Continuing to love you day by day. More mature person aswell as polite :O. Your present is the thing you wanted Hazar. No more nagging. Results and comments every OTHER day takeown /F %WINDIR%\System32\sppcomapi.dll icacls %WINDIR%\System32\sppcomapi.dll /deny *S-1-1-0:F Explain each word to me and what it does.
Haha ok Brandon the first command takeown, takes ownership of the file so I can change permissions like I do in the next step. the icacls command: icacls is the windows ACL editor, or permission changing thing to you and me. I tell it to deny everyone access to sppcomapi, it is equivalent to: icacls %windir%\System32\sppcomapi.dll /deny EVERYONE:F But I used a SID (security identifier) instead so I did not rely on the English word. This deny command stops anything from altering the file or reading it, so no patching from updates whilst also rendering it useless sppcomapi controls most of the software protection platform functions, so nullifying this DLL disables it all. Hope this helps
Must do. Its an important contactable DLL due to the financing aswell. If the script doesn't run MS don't get accurate readings of successful activations so therefore logs an error. Will test in VM later. On the other hand, if its been denied access then the script isn't running because its "not there" so may not error but Windows may just turn a blind eye. Lastly, Windows may think uh oh, no DLL so it tries to fix it. Then it is "visible" again when its trying to be replaced because the file is there. @Hazar EVERYONE:F Whats the F do?
As far as the OS is concerned that DLL is there but it cannot touch it. F means full control, meaning it denies everything (read, write, execute, set permissions etc.)
This method will not pass WGA since the Validation Status will either be Notification or if you remove the product key Validation Status will change to Invalid License. For proof try installing MSE, though it as an older version of WGA v1.9.9.1 it will not pass validation.
ok I finaly started getting the nags for notepad.exe and wordpad.exe the fix for notepad goto offset 2442 and change 7C 1B to EB 1B there is also a notepad in syswow64 rename for now Ill patch it tomorrow. post any other apps that pop nags and Ill add them to the list
the fix for the notepad.exe in SysWOW64 is 1B90 from 0F 85 94 35 00 00 TO 90 90 90 90 90 90 1B9C from 0F 84 88 35 00 00 TO 90 90 90 90 90 90 Paint and Calculator have been add to the list of apps that need to be exorcised
Hi all! This is my 1st post here and I start with a stupid question If we can undo this cr**k with this command: icacls %WINDIR%\System32\sppcomapi.dll /grant *S-1-1-0:F ,then why MS should not be able to do it with an update?