Is this memory resident, i cant seem to find it if it runs in the background or not. That is with windows taskmanager. And if its not memory resident, how can it kill the thread (activationfactory)? Thanks for sharing anyways.
Thanks, HEAPS!!! Also if it's able to find and close the thread once then it wont try again until the next time you boot up your OS, so you don't need it to be resident in memory the whole time, and if you forget to run it once, it wont matter - but you will have to reboot or close explorer before running it again, it's stops the activation watermark showing up, it doesn't destroy it once it's visible. ALSO because it's not in active ram, if your explorer crashes or you close it, you will be required to re-run the thread killer. I sent you a PM requesting source code, I really only wanted to see how you managed to do it as I was a lucky KMS Activation user and I've seen all the different approaches we've all been doing (in this thread). I share my own source code for every project I do, but I understand if you want to hold on to yours for whatever reason. -EDIT- This is compiled for x64 only, would you mind checking the memory offset and compiling a x86 one too, or making a x86 compiled one that will work for both architectures would be even better. Not complaining mind you, we have woot332's solution for x86 and your x64 one, just would be nice to make this as simple as possible. -EDIT- I have x64 running in a VM and tested it's results in Process Explorer, it's gone as hoped, will leave machine running for 4 hours so I can test for any side effect I'll be back to report then.
Possible to convert a bat file to an EXE and name it explorer.exe, have it run the thread killer and start explorer.exe? So any time explorer was run it would kill the thread automatically? Or not possible.
It's not memory resident, it just invoke some native functions and kill thread, just it. I'm installing pro x86 right now on a VM, so I can check on it. When I see it's done, I may release source too. One more thing, did anyone managed to remove the watermark on the bottom of the screen? I read someone talked about DrawText function, I tried hooking it but didnt managed to get the watermark strings.
Ok will check later. New version guys. It seems to work on both x86 and x64 Pro. As always, just run it. sendspace .com/file/ah92kb
Hmm a thread killer was my first try but did not work so well on other machines. If will try to modify mine 2. If it works its always better than just patch the whole dll
Yes, it should work as the same. My objective was to not modify any of the windows files, so killing the thread was the best option.
New icon, courtesy of LiveFreeDead sendspace .com/file/rixigz I can also make the program copy itself at the first run if anyone want.
I see no problem of it self copying to StartUp folder, anyone have a problem with that? Quite convenient I thinks. -Edit- As for people who wanted to replace Explorer.exe with a calling app, that would be a VERY bad idea to try, many apps use explorer.exe to do many things & to get resources, yeah you might be able to pass on the command line arguments etc, but it's not worth it, most users don't close explorer and those of us who do can remember to run this tool to disable the thread again, I'd rather have it non-resident in memory, if your serious about having it fully hidden, make a simple AutoIt script that always runs and every 20 minutes or so just make it run it again, you can run it as much as you want without any problems, so if we need this, it can be done, I just don't think it is needed.
@ sephirothrx7 I think I know how you're killing the thread if it's anything like the code I've got. You'd be using CreateToolhelp32Snapshot to look at the modules and threads belonging to a process, getting the name of the thread and then killing it. The only issue is that the executable must be 64-bit because you can't retrieve 64-bit modules when the caller is a 32-bit process
Daz mate, he already compiled a x86 version that works on x64 , with this guy, don't say can't -EDIT- Love the new icon, when I placed it on my black wallpaper he was hiding until I clicked on it and the highlight silhouette of the ninja jumps out. he he he
The current one listed with an icon is a 64-bit application, not 32. You'd have to have 2 versions of the executable to do it via WinAPI.