 D0

Swap: D0 00. This is what you will write at last 2 offsets.

The values at the first three offsets need to be between 0 - 631 (00 00 - 77 02 )

631 because that is the very bottom of the screen minus the 8 pixel height of the p-bar.

The values at the last two offsets need to be between 7 - 639 ( 07 00 - 7F 02)

Just add 8 to the values you write to the first 3 offsets.

8 is the default height of the progress bar but this can be changed. I haven't tried it yet but if you want to try to change the height, the actual image will need to be changed and a different value for the second set of offsets will need to be used to reflect the new height.

The progress bar can be moved completely off the screen but I haven't done this before. I assume you would write values which exceed the bottom position of the screen. If you go to far you will most likely crash when booting.

The offsets for ntkrnlmp.exe are different:

3984C, 3B072, 3B08C

and

398CA, 3B082

Link to comment
Share on other sites

@jrzycrim: Thankyou very much. That was extremely detailed. I take it you cannot change the horizonal position (left, right)?

Not that it really matters but would be nice to know. Again, thankyou for that information.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...