WIn XP Hack

Contents:

1. CIACommander
2. WpaKill
3. Activate
4. Enable Updates
5. Windows Genuine Validation Bypass


-=========== ========= ========= ========= -
Windows 2003 & XP & LH
Anti Product Activation Crack 2.0.1
-=========== ========= ========= ========= -

The crack will patch some bytes in your
winlogon.exe and totally disable the
Windows Product Activation Check.

Tested with winlogon.exe build:
Windows XP 2600.0 (Retail)
Windows 2K3 3790.0 (Retail)
Windows XP 2600.2180 (SP2 RTM)
Windows XP 2600.1106 (SP1)
Windows 2K3 3790.1218 (8.7.2004)
Windows Longhorn 4008 or 4015(not tested by myself)

This version uses a generic patch engine
which supports all current version of Windows
and hopefully all future ones. :)


The Options
===========

1. Read all about the options.
2. Don't change anything you without a reason.


* Apply OOBE Fix
This applies the Out Of Box Experience ->OOBE Patch
which removes the 'Activate Windows' link from the
start menu and makes the Activating Windows Dialog
saying 'Already Activated'

Note: This is more a cosmetically fix and really not
needed for the patch to work properly.


* Apply WPA Fix
This removes the WPA-Check in Winlogon.exe.
If you want to get rid of the Windows Activation
this MUST be Enabled !
Disable this if you just want to undo the OOBE-Fix.

Note: However you can use this program also to
decrypt and unprotect other MS-Files
like DPCDLL.dll or LICDLL.DLL. So if you
do so disable this option.


* Remove selfcheck blocks
If you press the 'Apply' Button the self checks are always
disable by 'correcting' the pointer.

This option will additionally overwrite the self check block
calls in the program code with the Value 90 (NOP=No OPeration)
and will improve the readability of disassembly.

Note: This option is absolutely not necessary for the patch to work.


* Remove crypt blocks
This will decrypt the crypt program parts of the input file and
write them back to into the exe and do some other fixes to keep the
File executable. If you want to disassemble the file enable this one.

Note: This option is absolutely not necessary for the patch to work.


* Debug: Save decrypted code to *.bin
Writes each decrypted program parts into a file with the
address as filename looking like this: 2C18D.bin, 3678B.bin...


* Debug: Save decrypted code to exe
Writes each decrypted program parts back into the file.
If the option 'Remove crypt blocks' is not check just the decrypted
RAW-Output is written into the exe. (After you enable this you
have to right click on 'Apply/Browse' and open the file you want
to decrypt)

Note: This option is dangerous!
Without having 'Remove crypt blocks' option enabled this will
make crash the input file crash for sure.
This option is absolutely not necessary for the patch to work.


* Debug: Verbose Output
Output Debug information
This may be helpful to identify some problems.


============ ========= ========= ========= ========= ==
F A Q - Frequently Asked Questions
============ ========= ========= ========= ========= ==

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????
I after I have installed a Service pack an the Activation the
Activation Reminder ?counting down the days -is show again.
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????

You must reapply the patch every time after you installed a servicepack and
everything will be fine :)

Note: The Patch don?t ?activated? Windows it only removes the check in winlogon.exe
which test if windows is activated or if it?s still in the evaluation period
and force you to logoff if something is wrong.

When you install a servicepack winlogon.exe is normally overwritten by a new
Not patched Version. So you need reapply the patch?
Usually the servicepack reset the trial counter so it will restart at 30 days.

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????
I can?t start patch because my evaluation period expired and
Now I?m unable to login.
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????

You can still login in safe mode even if your evaluation period expired.
Press F8 right after the Bios boot screen and select Safe Mode
(Without Network support) menu now windows should boot in safe mode and you can
Login and apply the Anti-WPA-Patch.

Note: Since no Network support is available in safe mode no Internet or Network
Is available so it?s good to have the patch somewhere on the hard disk or on a
floppy disk?
If you select Safe Mode (with Network support) you are unable to login due to
Activation is necessary.

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????
I want to change my CD-Key - but msoobe.exe also says
'Already Activated and don't show the Activation Dialog
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????

Enable option 'Apply OOBE Fix' and
Disable option 'Apply &WPA Fix' -to keep the WPA-Patch active-
then click on the 'Restore Backup' Button

PREVIOUS VERSIONS:
Start regedit and go to
HKLM\SOFTWARE\ Microsoft\ Windows NT\CurrentVersion\ WPAEvents\ [OOBETimer]
Edit this and set Last Byte to FF.
Start this -if the Activation are delete- to show the Activation dialog:
%SYSTEMROOT% \system32\ oobe\msoobe. exe /A

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????
Is it possible to integrate WPA_KILL.EXE in the WinXP setup-routine?
I have a WinXP pro setup CD (sp2 integrated).
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????

Integrating the AntiWPA Patch in the Windows Setup:

1. Extract [WindowsSetupDir] \i386\winlogon. ex_ to a temporary Dir.
(Winrar or winace will do the job - or rename it to winlogon.cab and
double-click on it - to use the build-in WindowsCabExtract)

2. Apply the WPA Crack to the file.
Right click on 'Apply/Browse' and choose the file.
(To unlock all buttons of the WPA-Patch right click on 'Quit')

3. Repack winlogon.exe an put it back in the installation folder
Use Winace (and choose MS-Cab as compression method) and name
the packed cab-file winlogon.ex_ .
Or use the makecab.exe( included in Windows XP) start cmd.exe in the dir
winlogon.exe is in and Enter:

makecab winlogon.exe

After that you will get winlogon.ex _ as output.

PREVIOUS VERSIONS:
In previous versions the PE Checksum of the file wasn't updated by the patch.
This caused setup to reject winlogon.exe during installation.
But this has been fixed in this version.


Manually OOBE_Fix for WindowsSetup
------------ --------- --------- ----
Since I see people integrating the patched winlogon.exe into windows setup are
perfectionist here's a hint how to may you get rid of the activationlinks in
the startmenu (-untested-) :
Ok unpack and edit syssetup.inf

1. search for
[StartMenuCommon]
and delete this to avoid the activate link in START
%oobe_desc% = oobe\msoobe. exe,"%%SYSTEMROOT% %\system32\ oobe\msoobe. exe /A",,0,"@%SystemRoot% \system32\ oobe\msoobe. exe,-2001","%SystemRoot% \system32\ oobe\msoobe. exe",2000
(btw you can also delete this unless %windowscatalog% link section if you like)

2. In SystemTools it's the same
[SystemTools]
%oobe_desc% = oobe\msoobe. ex...

Just for better understanding the inf-file format at the end is defined what the variable "oobe_desc" is:
oobe_desc = "Windows aktivieren"
This was were I first stepped when I searched for "Windows aktivieren" in C:\windows
The second was to look for oobe_desc...

No-CDKey-Patch for WindowsSetup
------------ --------- --------- -
- Since I got some positiv feedback about this I decided to publish this.
But so far I'ven't test it myself-

This will make the WindowsSetup to accept any -even a blank- CDKey
Get "http://antiwpa. cjb.net/Other/ cracked pidgen for setup.rar"
Pack it pidgen.dll with cab-pack to pidgen.dl_ as decribed above
and put it in the I386 setupdir.
That's it.

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ???????
What changes does this patch to my System and how to undo it?
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????

1. It modifies c:\WINDOWS\system32 \Winlogon. exe and creates a
backup named Winlogon.bak
UNDO: Rename Winlogon.exe -> Winlogon.OUT
Rename Winlogon.bak -> Winlogon.exe
After Reboot you will be able to delete Winlogon.OUT if you like


2. The RegistryValue
HKLM\SOFTWARE\ Microsoft\ Windows NT\CurrentVersion\ WPAEvents\ [OOBETimer]
is set to a fixed value as it is activated.
UNDO: Edit this with Regedit and set Last Byte to FF.
This will 'DeActivate' Windows

Note: Normally this value is written (not read!) by winlogon.exe on
every start up just as information for MSOOBE.
This value has no effect on the real Activation.


3. The 'Activate Windows' Link from the Startmenu is remove
UNDO: Start\Execute:
rundll32 setupapi,InstallHin fSection RESTORE_OOBE_ ACTIVATE 132 syssetup.inf

Other Changes:
HKLM\SOFTWARE\ Microsoft\ Windows\CurrentV ersion\Setup
"SourcePath" and "ServicePackSourcePa th" will be temporary delete during the patch
and (if nothing real bad happens) restored if it's finished.

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????
How to set another path to Winlogon.exe?
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????

Right click on the 'Apply/Browse' button.
If the Patch is already and the 'Apply/Browse' button is greyed out
Right click on the 'Quit' button to force unlock all buttons.

Note: You can also use the Windows Anti WPA Patch to de-protect
(Remove SelfCheckBlock SCB) from other protected
Microsoft exe and dll's:
For ex: licdll.dll, DPCDLL.dll or Windows PLUS! Pack Executables
Of course the WPA-Patch is skipped in this case.

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????
The Patch doesn't work after I rebooted, the WPA Reminder pops up again.
Also during the Patch the Windows Systemfile Protection Dialogbox didn't
come up.
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????

Maybe the Patch was undone by the Windows File Protection.
To check if the patch is still active start the Windows Anti WPA Patch again and check if it says 'Patch already applied'.

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????
How to disable this damn Windows File Protection(WFP) ?
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????

There is no really official way to disable this

This is an undocumented setting worked for recent windows versions:
HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\CurrentVersion\ Winlogon
SFCDisable=0xffffff 9d

BUT: It was removed in Windows 2000 Service Pack 2 and in Windows XP!
When you restart your computer, the System event log will contain Event ID 64032, "Windows File Protection is not active on this system."

SFCDisable (REG_DWORD)
0 = enabled (default - WinXP Professional)
1 = disabled, prompt at boot to re-enable - Require a kernel debugger to be hooked up or this will be ignored!
2 = disabled at next boot only, no prompt to re-enable - Require a kernel debugger to be hooked up or this will be ignored!
4 = enabled, with popups disabled (default - for all Server Windows)
More about this and how to re-enable the 'SFCDisable=0xffffff 9d-setting'
-> http://www.collakes oftware.com/ aboutwfp. htm
To make this more flexible here is a search'n'replace patch:
(Rename sfc_os.dll to sfc_os.OUT; copy sfc_os.OUT to sfc_os.dll)
Open sfc_os.dll in a hex editor
Search for : 83 f8 9D 75 08 33 C0 40
Replace with: 83 f8 9D EB 08 33 C0 40

So this is where it comes from:
A1 D8E1C376 MOV EAX, [SFCDisable]
Patch- > 83F8 9D CMP EAX, -63 ; = 0xffffff9d !
Search > 75 08 JNZ SHORT Don't_Set_SFCDisable_ =_1
Data > 33C0 XOR EAX, EAX
> 40 INC EAX
A3 D8E1C376 MOV [SFCDisable] , EAX
:Don't_Set_SFCDisable
Btw this fragment is the reason 0xffffff9d don't work anymore - so alternatively Nop Out (=overwrite with 0x90) that bastard



Well I found a real simple way to disable this for sure:
Rename c:\WINDOWS\system32 \sfc.dll to sfc-OUT.dll to something else
After Reboot the WFP is disabled.
BUT I advice to rename sfc-OUT.dll back to sfc.dll soon because I notice
that you can't install any new hardware device driver because syssetup.dll
statically imports sfc.dll and fail to load if sfc.dll is not found.

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????????
The Patcher doesn?t find any offset. / Know problem on Asian systems.
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????????

WPA_KILL.EXE currently don't work with Asian Systems (Taiwan, Japan...) with DBCS (Double Character Set)
enabled. If you have such systems disable DBCS or patch your winlogon.exe on a non DBCS system
apply the patch and copy it back in your system.

As far as I found out the Test Version function does not work properly and you get 'unknown Version'.
A Workaround that might work is to use the offset locator to detect/set the right offset manually.
(Hint: Compare the detected offset with the known-offset- list)
The problem is related to some improper char handling and/or comparing inside FrmMain.Test( ) i.e FileStream:: FixedString( )
Everyone how has an Asian System and MSOffice(Note: VBA is always also installed together with MSO) or Visual Basic 6 is welcome to invite me to a remote Session. - so I can examine and fix that problem - Please send me an email...
And of course you?re also welcome to fix it your self:
\other\cracknfo\ problem-onasian- systems.rar
\SRC\antiwpa- 1.6.2-winxp- 2k3-src.zip

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????????
How you access/modify the winlogon.exe file while the winlogon process is running ?
I only saw you are using standart API calls but I must have missed something...
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ???????

How to modify a File (like winlogon.exe) while it is in use:

1.Rename winlogon.exe -> winlogon.bak
That's the most important thing about that. You can't delete or
modify a file that's in use, but you can RENAME it! (under Win9x
this don't work. But there you can rename the dir the file is in...)

2.Copy winlogon.bak -> winlogon.exe

3.Now you can edit winlogon.exe. Of course you can't delete (or
modify) winlogon.bak as long as it is in use.
But you surely want to keep an backup of it, don't you?

Oh I almost forgot to mention an other annoy thing:
>The Windows system File Protection (WFP) 'D:\installs\ WinXP_SP2. out'
So the WFP won't file them to restore

Well the WPA-Patch doesn't rename your Windows installation path it deletes temporary the path to this in you registry and restores it after the patch (actually after you clicked on the OK button of the messagebox).
These Registry paths are:
HKLM\SOFTWARE\ Microsoft\ Windows\CurrentV ersion\Setup
"SourcePath"= "D:\installs\ WinXP_CD"
"ServicePackSourcePa th" ="D:\installs\ WinXP_SP2"

------------ --------- --------- --------- --------- --------- -
Just a hint to see if the patch worked without to Reboot:

1.Apply the patch
2.Logon as an other user
(But don't log of - choose change/disconnect user)
3.When you login just see if the patch works...
... or if not this damn
'You haven't activated your Windows yet...' message

(4.If you logoff the first user now 'winlogon.bak' is no long in use
and you can delete/modify it)

Ah and to get a better overview about the processes which are running on your machine use this: http://www.sysinter nals.com/ ntw2k/freeware/ procexp.shtml
And next time you can't delete a files use 'search handle' and enter the filename then close the handle(=file) or kill the process...

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????????
Does the AntiWPA Crack make winlogon.exe unstable?
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????????

Since the WPA 1.6.2 disables all anti crack self checks in winlogon.exe it may execute some msec faster :)
The patch simply makes winlogon.exe to skip the function which will do the WPA-Check( update of WPA Trialcounter)
and block any login if the result is 'negative'.

From 'outside' this windows is simple not activated but as long your using a valid CDKEY Windows update will work and is not affected by the WPA-Patch
> does the patch make winlogon.exe unstable?
No. If it is applied correctly winlogon.exe will not become unstable/crash.
(The only time winlogon.exe becomes unstable is after appling wpa-kill 1.1 to WinXP SP1 - but this bug was fix in version 1.2...)
Of course with the wrong offset in offset locator you can make winlogon.exe unstable/crash or by killing the patcher during the patch is applied.

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????
PREVIOUS VERSIONS:
I got 'ERROR: Unknown Version of winlogon.exe'.
Can you include this version in your WPA-Patcher ?
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????

Well please try the offset locator button to patch this new Version. Since Version 1.4 I added a heuristic search for offset locator which should find the right offset by default and highlight it.
So -after you read the warning- just double click on the highlight Offset on the List to set this as new patch-Offset.

If this is not a Beta or Release Candidate Version send me your -unpatched- Winlogon.exe by email and add if the default offset (found by the for offset locator) works.

???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????
PREVIOUS VERSIONS:
The patch don't work - if i click on the 'Activate Windows' link in the
start menu, it says Windows isn't activated and that there are only xx days left.
???????????? ????????? ????????? ????????? ????????? ????????? ????????? ????????? ?????

This patch didn't stop the trial counter nor will it 'Activate' your Windows.

The WPA-Patch fixes the condition jump which decides whether windows was started in safe mode
and the activation check should be skipped or if it was started in normal mode and it should be done.
So in short it will make winlogon.exe to skip the is-Windows-activate d check when you logon.

To see if the patch work wait about one minute after you logon -
if the Activation reminder balloon in the tray bar DON'T pop up - the patch IS working.
Some other things to see that it works
The messagebox that reminders you to active if there are only 5 days left and
The messagebox that says you're not allowed to logon until you active will be away.

So patching msobmain.dll just to make it say it's activated is only additional overheat and
also may cause some problems. Maybe if you want to change your CDKey and you don't reach the CDKEY change dialog because it says already activated...
Ok what I need to do is to include some FAQ-info text in the next version about that issue.
Maybe I will add a "Let's Activate Windows" force true patch if there is such a big need for this
I mean if this will make someone sleeps better at night - is enough for a good reason.



http:\\Antiwpa. cjb.net


XP Activation

Installation:
Run - "Activate.exe ". wait until the windows says:
"Already Activaded" or something... don't close it.

Now run - "Enable Updates.exe" Wait until it fixed.

Now close all Windows, and restart your PC

DOWNLOAD

http://rapidshare. com/files/ 16707564/ x_h_by_kissme1. rar.html

PASSWORD : kissme1