Thanks for the info, but I still wonder if... Thanks for the info nononsence, ..., I still wonder, if we avoid to run the "telltale" apps and maybe, in a future replace the desktop (shell32.dll) via something like AstonShell or some patch Without the permission to run. M$ can't check the licensing status using those apps, right? I believe that if we can deny access to the "telltale" apps, we only need to fight shell32.dll and his gang, and avoid to patch/run the "sugar coated apps" (calc, notepad). BTW exists a full list of the "sugar coated apps", currently I only read that calc, notepad, paint are listed... and all can be replaced, but there is more? Just wondering. Hope you like the terms : sugar coated apps/telltale apps for calc, notepad, paint. Regards
what is the diffrence if the installed calc.exe notepad.exe photoviewer wordpad.exe mspaint.exe controlpanel are patched or repalced you still end up with the nags gone ether you can drag a bunch of replacement apps along with your crack or you can just patch the existing apps.
The perfect replacement for cr*ck Yikes, I found the perfect replacement for the telltale apps and desktop on 7 : Linux ... and now it can run virus via winE Regards & Love!
Something which might be of interest to nononsence or hazar. I see you mentioning that all the nags drill down to using NTQueryLicenseValue in ntdll.dll. Now NTQueryLicenseValue is actually a wrapper to enter into kernel (ring 0) mode, calling ZwQueryLicenseValue. The licensing information actually queried is stored in the registry, located at: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\ProductOptions\ProductPolicy. The format of the data blob can be found with some googling already. I can see two possible approaches here: Hook ZwQueryLicenseValue by writing a driver which patches the Kernel service table (much like a virus scanner driver works) and return the required values. Patch the binary block in ProductPolicy with a tampered blob and use a driver hook to have ExGetLicenseTamperState always return false. That way you would ideally be able to activate without having to patch all the separate dll's and programs to remove nags and it will be possible without touching any Microsoft files. By adding some additional security like driver filename randomization, filesize randomization and possibly obfuscation/encryption it would be hard for Microsoft to determine if the hack is present. It is even possible to return the old kernel service descriptor table to future queries, which 'hides' the actual hook like a rootkit driver does. Obviously the above is all just a theory until it gets tried
Inside the product options data blob indeed most of the information related to your Windows licensing is configured, i.e. what is the max. memory support, number of processors. That is to say most of the differences between versions like Home Premium, Professional, Ultimate etc are determined here. The following values seem of interest (quote from Vista, but I doubt it would have changed much for Win7): Security-Licensing-SLC-ActivationResetCount Security-Licensing-SLC-ActivationResetCountMax Security-Licensing-SLC-CMIDExpirationPeriod (Number of minutes to expiration, def. 43200 = 30 days). Security-Licensing-SLC-GenuineLocalStatus (1 when Windows is Genuine) Security-Licensing-SLC-KmsCountedIdList Security-Licensing-SLC-Reserved-EnableNotificationMode The licensing information is actually so fine-tuned that even separate games can be enabled, i.e. setting "Shell-InBoxGames-FreeCell-EnableGame" to 1. P.S. The forum won't allow me to post the original source url's since my postcount is too low, I can do so later on request though.
thanks for the info, I will look into this but it is unlikely I will publicly post anything activation related to this forum.
Hello all! First post! I trolled this forum for a while before I decided to become a member and I am excited at the wealth of knowledge contained amongst the pages within! Now on to business... I consider myself to be fairly well-to-do with finding out how to do things with computers; however, I find it fascinating the level of dominion some of you individuals have over computer systems. FOR EXAMPLE, how is is that these commands work? I just subscribed to the method outlined here to bypass activation and I am eternally grateful as I can't get 7loader to work with an hp machine and can't seem to find a solution anywhere else. What I want to understand is HOW it works. I'm sure my inquiry will be met with "it's in a sticky" somewhere in this forum and I will feel like a retard for not already finding it in the quick search I made prior to writing this reply...but I have to ask because I can take a little flame if in the end, I get what I'm after. So inb4 "you're a retarded n00b," I am accepting that I am a semi-ignorant n00b and am asking for understanding above all else. Cheers to hazar for this tip! -justjohnny86
I ran these commands a month ago and everything was perfect. Today, suddenly, a "this copy of Windows is not genuine" message appeared on the right bottom corner of the desktop. Am I the only one?
you ould look at the updated version of this... its called removeWAT the thread should be somewhere around here
So what is the code/cmds now for RemoveWAT and what are they doing? I read this whole post, got some ideas, but would like to know what the end result was, not sure I saw that... THANKS