Geek Squad Mri

Posted on by

  1. Geek Squad Mri Software
  2. Geek Squad Mri Hud
May 15th, 2014
Squad

The MRI is a bundle of software exe’s that the geek squad agents run on your PC to fix pretty much all software issues except for full system restores. For instance, some ISOs, such as the Geek Squad MRI version 5.10.2 ISO file however, contain an initial multi-boot menu where you can run other utilities and boot files, besides WinPE-based OS's. If you wish to run this type of ISO file from an E2B Removable USB drive and get the initial boot menu, you can use a.mnu file such as the one below.

Never
MriGeek squad mri pe
Not a member of Pastebin yet?Sign Up, it unlocks many cool features!

Geek Squad Mri Software

  1. Ollydbg -> included with this tutorial ( easy to find, but I have lots of plug ins)
  2. BE.HexEditor -> easy to find
  3. PE Explorer -> included with this turorial
  4. Windows 8 ADK -> download from microsoft
  5. EZBoot -> included with this tutorial
  6. UltraISO -> on the mri disk
  7. I suggest cracking in xp. 7 32 bit is possible, but takes alterations to the os itself.
  8. Unpacking these would be another tutorial in itself which I will do later.
  9. (1)MRI.exe alot of changes here.
  10. In Resource Hacker
  11. Resources
  12. Bitmaps 133,165,176,177,225,241,242,250,267
  13. Icon 1,2,3,8,9
  14. Make sure the size, bit, and everything matches. I dumped all the resources then delete the ones I didnt need and checked that way. Search in Resource hacker and find Geek, Best, replace with the text you want.
  15. Edit the Version info too. Take out the expiration line by changing the expiration line in dialog 100 from WS_VISIBLE to WS_DISABLED.
  16. In Ollydbg
  17. Finding the date you follow getsystemtimeasfiletime and follow it thru testing the cmp and test commands.
  18. I find that it is right after the call to initcommoncontrols there is the test eax,eax then a jump if equal.
  19. We are going to change it to jmp instead of je. That kills the expire date.
  20. Right Click in the code window and click search for -> all refrenced text strings. SCROLL TO THE TOP AND CLICK THE FIRST ONE!!! Always scroll to the top when searching. Right click on it and click search for text. We are looking for the words geek, best, gslink, so we do them one at a time. Make sure to uncheck the case sensitive. The first thing we find is a registry key. softwaregeek squadmriwinpe . right click and search next. or control L to do the same. After a
  21. few more registry keys, we come to the call
  22. ping.geeksquadcentral.com mangle this however you
  23. like. Double click the line and right click follow in dump Immediate . Then right click the dump box and click
  24. text -> unicode 32 char. Turning the . between l and com into another character is probably the easiest way of
  25. doing this. Highlight and right click the dot and go to
  26. binary -> edit. Change the unicode value to 1. Go back to the
  27. text strings and right click search for next or control L. More registry keys. Keep Searching till the end. I would change the registry keys and directories, but I don't want to
  28. effect anything else, so I leave those alone. Do not change
  29. the length of anything you edit. This will corrupt the
  30. pointers and cause it to not run anymore. After you reach the
  31. end, go back to the top and search for the next word until you have edited all the screen text and attempts to reach
  32. out. When you are done, highlight the dump window by
  33. scrolling to the top of the code and click the first byte and
  34. hold, then hit the end key and it will all be selected. Right
  35. click and copy to executable file. I suggest renaming it every save. One wrong change and you go back to scratch. Hit the
  36. m button on the toolbar to bring up the memory usage interface. mri.exe has 5 sections. The first is very small
  37. this is the pe header. It tells where the code starts,
  38. resource section is, entry point to the program... Take the size of the .txt section end here it is 171000 plus the 1000 from the pe header is 172000. You need this for the next part.
  39. In BE.Hex
  40. Search for ff6600 as hex, click edit and copy it as hex. copy 00 66 ff from a text box anywhere and paste hex it in.
  41. f3 to search for the next one and paste hex till you go over the size found in ollydbg.--> 172000.
  42. All the colors should now be dark blue.
  43. (2)Face.exe
  44. In Resource Hacker just the version info.
  45. In Ollydbg
  46. Same as for the expiration in mri.exe. but this time we search for SetWindowsHookExW . 2 je's down we set it for jmp.
  47. That takes care of the date. Face updates using links from either gslink.us or amazon. So dont take out both.
  48. Not much more to change the text. Remember to scroll to the top in the dump window , select the first byte, hit the
  49. key to select the whole window right click and save or changes will be lost.
  50. (3) Fmod.exe
  51. In Resource Hacker just the version info.
  52. In Ollydbg
  53. We search for SetWindowsHookExW . 2 je's down we set it for jmp. That takes care of the date. Do the same searches for referenced text strings you did in mri.exe. Not much to change.
  54. (4) ProcessAnalyzer.exe
  55. In Resource Hacker
  56. Change the version info.
  57. In Ollydbg
  58. We search for SetWindowsHookExW . 2 je's down we set it for jmp. That takes care of the date. Do the same searches for referenced text strings you did in mri.exe. Not much to change.
  59. (5) StartupManager.exe
  60. In Resource Hacker just the version info.
  61. In Ollydbg
  62. We search for SetWindowsHookExW . 2 je's down we set it for jmp. That takes care of the date. Do the same searches for referenced text strings you did in mri.exe. Not much to change. Many registry keys.
  63. (6) SystemUpdater.exe this is used in Geek Squad's Customizer too.
  64. In Resource Hacker just the version info.
  65. In Ollydbg
  66. We search for SetWindowsHookExW . 2 je's down we set it for jmp. That takes care of the date. Do the same searches for referenced text strings you did in mri.exe. Not much to change. This does download xml like face.exe did. Don't touch the amazon ones if you want to be able to update.
  67. (7) GsCommon.dll
  68. In Resource Hacker just the version info.
  69. In Ollydbg
  70. No expiration date. This one does ping geek squad.
  71. Do the same searches for referenced text strings you did in mri.exe. Many to change. Many registry keys.
  72. (8)GsLang.dll
  73. In Resource Hacker
  74. Change the version info. Take out the Toolset EULA by changing the expiration line in dialog 121 from WS_VISIBLE to WS_DISABLED. Its orange. It has to go. Change CONTROL ', 1036 to WS_DISABLED from WS_Visible. That will take out the build and expire dates from showing in the help menu.
  75. (9) GsSkin.dll This is the Ribbon Bar and the graphics in the sub- programs. 50-60 changes in this file.
  76. In Resource Hacker
  77. Change the version info.
  78. Export the PNG, Bitmaps,and Icons.
  79. Remember to keep the sizes, pixel depth, and other settings.
  80. Replace the same way you did in mri. The PNG's take too much work to do in resource hacker, so we use PE Explorer. I probably replace more then I need to here, but by this time I'm at the point if it looks orange, kill it. There is also
  81. rgb colors in the style_xml , so after saving in pe explorer, reopen in resource hacker. 255.102.0 that is the same as
  82. ff6600. so replace away. there is also gradient, so I usually reverse all the numbers. Some are ok, like 228,228,228 but 255,148,0 255,128,0 255,96,0 I would reverse. just subtract from 255. 255,96,0 would give you 0,159,255 for example. Search for 255, 102 .This will find many, but I just scroll down and look and use the search to make sure I didn't miss anything.
  83. That finishes the main programs, but we are not done yet. There is still opera start boxes and favorites, the screensaver
  84. and backgrounds, and ezboot.
  85. (10) Opera
  86. This one is easy, just browse the mri disk into
  87. web browsersoperaand run opera. Click the x on the speed dial
  88. boxes. Then click the wrench/screwdriver settings button and click the history clock. Right click and delete on the
  89. folder named 'older'.
  90. (11) MRIPESHL and MountOs is in boot.wim. This contains the running windows pe environment. You will need windows 8 adk.
  91. Boot from the mri disk. Choose x86. Copy mripeshl.exe and mountos.exe from the windowssystem32 directory to
  92. a thumb drive in a x86 directory. Run regedit.exe. Edit hkey_current_usercontrol panelcolors the active title
  93. and gradient active title colors. Copy x:windowssystem32configdefault to the thumb drive also. Do this again for the x64 but save the 3 files in a x64 directory. MRIPESHL and MOUNTOS will need to be unpacked and version info changed in both. The screensaver is a bitmap in mripeshl as well. In the
  94. sources directory there are 2 subdirectories called x86 and x64. copy the boot.wim from x86 to your c drive. Open the Deployment and Imaging tools prompt in the adk. make sure your on the root of c. mkdir mount then Imagex /mountrw boot.wim 1 c:mount . Now you can edit the files in boot.wim by going to c:mount. Change the mripeshl , mountos, and default files with the ones you saved to the thumb drive and edited. Change the background images in windowswallpapers .Check the sizes for each name.
  95. Imagex /commit /unmount c:mount will save your changes.
  96. Copy the boot.wim back to the x86 directory in the sources directory on the mri disk. Now repeat that for the x86.
  97. Mripeshl and mountos seem to be the same, but the active title and gradient title had diffrent colors in default
  98. in each version.
  99. (12) EZboot
  100. EzBoot 5.0.6.472 is required. Anything later will cause dell pc's and a few others to not boot from the disk. Browse to the mri disk files ezboot directory and edit each. layout , text, menu and misc tabs are all used in some files. Edit each of the files. There are 13 as of 5.8.1 .
  101. You are done editing. Now just use ultraiso and copy the changed files back into a copy of the original iso, save and burn.
  102. If you copy the whole Web Browsers directory, it will rename it web_browsers and opera will not run from the link.

Geek Squad Mri Hud

RAW Paste Data

  • Full linux distros on Sailfish OS (142)

    to SailfishOS by levone1 - 2 hrs, 16 mins ago

  • Phone Camera Competition May 2021: 'spring is here' (10)

    to General by Maemish - 4 hrs, 34 mins ago

  • Unofficial Storage for camera phone competition... (64)

    to General by Fellfrosch - 5 hrs, 45 mins ago

  • Nokia RX-83 Canvas (0)

    to Competitors by n950 - 7 hrs, 45 mins ago

  • Sailfish OS future (34)

    to SailfishOS by epninety - 1 day, 1 hr ago

  • Next SFOS handset? Xperia 10 II - Reviewed by gsmarena (9)

    to SailfishOS by Jedibeeftrix - 1 day, 4 hrs ago

  • Nokia FW servers dead (138)

    to MeeGo / Harmattan by tvandorffy - 2 days, 1 hr ago

  • Sailfish OS on Sony Xperia Tama devices (XZ2, XZ2c, XZ3) (222)

    to SailfishOS by rinigus - 2 days, 1 hr ago

  • Maemo-Leste pre-alpha announcement (517)

    to Maemo 7 / Leste by freemangordon - 2 days, 4 hrs ago

  • Will SFOS 4.1 be installable on an Xperia 10 ii updated to Android 11 (1)

    to SailfishOS by Jedibeeftrix - 5 days, 8 hrs ago

  • WTS Nokia n900 boxed (0)

    to Buy & Sell by tomislav - 6 days, 8 hrs ago