RemoveWAT Or Chew-WGA "Bypass Activate" Windows 7 and Server 2008 R2 Forever

According to Genuine Windows blog, the Windows Activation Technologies Update for Windows 7, this update will detect more than 70 known and potentially dangerous activation cracks or exploits. Activation exploits are sometimes called “hacks”, and attempt to bypass or compromise Windows’ activation technologies.

The blog post further explains how the KB971033 update will work: Once installed, the Update protects customers by identifying known activation exploits that may affect their PC experience. If any activation exploits are found, Windows will alert the customer and offer options for resolving the issue – in many cases, with just a few clicks. Machines running genuine Windows 7 software with no activation exploits will see nothing – the update runs quietly in the background protecting your system. If Windows 7 is non-genuine, the notifications built into Windows 7 will inform the customer that Windows is not genuine by displaying informational dialog boxes with options for the customer to either get more information, or acquire genuine Windows. The desktop wallpaper will be switched to a plain desktop (all of the customer’s desktop icons, gadgets, or pinned applications stay in place). Periodic reminders and a persistent desktop watermark act as further alerts to the customer.

Other that activation cracks and exploits, the main controversy of the KB971033 is that the update will “call home” to Microsoft every 90 days initially. The callback to the Microsoft’s activation server serves as an additional layer of periodic validation, which allows that WAT system to download latest and updated signatures that are used to identify new activation exploits in order to verify and determine whether the Windows 7 installed on a PC is genuine or pirated, and take various actions to change the user experience and behavior of the PC if the WAT decides that the system is not genuine or properly authenticated, even though the system is still activated at the point of the time.

In short, KB971033 update for Windows 7 activation and validation system may not be the exploit detector itself, but just a introduction of mechanism with ability to establish authentication verification connections to central servers to download piracy signatures database from Microsoft as and when needed in order to combat new activation cracks or methods. By doing so, Microsoft can dynamically update WAT system, instead release complete update for WAT again in future.

Luckily for pirated Windows 7 users, KB971033 Windows Activation Technologies update is optional and voluntary. It’s marked as Important update in Windows Update, and user can choose not to install the update. Initially, it will be rolled out to Windows 7 Home Premium, Professional, Ultimate and Enterprise editions. It should be available to all Windows 7 and Windows Vista systems in the end. After installed, user can still uninstall the KB971033 easily, however, once the system is flagged as fraudulent, not genuine, pirated or illegal, it will stay so despite the update is removed or uninstalled.

In fact, KB971033 Update for Windows Activation Technologies have been leaked to Internet for everybody’s download since early February, and long discussion thread on My Digital Life forums has been debating on how far the update will go to invalidate and deactivate various cracks and hacks for Windows 7 such as loaders (softmod) and BIOS-mod (hardmod). As the update depends on online update for new signature, which does not seem to active or go live yet, so the actual effect of the update is not yet known.

Most do however agree, based on Microsoft’s track records on WGA update on Vista platform, that the WATU (WAT Update package) will mostly deal with activation cracks which modify the activation or licensing files, such as Chew-WGA and RemoveWAT Win7 activation crack, and numerous other “derivative” cracks and exploits that may include virus or Trojan horse (hence the explanation for 70 odd exploits available in the wild). The update will attempt to repair core licensing system files that have been tampered with, disabled, removed or changed illegally, which effectively disable the activation hack.

For user who wants to install KB971033 update to verify the legitimacy of the Windows 7 system, it can be downloaded via the download links below:

32-bit (x86): Windows6.1-KB971033-x86.msu

64-bit (x64): Windows6.1-KB971033-x64.msu

————————————————————-

RemoveWAT or Chew-WGA “Bypass Activate” Windows 7 and Server 2008 R2 Forever (Loader Alternative to Remove & Disable Activation Technologies)

————————————————————-

Despite already has perfect and reliable Windows 7 activation crack based on royalty-OEM mechanism, hackers have managed to come out with a new activation crack method as an alternative to BIOS loader and OEM BIOS mod, which effectively bypass the activation requirement of the installed Windows 7 system, by removing and disabling Windows Activation Technologies (WAT).

The hack works to “activate” Windows 7 by bypassing activation altogether, and thus does not require any product key. Previously in Windows Vista, the attempt to permanently bypass Windows Vista activation by stopping activation grace period countdown timer has been unsuccessful and foiled by Microsoft with anti-crack update.

In Windows 7 and Windows Server 2008 R2, hackers attempt to block access of Windows Activation Technologies, comprising of SPP (Software Protection Platform) and SLC (Software Licensing Client), which manages and handles licensing and activation matters on the operating system to the core components or files which are required for its operation. By blocking, preventing, removing and disabling access to or loading of the activation and licensing related system files, SLUI will fail to start, causing activation been circumvented and Windows does not need to be activated anymore, for forever and permanently.

For example, the commands that been used to restrict access to Windows Activation Technologies (WAT) system files are:

takeown /F %WINDIR%System32sppcomapi.dll

icacls %WINDIR%System32sppcomapi.dll /deny *S-1-1-0:F

Where sppcomapi.dll is the library which controls most of the SPP functions, so nullifying this DLL disables all activation and licensing related functions. And as the activation functionality is disabled completely, the activation grace period (for free evaluation) does not matter anymore, although it may still continue to counting down to 0 days.

The crack is possible probably due to leniency allowed on the part of Microsoft on activation mechanism to avoid getting too many false-positive or complaint on activation error. However, by disabling and turning off the activation component of Windows 7 or Windows Server 2008 R2, after the free trial evaluation activation free period of 30 days is expired, nag screen to notify and remind user to run genuine Windows and activate Windows 7 may appear from balloon tip at notification system tray, or when launching to run NotePad, WordPad, Calculator or even when opening Control Panel. Besides, there may be desktop watermark of this copy of Windows is not genuine appearing at four corners of the screen, and system cannot pass WGA (Windows Genuine Advantage) validation which requires prior to install non-critical updates from Windows Update and some certain programs in Windows 7, such as Microsoft Security Essentials.

Thus, various hackers have came up with tools or utilities which deals with all “side-effects” that follow after activation scheme in Windows 7 or Windows Server 2008 R2 is disabled and removed, so that Windows OS will continue to operate as it should (no automatic log off or shutdown), no nagging pop-up messages, no use genuine Windows or activate Windows now notification dialog box, and most importantly, pass WGA validation and permanently no product key required to activate the system.

Currently, two leading Windows 7 non-loader crack is RemoveWAT and Chew-WGA. Both tools initially start with different approach, but have since used rather similar crack method, as bugs are discovered and fixed. Another crack tool, Win7X Genuine Updates (Win7XGU) does not fully automate the process by requiring users to perform several steps to get genuine status, further signifies how difficult for hackers to tamper with Windows licensing system.

RemoveWAT

RemoveWAT, developed by Hazar and nononsence is a Windows 7 crack that completely removes Windows Activation Technologies from the system so that users can validate the illegal pirated copies of Windows 7 as genuine status (some reported as “Tampered Binary” in MGADiag due to patching), forever and permanently. RemoveWAT supports both 32-bit (x86) and 64-bit (x64) and all editions of Windows 7 and Windows Server 2008 R2.

RemoveWAT, which has been refreshed to RemoveWAT v1.9, also stops sppsvc service and patches DLL files such as slwga.dll, sppcomapi.dll and systemcpl.dll, where the last one removes the whole Windows activation section from the Control Panel’s System Properties. RemoveWAT also support silent install with /s switch, and can be integrated to Windows 7 or Windows Server 2008 R2 installation DVD.

Chew-WGA

Chew-WGA is a similar Windows 7 crack which is designed to test the security resistance of various software protections built into Windows 6.1.x operating systems. It works by restraining certain components of the software protection platform. Other than restricting access to sppcomapi.dll file, Chew-WGA also patches many SPP related files.

Chew-WGA, which currently updated to Chew-WGA v0.9, will make the system to return activated status, and Windows is activated message is displayed in Control Panel’s System Properties.

As crack based on removal of activation component involves patching, changes and modification to many system files, it’s likely to be easily detected and nullified by Microsoft, especially in next WGA update or Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2. In fact, Software Protection Platform (SPP) has been effectively to counter unauthorized edit of system files, which may result in features or functionality of Windows been deactivated, reduced, disabled or removed, causing various error message when user wants to perform certain action. Thus, the cracks should never be executed on a system intended for continual use, and should only be used to extend the evaluation period to avoid reinstallation. In fact, to use Windows operating system any longer than 30 days, users should purchase a license.