Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 



bigmuscle

UxTheme Signature Bypass

Recommended Posts

Posted (edited)

Tried new 1.5.3 AG version... Neverending loop logon is stays as problem... I use UxTSB from 2016-10-19.

Author in 1.5.3 makes some corrections to boot procedure but it not helps with my problem...

P.S. Is there is any possibility to enable more detailed debug.log? My problem does not give me rest...

Edited by CKyHC

Share this post


Link to post
Share on other sites

Posted (edited)

You can create new DWORD EnableLogging in registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\DWM and set it to 1. Although I'm afraid it won't give any more useful info for this scenario, but worth a try I suppose.

Edited by UCyborg

Share this post


Link to post
Share on other sites

You could try and see if it works in safe mode. There is a trick to get Aero Glass working in safe mode, first, install it as the service just to get rid of dependency on Task Scheduler (see http://www.msfn.org/board/topic/170945-uxtheme-signature-bypass/?do=findComment&comment=1136296), maybe you could just enable Task Scheduler in safe mode instead (I haven't tried), but this way, you keep things to a minimum, then, you have to add both Aero Glass and Themes services to the list of safe-mode enabled services (see the attachment).

AeroGlassSafeMode.zip

Share this post


Link to post
Share on other sites
53 minutes ago, UCyborg said:

You could try and see if it works in safe mode. There is a trick to get Aero Glass working in safe mode, first, install it as the service just to get rid of dependency on Task Scheduler (see http://www.msfn.org/board/topic/170945-uxtheme-signature-bypass/?do=findComment&comment=1136296), maybe you could just enable Task Scheduler in safe mode instead (I haven't tried), but this way, you keep things to a minimum, then, you have to add both Aero Glass and Themes services to the list of safe-mode enabled services (see the attachment).

AeroGlassSafeMode.zip

Thanks. I'll try this when I'll have time.

Share this post


Link to post
Share on other sites
Posted (edited)

I wrote a simple and quick loader DLL for UxTSB DLL. It can be placed in the same folder as UxTSBxx.dll and installed with AppInit_DLLs method. The loader DLL will simply check if the process name is winlogon.exe or explorer.exe and only load the actual UxTSBxx.dll if it is then the loader DLL will be unloaded from memory. So AppInit_DLLs method can be used without breaking the ability to use .deskthemepack files and UxTSB DLL won't hang around in other processes.

UxTSBLoader.zip

Edited by UCyborg
  • Upvote 1

Share this post


Link to post
Share on other sites
On 01/05/2017 at 8:01 AM, UCyborg said:

I wrote a simple and quick loader DLL for UxTSB DLL. It can be placed in the same folder as UxTSBxx.dll and installed with AppInit_DLLs method. The loader DLL will simply check if the process name is winlogon.exe or explorer.exe and only load the actual UxTSBxx.dll if it is then the loader DLL will be unloaded from memory. So AppInit_DLLs method can be used without breaking the ability to use .deskthemepack files and UxTSB DLL won't hang around in other processes.

UxTSBLoader.zip

Nice work, just tested it and works as expected

Share this post


Link to post
Share on other sites
On 01.05.2017 at 1:01 AM, UCyborg said:

I wrote a simple and quick loader DLL for UxTSB DLL. It can be placed in the same folder as UxTSBxx.dll and installed with AppInit_DLLs method. The loader DLL will simply check if the process name is winlogon.exe or explorer.exe and only load the actual UxTSBxx.dll if it is then the loader DLL will be unloaded from memory. So AppInit_DLLs method can be used without breaking the ability to use .deskthemepack files and UxTSB DLL won't hang around in other processes.

UxTSBLoader.zip

Please give steps how to apply it to Aero Glass

Share this post


Link to post
Share on other sites

I do mess with Windows 8.1 and 10 virtual machines more frequently these days and see the effect of being thrown back to the login screen occasionally with Aero Glass' injection method. This morning, the Windows 10 machine even crashed with KERNEL_MODE_HEAP_CORRUPTION, something I've seen only on that OS when theme fails to load and the system isn't patched to accept them. Windows 8.1 in comparison just loops infinitely with a black screen. As an experiment, I wrote a bare-bones service some time ago that just injects DLL into winlogon.exe the same way as Aero Glass (CreateRemoteThread) and the logon problem can still occur, on Windows 8.1 as well.

When you think about it, it's not that strange. After all, you're at the mercy of how the scheduler schedules threads. With AppInit_DLLs, you get 100% reliability simply because everything is taken care of at the early stage when user32.dll loads. With CreateRemoteThread, you're randomly spawning the thread in the target process in undetermined state to load the library and hoping it'll work.

4 hours ago, neoandersen said:

Please give steps how to apply it to Aero Glass

It's independent of Aero Glass, the only important thing is you put all DLLs in the same folder and the path to that folder doesn't contain spaces. Also, it won't work on systems with secure boot enabled and future updates to Windows 10 may throw out AppInit_DLLs mechanism entirely.

The UxTSB DLLs are in here: http://glass8.eu/out/UxTSB-2016-10-19.7z

Then get my ZIP file and put the appropriate DLL in the same folder as UxTSBxx.dll. For both archives, you pick the DLL with the number 64 in the name assuming you have 64-bit  Windows.

Then install with the correct registry file I'm attaching below. It assumes you've put the DLLs in C:\AeroGlass, which can be corrected with Notepad if needed.

UxTSB64Loader.reg

UxTSB32Loader.reg

  • Upvote 1

Share this post


Link to post
Share on other sites
On 07.05.2017 at 7:10 PM, UCyborg said:

I do mess with Windows 8.1 and 10 virtual machines more frequently these days and see the effect of being thrown back to the login screen occasionally with Aero Glass' injection method. This morning, the Windows 10 machine even crashed with KERNEL_MODE_HEAP_CORRUPTION, something I've seen only on that OS when theme fails to load and the system isn't patched to accept them. Windows 8.1 in comparison just loops infinitely with a black screen. As an experiment, I wrote a bare-bones service some time ago that just injects DLL into winlogon.exe the same way as Aero Glass (CreateRemoteThread) and the logon problem can still occur, on Windows 8.1 as well.

When you think about it, it's not that strange. After all, you're at the mercy of how the scheduler schedules threads. With AppInit_DLLs, you get 100% reliability simply because everything is taken care of at the early stage when user32.dll loads. With CreateRemoteThread, you're randomly spawning the thread in the target process in undetermined state to load the library and hoping it'll work.

It's independent of Aero Glass, the only important thing is you put all DLLs in the same folder and the path to that folder doesn't contain spaces. Also, it won't work on systems with secure boot enabled and future updates to Windows 10 may throw out AppInit_DLLs mechanism entirely.

The UxTSB DLLs are in here: http://glass8.eu/out/UxTSB-2016-10-19.7z

Then get my ZIP file and put the appropriate DLL in the same folder as UxTSBxx.dll. For both archives, you pick the DLL with the number 64 in the name assuming you have 64-bit  Windows.

Then install with the correct registry file I'm attaching below. It assumes you've put the DLLs in C:\AeroGlass, which can be corrected with Notepad if needed.

UxTSB64Loader.reg

UxTSB32Loader.reg

thank you. but still does not work properly.

Share this post


Link to post
Share on other sites

The only issue I've encountered so far is inability to set the theme with Settings app on Win10 Creators Update. The workarounds are described some posts back. Obviously the easiest solution might be waiting for new Aero Glass build and use its method for UxTSB.dll injection which should take care of these things automatically. If there are reliability issues with said method, the workaround is to have it sit on login screen for few seconds. Multiple user accounts or one password-protected account without enabling auto-login feature accomplishes that and allows things to settle.

  • Upvote 2

Share this post


Link to post
Share on other sites

Aero Glass 1.5.4 (12.8.2017), 1.5.5 (20.8.2017) and now(!) 1.5.6 (10.9.2017) not inject UxTSB.dll in SystemSettings.exe.

Windows RS2 new Personalization Panel can't apply unsigned themes.

No bugfix after month.

  • Like 1

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.

×