Installing Windows 7 – Part 4

Note : This post is for Educational and Informative purposes only.

Scenario : You wonder what is the Unlimited Activation hack for Windows 7.

Solution : As mentioned before, after installing Windows 7 without a product key for activation, Windows 7 operating system will run in Initial Grace Period license status, which lasts 30 days as evaluation or trial period. When the initial 30-day activation-free grace period expires, users can rearm Windows 7 for additional 30 more days of activation grace period, for up to 3 times, effectively allowing Windows 7 to run legally for 120 days without a genuine product key to activate the system.

When a user uses up all three rearms available , the only option left is to enter a legit and genuine product key to activate Windows 7, or Windows 7 goes into non-genuine status. Through a vulnerability in Windows 7, it’s possible to reset the remaining rearm count back to 4. This ability to reset the rearm count for as many times as possible (until patched by Microsoft)  can allow users to run Windows 7 forever, without the need of activation or cracks.

The vulnerability is related to a registry key which contains Last Rearm Time information in Windows 7. When the registry key is deleted, the whole licensing status of Windows 7 is re-initiated to the Initial Grace Period,  as if Windows 7 is just installed. The key is :

HKLM\MY_SYSTEM\WPA

With the obvious importance of this registry key, it’s understandable that the key and all its sub-keys have been locked from being changed, modified, removed or deleted under normal circumstances(i.e. you cannot change from a normal working windows environment). So this is where we get Smart…………..we run the command to delete that registry key manually from Windows Recovery Environment.

Now i will give you a very Simple walk-through to make this as easy as possible :

1. Create a batch script file with the following commands (This Script loads the relevant key and deletes it) :
   

   reg load HKLM\MY_SYSTEM "%~dp0Windows\System32\config\system"
reg delete HKLM\MY_SYSTEM\WPA /f
reg unload HKLM\MY_SYSTEM

   Save the file as Unlimited.bat on drive C:\ ( or wherever your Root Windows Drive is).

2. When there is ‘1‘ day remaining to activate Windows 7 , start the computer.
3. Press F8 on boot to get to the “Advanced Boot Options”.
4. Select Repair Your Computer.
5. Select your keyboard input method, and click Next.
6. Enter user name and password login credentials, and click OK.
7. In the “System Recovery Options”, open Command Prompt.
8. Type C: to go to the main drive(as applicable), and the execute the Unlimited.bat file by type its name:Unlimited.bat
9. The console should display messages saying that the commands were executed successfully. Close the console window and reboot the machine.
10. After system startup, sign into Windows. System will display message such as “This product is not genuine”. Just ignore it.
11. Run Command Prompt as administrator, and execute the following command to re-insert the default Windows 7 product key into the system. These product keys will give you a trial period of 30 days and 3 more re-arms……120 free more days.
    Note that the command should be run according to the installed Windows 7 edition :   slmgr/ipk  “Your KEY”
    ( Ultimate : D4F6K-*****-*****-*****-***** Professional : HYF8J-*****-*****-*****-***** Home Premium: RHPQ2-*****-*****-*****-***** Home Basic: YGFVB-*****-*****-*****-***** Starter : Q28W-*****-*****-*****-***** )
    ( I will not provide the keys…only the first four characters…..Remember Google is your Friend…;)  )
12. Reboot the computer.
13. Login, and the Windows 7 OS is now in initial grace period of 30 days.
14. To check the activation status and to rearm Windows 7, Check my Previous Post.

Advantage of this method : Resetting the count back to default is better than cracks as Windows 7 will forever run in Initial Grace Period license status, which is deemed genuine by WGA validation.Also, there is no modifying or changing of imp system files.

The only disadvantage of this method is that you have to reset the count every 30 days. And every 120 days you have to reboot the computer into Windows Recovery Environment to perform the simple command

Installing Windows 7 – Part 3

Note : This post is for Educational and Informative purposes only.

Scenario : An objective look at SLP and Loaders.

Solution : Microsoft tightened up Windows product activation scheme due to prevalent usage of the less stringently protected corporate version. It requires users to activate the operating system by inputting a key and then verifying it with Microsoft either automatically over the internet or over the telephone. Large OEMs like Dell, IBM, Asus, and others need an efficient way to mass activate their computers so buyers don’t have to deal with the hassle of verifying their copy of Windows. So, Ultimately a method called System-Locked Pre-installation (SLP) was devised.

There are three different versions of SLP: 2.1, 2.0, and 1.0. SLP uses a special area in a computer’s BIOS to host a set of identification data. In SLP 1.0 it was simply the name of the OEM in the BIOS with a set of less than half a dozen files on the hard drive to verify the OEM listed in the BIOS. SLP 2.0 and 2.1, involves an ACPI_SLIC table (Software Licensing Description Table) that the OS checks upon starting to verify its activation status and also the presence of a matching OEM-supplied key and OEM-specific certificate file in addition to the OEM-specific ACPI_SLIC table before it can activate. In short, for OEM activation to work and able to authenticate licensing for Windows, three components or criteria must exist and fulfill:

1. Full SLIC table in BIOS
2. OEM certificate (xrm-ms) which corresponds with OEMID and OEMTableID (known as Windows Marker) in SLIC table.
3. OEM-SLP product key

This is what makes using Loaders or bios mods easy, because if you can recreate the files before the OS loads, you can fool the OS and achieve instant offline activation on system boot up. It’s possible to modify the BIOS  to include the SLIC , known as a hardmod or biosmod,  or use a OEM-BIOS emulator which is commonly known as Loader (softmod) to emulate a SLIC on boot up (not modifying the BIOS).

Note :It doesn’t matter if you have RTM retail version or OEM version.

Making a hardmod is risky because an improperly modified BIOS could render the computer unable to start. Of the softmods available today, the most popular is the one created by daz found here

Details :

Windows Loader v1.9.2 by DAZ

This is the loader application well known for passing Microsoft’s WAT. The application itself injects a SLIC (Software Licensing Description Table) into your system before Windows boots, this is what fools Windows into thinking it’s genuine. Features

• Can be run as a standalone application
• Works well with all system languages
• Argument support for silent installs
• Can be used for pre-activation
• Application integrity checking
• Custom error handling
• Support for hidden partitions and complex setups
• Can work alongside Linux’s GRUB or any other boot manager
• Works with TrueCrypt and many other types of hard drive encryption applications
• Add your own certificates and serials externally
• Offers certificate and serial installation only for users with an existing SLIC 2.1
• Automated system profiling (The application matches everything up for you)

The great benefit of this method is that Microsoft will have a harder time coordinating a surgical strike against faked BIOS ACPI_SLIC tables since they would likely harm legitimately bought computers. Therefore the risk of being caught is less than Microsoft trying to detect software-based BIOS modification.

Installing Windows 7 – Part 2

Scenario : You have finally installed Windows 7 but its only for a trial period of 30 days(You are not sure whether to purchase or not). And lo and behold….the 30 days are over but you are still not done evaluating.

Solution : Well….there is a way to fix this….and mind you it is not a hack, it is a system put in place by Microsoft to give you more time to evaluate it.

So how does it work ??

By default….Windows 7 has a trial period of 30 days(called Initial Grace Period) but once that is over you can “re-arm” for additional 30 more days of activation grace period, for up to 3 times, effectively allowing Windows 7 to run legally for 120 days without a legit or genuine product key to activate the system.

So How do you do it ??

1. First Login and check the activation status. To do so, open an elevated command prompt window as administrator, and run the following command:

slmgr /dlv (slmgr stands for software licensing manager )

The dialog box with the following details should appear:

License Status: Initial Grace Period
Time remaining: "As Applicable"
Remaining windows rearm count: "As Applicable"

2. In order to rearm the Windows 7 system for additional 30 days activation grace period, open an elevated command prompt window as administrator, and run the following command:

slmgr /rearm   or slmgr -rearm

3. You can do this until your Remaining windows rearm count runs out. ( Interestingly this gives rise to a unlimited activation hack which we will discuss later 😉 )

Note : If you are not able to  use this technique in spite of rearm count greater than 0, then do the foll. : Open registryEditor, go to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform .

In the right pane, see if SkipRearm is set to 0 (number 0) If not, set it to 0.

Installing Windows 7 – Part 1

Scenario : You have  heard a lot about Windows 7 and want to try it.

Solution :

First decide which edition you would like to try. The available options are :

Windows 7 Starter

Windows 7 Starter is the edition of Windows 7  that contains the fewest features. The Aero theme is not included in this version. The desktop wallpaper, and Visual Style (Windows 7 Basic) is also not user-changeable. It also doesn’t support .NET Framework.

Windows 7 Home Basic

Some Aero options are excluded along with several new features. Home Basic, along with other editions sold in emerging markets, include geographical activation restriction, which requires users to activate Windows within a certain region or country.

Windows 7 Home Premium

This edition contains features such as Windows Media Center, Windows Aero and multi-touch support.

Windows 7 Professional

This edition is targeted towards enthusiasts and small business users. It includes all the features of Windows 7 Home Premium, and adds the ability to participate in a Windows Server domain. Additional features include operating as a Remote Desktop server, location aware printing, Encrypting File System, Presentation Mode, Software Restriction Policies (but not the extra management features of AppLocker) and Windows XP Mode. Microsoft will support this edition until 2020.

Windows 7 Enterprise

This edition targets the enterprise segment of the market and is sold through volume licensing to companies which have a Software Assurance contract with Microsoft. Additional features include support forMultilingual User Interface (MUI) packages, BitLocker Drive Encryption, and UNIX application support. Microsoft will support this edition until 2020.

Windows 7 Ultimate

Windows 7 Ultimate contains all of the same features as Windows 7 Enterprise, but unlike the Enterprise edition, it is available to home users on an individual license basis. Windows 7 Home Premium and Windows 7 Professional users are able to upgrade to Windows 7 Ultimate for a fee using Windows Anytime Upgrade if they wish to do so. Microsoft will only support Ultimate until 2015, as per Home Premium.

see here for a more comprehensive comparison : http://www.winsupersite.com/win7/win7_skus_compare.asp

Also keep in mind the hardware requirements :

Architecture	32-bit	64-bit
Processor	1 GHz 32-bit processor	1 GHz 64-bit processor
Memory (RAM)	1GB	2GB
Graphics Card	DirectX 9 graphics processor with WDDM driver model 1.0 (For Aero)
HDD free space	16 GB of free disk space	20 GB of free disk space
Optical drive	DVD drive (only to install from DVD/CD Media)

Then head over to microsoft to buy it, but if you just want to evaluate it, go to evalcenter or you can always use torrents.

In the next post, we will talk about different activation techniques….till then….Stay Sharp…