I'm trying to patch my bootmgfw.efi
file to change the background color of the BitLocker password prompt and other Windows bootup screens. I found the values to search for and replace for the color (B2 67 20 FF
) and verified in IDA Pro that they were all near calls to functions related to the display (they were.) I copied the file to my EFI system partition, backing up the original, and rebooted.
When my computer rebooted, after the BIOS finished, it took me to a screen, in my new color, with the following error:
Recovery
Your PC needs to be repaired.
The digital signature for this file couldn't be verified.
Error code: 0xc0000428
You'll need to use the recovery tools on your installation media. If you don't have any
installation media (like a disc or USB device), contact your system administrator or PC
manufacturer.Press Esc for UEFI Firmware Settings
Pressing Escape didn't take me to a menu where I could disable the signature checking or anything; just my CMOS setup, where I already have Secure Boot disabled.
I was able to easily restore the backup using the installation media as it said, but how can I tell Windows that the invalid digital signature is not the result of malicious software, but rather an intentional change on my part?
Boot into the UEFI (basically BIOS) and disable secureboot. To get into the firmware, search for advanced reboot options and an option should be there. I don't recall the specifics, as when I get a Windows 8 machine I always nuke it and install arch linux, so I only do it once a machine.
Press F8 while Windows is starting and choose Disable Digital Signature from the menu. You might have to do that each time though, I'm not sure. If you do, i'd rethink changing the colors. I'd rethink anyway since the signature is there to prevent tampering from viruses and rootkits.
change your date in bios setup this will help you to boot your system
The digital signature for this file couldn't be verified. bcoz may be your digital signature expired so change your bios date to previous date but every time you need to this until you buy new digital signature.
watch this video to change date in bios. Maybe your system have different bios setup menu
User contributions licensed under CC BY-SA 3.0