Filed under: OS Updates, News, Microsoft
Windows 7 RTM "improved" activation bypassed by hackers
Things have been fairly quiet for a while. Microsoft's anti-piracy team had cooked up WAT - Windows Activation Technology - in hopes that it would prove more successful at thwarting unlicensed Windows use than its predecessor WGA. And so began the latest round of cat-and-mouse with pirates. "You've got a better activation system? We'll build a better crack," is how the game usually plays out.
It should come as no surprise, then, that there are two new activation bypass tools spreading like wildfire on the Internet. Called RemoveWAT and ChewWGA, the apps provide one-click patching of Windows 7 RTM installations.
Microsoft, of course, has promised a speedy response. Still, once a system is patched and a user shuts off Windows Update, there's really not much Microsoft can do - or is there? Maybe they know something we don't.
[via CNet]
So, just how good at time waster games are you? Think you've got the stuff? Well, The World's Hardest Game 2.0 doesn't think you do.
Yes, amazingly, it's possible to have a sequel to a game called "The World's Hardest Game". It doesn't seem logically possible, since if the first one was actually the world's hardest, how could another one come along and share the moniker? It made me doubt the name in the first place. That is, until I tried the game.
The mechanics of the game are very simple. You are a small red square, ...
Reader Comments (Page 1 of 1)
Rob said 3:00PM on 11-14-2009
The last paragraph is assuming a lot about the patch. There is a service in 7 called software protection that manages the license and checks to make sure that there are no hacks. NOTHING ELSE checks this. If the patches mess with the service itself, MS is without recourse even if somebody does nothing else (turning off windows update won't matter at all) to avoid detection. If it doesn't modify the software protection service, MS could still revoke the false license through the SP service.
Reply
r3loaded said 4:23PM on 11-14-2009
I have the feeling that several Windows components such as winlogon.exe have various hooks into the Software Protection service, that interact in unpredictable ways, as well as there being various other integrity checks. Patching/disabling the service isn't as easy as it sounds.
Meh, if you need a few copies of Windows 7, just get a TechNet subscription and enjoy a hassle-free experience with a great OS! :)
Luis Camino said 3:03PM on 11-14-2009
and who would want to shut off windows update anyway?
Reply
casey said 3:16PM on 11-14-2009
Re: and who would want to shut off windows update anyway?
to
Well... to be honest... Windows 7 already seems far more atable than Vista or Xp.... So I would assume that Windows Updates are not crucial for Windows 7 to operate much better
Reply
Gav said 3:36PM on 11-14-2009
Security?
kojo87 said 1:17AM on 11-15-2009
@Casey: the fact that anyone who reads this blog actually thinks that way boggles my mind. do not change your car's oil either?
Philip said 3:28PM on 11-14-2009
ChewWGA is the best ramoveWGA just renames files makeing it worthless
Reply
Evenio said 7:23PM on 11-14-2009
Candidate for image caption: "LOL WAT"
Reply
Gilbert Palau said 9:15PM on 11-14-2009
In Windows 7 and Windows Server 2008 R2, hackers attempt to block access of Windows Activation Technologies, comprising of SPP (Software Protection Platform) and SLC (Software Licensing Client), which manages and handles licensing and activation matters on the operating system to the core components or files which are required for its operation. By blocking, preventing, removing and disabling access to or loading of the activation and licensing related system files, SLUI will fail to start, causing activation been circumvented and Windows does not need to be activated anymore, for forever and permanently.
For example, the commands that been used to restrict access to Windows Activation Technologies (WAT) system files are:
takeown /F %WINDIR%\System32\sppcomapi.dll
icacls %WINDIR%\System32\sppcomapi.dll /deny *S-1-1-0:F
Where sppcomapi.dll is the library which controls most of the SPP functions, so nullifying this DLL disables all activation and licensing related functions. And as the activation functionality is disabled completely, the activation grace period (for free evaluation) does not matter anymore, although it may still continue to counting down to 0 days.
The crack is possible probably due to leniency allowed on the part of Microsoft on activation mechanism to avoid getting too many false-positive or complaint on activation error. However, by disabling and turning off the activation component of Windows 7 or Windows Server 2008 R2, after the free trial evaluation activation free period of 30 days is expired, nag screen to notify and remind user to run genuine Windows and activate Windows 7 may appear from balloon tip at notification system tray, or when launching to run NotePad, WordPad, Calculator or even when opening Control Panel. Besides, there may be desktop watermark of this copy of Windows is not genuine appearing at four corners of the screen, and system cannot pass WGA (Windows Genuine Advantage) validation which requires prior to install non-critical updates from Windows Update and some certain programs in Windows 7, such as Microsoft Security Essentials.
Thus, various hackers have came up with tools or utilities which deals with all “side-effects” that follow after activation scheme in Windows 7 or Windows Server 2008 R2 is disabled and removed, so that Windows OS will continue to operate as it should (no automatic log off or shutdown), no nagging pop-up messages, no use genuine Windows or activate Windows now notification dialog box, and most importantly, pass WGA validation and permanently no product key required to activate the system.
Currently, two leading Windows 7 non-loader crack is RemoveWAT and Chew-WGA. Both tools initially start with different approach, but have since used rather similar crack method, as bugs are discovered and fixed. Another crack tool, Win7X Genuine Updates (Win7XGU) does not fully automate the process by requiring users to perform several steps to get genuine status, further signifies how difficult for hackers to tamper with Windows licensing system.
RemoveWAT, developed by Hazar and nononsence is a Windows 7 crack that completely removes Windows Activation Technologies from the system so that users can validate the illegal pirated copies of Windows 7 as genuine status (some reported as “Tampered Binary” in MGADiag due to patching), forever and permanently. RemoveWAT supports both 32-bit (x86) and 64-bit (x64) and all editions of Windows 7 and Windows Server 2008 R2.
RemoveWAT, which has been refreshed to RemoveWAT v1.9, also stops sppsvc service and patches DLL files such as slwga.dll, sppcomapi.dll and systemcpl.dll, where the last one removes the whole Windows activation section from the Control Panel’s System Properties. RemoveWAT also support silent install with /s switch, and can be integrated to Windows 7 or Windows Server 2008 R2 installation DVD.
Chew-WGA is a similar Windows 7 crack which is designed to test the security resistance of various software protections built into Windows 6.1.x operating systems. It works by restraining certain components of the software protection platform. Other than restricting access to sppcomapi.dll file, Chew-WGA also patches many SPP related files.
Chew-WGA, which currently updated to Chew-WGA v0.9, will make the system to return activated status, and Windows is activated message is displayed in Control Panel’s System Properties.
As crack based on removal of activation component involves patching, changes and modification to many system files, it’s likely to be easily detected and nullified by Microsoft, especially in next WGA update or Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2. In fact, Software Protection Platform (SPP) has been effectively to counter unauthorized edit of system files, which may result in features or functionality of Windows been deactivated, reduced, disabled or removed, causing various error message when user wants to perform certain action. Thus, the cracks should never be executed on a system intended for continual use, and should only be used to extend the evaluation period to avoid reinstallation. In fact, to use Windows operating system any longer than 30 days, users should purchase a license.
Reply
sida said 11:40PM on 11-14-2009
the above comment is an article from mydigitalrip
http://www.mydigitallife.info/2009/11/06/removewat-or-chew-wga-bypass-activate-windows-7-and-server-2008-r2-forever-loader-alternative-to-remove-disable-activation-technologies/
Gilbert Palau said 11:43PM on 11-14-2009
Goldstar for you!
NotRocketboy said 1:18PM on 11-15-2009
You know what? If it's an essential piece of software that my computer will not run without, I don't have any issues paying for it. Back when I didn't have much money, drove a crappy car, lived in an apartment, paying for college, sure, it was hard to make that justification. But as an adult, an OS has value to me. And I don't mind paying for that value.
Reply
Ishar said 7:49PM on 11-15-2009
Well, No need to crack Windows 7 RTM, you can obtain free version of Windows 7 RTM from Microsoft. Use your brain, you'll get chance to use it forever for free, legally.
Reply
michel said 10:55AM on 11-16-2009
Please do inform us. But only if it installs once, works, and needs no extra maintenance or attention. As well as using my brain, I use my computer - I don't play with it.