WAT and bypassing WAT

Windows 7 comes loaded with an anti-piracy system named Windows Activation Technologies (WAT).

Microsoft enforces Activation and Validation of all the instances where Windows is installed.

Activation pairs your product key (it is supplied with every legal copy) with your computer (hardware configuration) and helps to verify that your copy of Windows hasn’t been used on more computers than the Microsoft Software License Terms allow.
Activation is usually only required once unless you make significant hardware changes.

Validation is an online process where it is checked that the windows is genuine by verifying that the product key is not used on other computers or is blacklisted.
The validation process is repeated during several services like, when you use windows update, download drives from Microsoft download center etc.

If the validation fails, the user is notified about it and are instructed to buy the genuine software.

Further restrictions are also imposed, as in Windows 7,
The desktop background is set to black. It is possible to change the background buy they are reset every hour.
Reminders are given to activate the system, upon boot and also hourly.
A message is displayed on the bottom right corner stating that the windows is not valid.
Windows update is not allowed, however critical updates are allowed.

Other than these the OS functions normally.
Note that there are no mechanisms included in WAT to damage your hardware or access/delete your data.

How to bypass WAT and validate as genuine?

Use Volume Activation Keys (VAK)
Volume licensing is a method which which allows a single product key to be used for multiple installations, typically given for large enterprises.
A leaked volume activation key could be used successfully in Windows XP. But with Windows Vista Microsoft restricted the use of VAKs to a predefined number and introduced stricter activation schemes which made this unpopular since then.

Disable WAT
There are tools which disables the WAT while allowing the system to retain its Genuine status in every official check by Microsoft.
The most popular of these tools was RemoveWAT developed by Hazar.
However MS with its update KB971033 disabled it and included mechanisms designed to detect existing similar expoits.
This WAT update also contacts MS on routine basis and downloads signatures of newer exploits so that it can identify similar attacks in future.
But the latest versions of RemoveWAT (2.2.5 and later) claims to disable even this WAT update.

Simulate an OEM Product
OEM systems from large companies (Dell, Acer, HP etc) use a technique called System Locked Preinstallation (SLP). The pre-installed copy of Windows uses a single master product key tied to SLP code in the system BIOS that is unique to that manufacturer’s systems. If the encrypted licensing information in the pre-installed copy of Windows matches the information in the BIOS, no activation is required from the part of user and the system can be validated genuine.

So the trick is to included this SLP code into the BIOS, so that windows gets fooled believing that this is a regular OEM product.
This is usually accomplished either by modifying the BIOS ROM or by using a custom bootloader that injects this code into your system before loading windows.

One such software is the Windows 7 loader by Daz.

Since the software changes the bootloader there is a risk that windows might not boot. Though the author has specified fixes for it .

NOTE: If you intend to use any of the software listed above be extremely cautious. Most of the copies that you will find are modified to include nasty viruses/trojans/rootkits. If you ever download them from torrents or anyother site, please scan them at https://www.virustotal.com/ to ensure it is clean before running them.
Also i request you the verify the md5 or SHA1 checksums of the executables from the authors page.

Leave a Reply

Your email address will not be published. Required fields are marked *


+ 7 = sixteen

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>