readme.txt

(18 KB) Pobierz 
   _____          __   __ __      ____________  _____    ________
  /  _  \   ____ /  |_|__/  \    /  \______   \/  _  \   \_____  \
 /  /_\  \ /    \   __|  \   \/\/   /|     ___/  /_\  \    _(__  <
/    |    |   |  |  | |  |\        / |    |  /    |    \  /       \
\____|____|___|__|__| |__| \__/\  /  |____|  \____|____/ /______  /
                                \/                              \/
                                           Let's activate later...
Version 3.4.6 for x64 and x86
--------------------------------------------------------------------

How to use:
   Start AntiWPA3.cmd to install/uninstall the patch

What the patch modifies:
   * HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AntiWPA
     is added to Registry

   * File C:\windows\system32\AntiWPA.dll is added


   * HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WPAEvents]
     data for "OOBETimer" is changed {=OOBE}

   * rundll32 setupapi,InstallHinfSection DEL_OOBE_ACTIVATE 132 syssetup.inf
     rundll32 setupapi,InstallHinfSection RESTORE_OOBE_ACTIVATE 132 syssetup.inf
     is executed which will remove/restore WPA-links from the startmenu

How it works:

It tricks winlogon.exe to make it believe it was booted in safemode,thus, winlogon skips
the WPA-Check. The trick is done by redirecting(=hooking) the windows function
(user32.dll!GetSystemMetrics(SM_CLEANBOOT{=0x43}) & ntdll.dll!NtLockProductActivation)
 in memory to antiwpa.dll so winlogon 'thinks' was booted in safemode.
*Note (...because some ppl were concered about): The patch do not alter any
files on harddisk nor the hooks affects any other exe or dll in memory than
winlogon.exe.

The patch auto-runs on each start before the WPA-check via:
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AntiWPA

The hooks are applied when AntiWPA.dll!onLogon is called by winlogon.exe.
The Winlogon.exe file on the harddisk is not altered anymore.
Patching (API-Hooking) is done in memory, so there are no problems with
Windows System File Protection.

Installation is performed via AntiWPA.dll!DllRegisterServer ("regsvr32 AntiWPA.dll").
The file is copied to systemdir and the registrykeys are added.
(Note: AntiWPA.dll is no ActiveX selfregisterdll.)
Uninstallation is done via AntiWPA.dll!DllUnRegisterServer ("regsvr32 -u AntiWPA.dll").



==================================================
   F A Q  - Frequently Asked Questions
==================================================


????????????????????????????????????????????????????????????????????????????????
   How to check if it's really active
????????????????????????????????????????????????????????????????????????????????
check if antiwpa.dll is loaded
enter in console (cmd.exe)
   TASKLIST /M /FI "MODULES eq antiwpa.dll"
Check and see if you have the Process Winlogon.exe as output
Forward date & reboot(or just Re-Login) to be really sure.


????????????????????????????????????????????????????????????????????????????????
   Antiwpa.dll is loaded but it's still not working
????????????????????????????????????????????????????????????????????????????????
Don't be too much concered about the activation days counter.
If you forwarded date about 1 year & reboot and don't get any bad
message on login antiwpa3 is working.
Else get the debug version of Antiwpa install it and report about
your observation in the forum. It will help to narrow down the
problem & fix. You may also prepare some remote desktop connection
and send me a email so I may debug the problem on your machine.
And at last try out antiwpa2.


????????????????????????????????????????????????????????????????????????????????
	I get the evaluation period has expired -
	the computer will be shutdown into 1 hour.
????????????????????????????????????????????????????????????????????????????????
That is Windows Trial counter
Try NT Tweak Downloadable at http://free.pages.at/antiwpa/Other/TweakNT_1.21.zip

Try to remove the timebomb, I have used it many times and it works great.

If you are going to reinstall windows you can also
remove evaluation period from the setup-files:

0. copy files to Harddisk
1. on some running windows (2k,XP) start regedit.exe
2. set cursor on HKEY_LOCAL_MACHINE
3. Menu: File\'Load hive' and open [WINsetupdir]\i386\'SETUPREG.HIV'
4. enter 'tmp' as new hive name and navigate to
HKEY_LOCAL_MACHINE\tmp\ControlSet001\Services\setupdd
click on (default) and fill/overwrite it with 16 x '00' like that
'00 00 00 00 00 00 00 00'
'00 00 00 00 00 00 00 00'
5. navigate to HKEY_LOCAL_MACHINE\tmp and File\'UnLoad hive'

All details are there:
http://antiwpa.btwarehouse.org/forum/viewtopic.php?t=2&start=0&postdays=0&postorder=asc&highlight=setupdd



????????????????????????????????????????????????????????????????????????????????
   Antiwpa3 don't support windows vista - is there a other patch ?
????????????????????????????????????????????????????????????????????????????????
So far i've not created any real good solution:
Well there is a patch for slc.dll (Software Licensing Client) antiwpa-vista_v1.2.zip
but it may cause unwanted sideeffect on other licenselimitation and it's heavily version
 depending.
One way can be to edit the underlaying licensedata:
The data of the values slc.dll!SLGetWindowsInformationDWORD querys are stored under
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions [ProductPolicy=]
http://antiwpa.btwarehouse.org/forum/viewtopic.php?t=211
which might offer to remove other limitation as well

Or just a classic patch of winlogon.exe - as antiwpa2 did. To get rid of the WPA-Check at
logon that will be the best way without any sideeffects.


????????????????????????????????????????????????????????????????????????????????
   I have Install AntiWPA 2.00. Should I uninstall it to update?
????????????????????????????????????????????????????????????????????????????????
They both work well. They both �target� the same function in
Winlogon.exe, so it�s running well - don�t touch it (Never touch a running system.)


????????????????????????????????????????????????????????????????????????????????
   Do I have to reinstall every AntiWPA 3 after I've installed a servicepack ?
????????????????????????????????????????????????????????????????????????????????
No, you don't need to. The patch isn�t undone by service packs anymore.
Since it doesn't modify winlogon.exe, it's no problem if winlogon.exe is
replaced by a new version.


????????????????????????????????????????????????????????????????????????????????
   What is the difference between AntiWPA 2 & AntiWPA 3?
????????????????????????????????????????????????????????????????????????????????
AntiWPA 2 directly modified winlogon.exe (on hard disk) to make it skip
over the product activation check.
AntiWPA 3 intercepts (in memory via API-Import-Hooking) winlogon.exe's request to
the OS whether Windows was booted into Safe-Mode or not.
It makes the OS always return "yes", even if Windows is running in 'normal mode',
winlogon is thinking it's running in safemode and skips the product activation check.
I advice to use antiwpa3 because it is easier to use and 'servicepack-resistent'.

To be complete there is one thing to mention (please ignore if you understand):
Code inside Winlogon:
   If GetIsInNormalMode() then          <-Attackpoint of AntiWPA3
      If DoWPACheckAndReturnIfSucceed() <-Attackpoint of AntiWPA2
         Everythings all right! Go On...
      else
         Stop due to WPA-Error
      EndIf
   else
      It's safemode WPACheck! Go On...
   EndIf
   ...
as you see AntiWPA3 depends of some specific programming logic.
So if there is just 'If DoWPACheckAndReturnIfSucceed()' without
'If GetIsInNormalMode()' in front AntiWPA3 won't avoid activation call.



????????????????????????????????????????????????????????????????????????????????
   How do I integrate it into Windows Setup?
????????????????????????????????????????????????????????????????????????????????


That solution was given by [fs].  Thanks for sharing it! Original thread:
http://antiwpa.btwarehouse.org/forum/viewtopic.php?t=116


Open [Setuppath]\I386 (use it in following as workdir)

create a file called "SETTINGS.INF" Put this info in it:
>>>
[Version]
Signature=$CHICAGO$

[AddReg]
; This tells XP setup to process antiwpa.inf at 13min from finishing installation
HKLM,"SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx\Infs",1,,"rundll32 setupapi,InstallHinfSection DefaultInstall 128 ..\Windows\AntiWPA\antiwpa.inf"
<<<

open TXTSETUP.SIF
and add the follow ...text... under the following [section]
(if you add the text at the beginning, the middle or at tbe end don't matter
 as long it stays inside that section)

[WinntDirectories]
...
; this creates a temporary folder called antiwpa in %windir%
140 = AntiWPA
...

[SourceDisksFiles] enter these lines:
...
; this file gets copied to temp location %windir%\antiwpa
antiwpa.dll  = 1,,,,,,,140,0,0
; this file gets copied to temp location %windir%\antiwpa
antiwpa.inf  = 1,,,,,,,140,0,0
; this file stays on CDrom, it only used to load antiwpa.inf
settings.inf = 1,,,,,,_x,,3,3
...


[HiveInfs.Fresh]
...
; this loads settings.inf at the end of XP setup in DOS mode
AddReg = settings.inf,Addreg
...


create a file called "ANTIWPA.INF" and put this info in it:
>>>
[version]
signature="$CHICAGO$"

[DefaultInstall]
CopyFiles = AntiWPA.Files
AddReg    = AntiWPA.Reg
RegisterDLLs = ANTIWPA.REG.DLL

[DestinationDirs]
; 11 = %windir%\system32
AntiWpa.Files.Inf = 11

[AntiWPA.Files]
AntiWPA.dll

[AntiWPA.Reg]
; This step is optional, when enabled it removes Activation shortcut in startmenu
HKLM,"%RunOnceEx%\install01",...

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin