In computers as well as life, some of the most minor and nitpicky annoyances can be a real hassle to fix. And if, like me, you sometimes have an irresistible tendency to get to the bottom of a problem, you can end up spending way too much time on something utterly inconsequential.
So it was with my computer’s new hard drive and new (Windows XP) OS. Probably because I have an old motherboard, the new OS installation sees this computer as being non-ACPI compliant, and the only way I might be able to fix that would be to reinstall again, which isn’t worth it considering the trouble I went through installing it the first time around. Besides, the only real consequence of the ACPI issue is that when I shut the computer down all the way, I have to shut down Windows and then turn off the computer switch on the case. Not a big deal, really — except I found myself annoyed by a very odd detail — the display of the phrase, “It is now safe to turn off your computer.”
I don’t mind being saddled with the annoyance of having to push the button, but something about the presence of the mini-lecture added to the process each time made me want to engage in vandalism. I thought it would be an easy thing to find the phrase and change it.
Think again. After way too much research into a very unfamiliar area, I learned that it’s not text, but a sort of image known as a “resource.” And that is located inside a vital part of the operating system called the kernel. This takes the form of a file called ntoskrnl.exe and it isn’t designed to be trifled with. You mess it up, and your computer will be rendered unbootable.
However, in the process of learning about this, I discovered a cottage industry devoted to “kernel hacking.” The ntoskrnl.exe file is the location of the Windows XP bootscreen image, and there are several ways to edit this image and replace it with a variety of alternative images.
And the alternatives abound. (There are hundreds, if not thousands, and if you don’t like them you can make your own. However, if you insist on making your own image the old-fashioned way, you need to follow detailed instructions using a hexadecimal editor like this.)
For some, the trouble seems to be well worth it.
The truly paranoid, for example, might want to imagine (or make their friends imagine) that they’re under surveillance by the FBI. And the Masons:
FBIboot.JPG MasonsBoot.JPG
(There’s also one for the CIA, of course….)
Dragons are available for fantasy fans and those who are teenagers at heart. I especially liked these two:
GreyDragonBoot.JPG RedDragonBoot.JPG
And if you like to keep your friends and coworkers guessing (or have the kind of taste people never get tired of), here are two wonderful American trademarks — both located in the wrong place at the wrong time:
WinMacboot.JPG Coke.jpg
(Why do I keep having product placement issues?)
There are different ways to install the bootscreens (the changeable ones are called “bootskins“) — the easiest being to use software which does it all for you more or less automatically (and can be downloaded here).
But none of that satisfied my irrational craving to change Microsoft’s stultifying safety reminder. (Something no one in his right mind would be interested in doing — which means I probably ought to be more concerned with my mental health.)
Sigh.
For the truly dedicated few, there are still plenty of sites dedicated to old-fashioned manual kernel hacking, and at one of them in Germany, I was able to download prehacked German kernels. I found a wonderful piece of freeware called Resource Hacker?, which is described as:

…a utility to view, modify, add, rename and delete resources in Win32 executables and resource files. Incorporates an internal resource compiler and decompiler. Works on Win9x, WinNT, Win2000 and WinXP.

This allowed me to carefully unpack the German kernel, until I found the location of the “It is now safe to turn off your computer” resource. Making a copy of my computer’s kernel (it’s not a good idea to install a strange kernel), I was able to edit the offending “resource” by substituting the German safety command image in place of the English one. Renaming/replacing the ntoskrnl.exe file had to be done in “safe mode” of course…)
So now when I shut down Windows, instead of getting the safety lecture in English, I see this:

“Sie k?nnen den Computer jetzt ausschalten.”

Yawohl!
That’s better!
To explain why would absurdly complicate the simply absurd.