Replace Imageres.dll across the domain to customize logon screen.

Posted on 2010-09-11
Medium Priority
Last Modified: 2012-05-10
I've tried to utilize group policy to replace the following file C:\windows\system32\imageres.dll with the one we have customized for our organization. Which works when we manually place the new file in the listed location. However, it is not my intentions to touch ever machine on our network. It seems I'm running into issues because this file is a protected file and cannot be changed through GPO. Does anyone know how I can get around this or a utility I can use to push this change to all computers in a S2K3 domain?
Question by:Dan-Hanley
  • 2
LVL 66

Expert Comment

ID: 33658503
You can try a script to copy it to the remote systems, but before it is copied, delete the copy from c:\windows\system32\dllcache.....

Or even better, copy it there first, and then make the copy.....  

Sometimes you can trick Windows File Protection.......

The DLLCache folder is where WFP stores the good copies of the Protected files. So if you delete/replace that one, then you wont have it revert back to the original one.....

Author Comment

ID: 33658695

         That's true and had we been on XP probably would work, but we are currently running Vista Enterprise and I believe that the DLL Cache folder does not exist. I believe that vista uses a set of ACL's that prevent files not to be written unless they are ran by the "TrustedInstaller" account. However, I am stumped and don't know how else to get around this. I've gone as far as to create my own MSI package to replace the file and leave me a log file to let me know it has ran, but still no luck. I guess even letting the system rights run the package wasn't enough. Well thanks for the reply hopefully you have some idea's because im just about out of them.

Accepted Solution

Dan-Hanley earned 0 total points
ID: 33667031
Okay, so I've solved my own problem... I still went with creating a MSI package, but this time I gave my package a .manifest file which elevated the install to require admin rights, but this alone did not make my package work correctly. I had to figure out what registry key did file name modifications and drop the file i wanted to changed into the system32 folder. The MSI package deletes the original file, places the custom imageres.dll and adds a registry key to rename the custom file to imageres.dll after this is done it requires a reboot and the changes should appear upon reboot.

Create a multi-string value in the following location.[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]


The MSI packager I used was  a freeware: EMCO

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

There are many reasons a PC runs slower than when it was new, ranging from malicious software intended to mess things up to simple general Windows use.  Your PC performance may slowly degrade over time without you noticing but when you buy a PC from…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Watch the video to know the simple way to remove or recover or reset lost or forgotten passwords of Outlook PST file. With Kernel Outlook Password Recovery tool such operation is very easy to perform. It is a freeware with limitation to use with 500…

587 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question