AntiWPA 3.3 for x64 and x86

Support Website:

How to use:
Start AntiWPA3.cmd to install/uninstall the patch

What is does the patch modifies:
* HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAntiWPA
is added to Registry

* File C:windowssystem32AntiWPA.dll is added

* HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWPAEvents]
data for “OOBETimer” is changed {=OOBE}

* rundll32 setupapi,InstallHinfSection DEL_OOBE_ACTIVATE 132 syssetup.inf
rundll32 setupapi,InstallHinfSection RESTORE_OOBE_ACTIVATE 132 syssetup.inf
is executed which will remove/restore WPA-links from the startmenu

How it works:

It cheats (hooks user32.dll! GetSystemMetrics(SM_CLEANBOOT) & ntdll.dll!NtLockProductActivation)
winlogon.exe to make it believe it was booted in safemode and so winlogon skips
the WPA-Check. (Note: Does not affects system calls by other exe or dll.)
The patch is ‘autorun’ on eachs start before the WPA-check via
HKLMSOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyAntiWPA

The hooks are applied when AntiWPA.dll!onLogon was load by winlogon.exe
Winlogon.exe is not altered anymore. Patching (API-Hooking) is done in Memory.
So there are no problems with the windows System File Protection anymore.

Installation is performed via AntiWPA.dll!DllRegisterServer (“regsvr32 AntiWPA.dll”).
The file is copied to systemdir and the registrykeys are added.
(Note: AntiWPA.dll is no ActiveX selfregisterdll.)
Uninstallation is done via AntiWPA.dll!DllUnRegisterServer (“regsvr32 -u AntiWPA.dll”).

*FAQ Included*

Anti-Virus software will detect this as a virus, I can assure you its not as im using it now without any problems at all.