crackware2k
Site Admin
Joined: 23 Dec 2004
Posts: 173
Location:
Germany
|
| Posted: Wed Feb
16, 2005 8:18 pm Post
subject: New revealed details about the WPA |
|
|
| Code: |
Some nameconventions first:
DPC = DigitalProductCode and is store in registry (Regedit.exe!):
HKLM\SOFTWARE\Microsoft\Windows
NT\CurrentVersion[DigitalProductId]
PID = ProductId20
55375-013-4130274-22293
AAAAA-BBB-CCCCCCS-DDXXX (XXX Randomvalues)
RPC = Regional Product Code
'-BBB-' part of the PID
SITE= 'AAAA-' part of the PID
CDKEY= (also call 'Pid30' or PK by MS)
X3WJB-3B2BH-3MPM6-8F6GR-X9HBJ
BINK= BINary Key
BINK Resource stored in pidgen.dll
use Resource Hacker (or any other resourceeditor) to open
BINK_ID='-DD' Part of the PID * 2
= the first byte of the a BINK resources
Example
000054E0 2C 00 00 00 6C 01 00 00
07 ...
^^<- BINK_ID = 2C !
StockKeepingUnit (or SKU) something like this 'A22-00001'
Note: all mentioned stored inside the DPC.
The WPA-CALL
============
The WPA-CALL is only executed if the system was not booted in Fail Safe Mode.
Function IsBootedInSafemode()
//AskSystemForBootMode:
NtLockProductActivation (*pIsSafeMode,*pPrivateVer)
if pPrivateVer <= 129E then Error_8004050A
Result = GetSystemMetrics (SM_CLEANBOOT{=43})
if *pIsSafeMode not equal Result Then Error_8004050B
Result = *pIsSafeMode
Return Result /*Note: 1 means FailSafeMode*/
If IsBootedInSafemode() is not FailSafeMode then
If WPA-Check() is not OK then 'Stop Login'
Endif
Proceed Login procedure..
.
Inside the WPA-CALL
===================
Function WPA-Check(Arg1..Arg10)
setoobe_state (7FFFFFFF,7FFFFFFF,00000000) //Initalisation values
Validate Header of 'wpa.dbl'
If Error then loadres LICDLL.DLL!IDR_WPA_LICSTORE and
write it into wpa.dbl
GetLicRecord
Read 'DigitalProductId' from Registry and extract RPC
and BINK_ID
DPCDLL.DLL#122 (RPC ,BINK_ID) in
my case ('-013-', 2C)
Record Lic {
$00 00000012 Index
$04 0000002C (BINK_ID
only use to find/select record)
$08 00000005 (Min RPC
only use to find/select record)
$0c 00000055 (Max RPC
only use to find/select record)
$10 00000002 -> LicType !!!
$14 0000001E DaysToActi
(coop must be 7FFFFFFF)
$18 7FFFFFFF TrialDays
$1c 00000080 Size of Sigature
*Signatur Pointer to Byte
80 signature }
Check If LicRecord And SignaturMatches;
Select case Lic.LicType=
5 :OEM/SLP-Version(SLP= System Locked
Pre-installation)
OEM-BIOS(0,0,0,0,0,0)
Check oembios.dat with 80byte signatur
from oembios.sig
Read & Decrypt oembios.dat
>>>
TYPE=retail
[HashTable]
HashBlocks=100
<- that's why OEMBIOS.BIN is
HashSize=131072
13107200 Bytes !!!
Hash000=87588d25,f11957f0,9c0b02d1,d7f0d5ec
...
Hash099=d3af5162,a37608fd,911ba533,8c046137
<<<
Random choose an HashBlock (between
1..'HashBlocks')
Read data 0x20000 Byte(=HashSize) from
OEMBIOS.BIN
start at Offset HashBlock*HashSize
Generate Hash from data and
compare it with the HashBlock ones
Test if 'TYPE=oem'
Search for 'BIOS=?' in
"\Device\PhysicalMemory" between
0E0000..100000
==>setoobe_state Activated !!!
1 :Cooperated (VLK)
if Lic.TrialDays==7FFFFFFF
// else WPA_ERROR_80040509
and NOT PersonalWorkstation
// means XP Home( Suitemask == 0200)
and NOT MediaCenter\Installed //
HKLM\system\wpa\MediaCenter\[Installed]==1
Call OEM-BIOS with 1,0,0,0,0,0
{80070002}
and test if
oembios.dat contains 'TYPE=volume'
Call OEM-BIOS with 3*FIX*, 0, PID, 0,
ptr, 0*FIX*
CheckIfSectionExists In
SECUPD.DAT ("MS-5.1" / "OEM-5.1")
==> setoobe_state Activated !!!
6 Is VER_SUITE_EMBEDDEDNT( Suitemask == 040)
{8007047E}
GetDiskFreeSpaceExW <= 1GB Else OEM-BIOS with
1,0,0,0,0,0 // like Cooperated
system32\EmbdTrst.dll!"ImageOkToRunOnEmbeddedNT"
{80070002,80070005}
==> setoobe_state Activated !!!
ELSE:Retail,Evaluation,Tablet
Do Real-WPA-Hardware-check ...
GetHardware and store in 8 Byte Bitarry
Check HardwareCmpwithCurrentData {80040500}
SaveDataIn_WPA.dbl Block with ID_2 {80040507}
SavePIDIn_WPA.dbl Block with ID_PID & '1'
ValidatePID
3 x '-' Dashes
4 x IsNumeric
ValidateCurrentHardwareWith_WPA.dbl
GetHW
readwpa.dbl ID_PID
GetPerMachine128BitSeed
->G${ED8F4747-E13D-47bc-856B-5CEFE1A81A7F}
Decry
ID_PIDdata
ID7 RSA2
(0x254Byte)
ID8 RSA2
(0x254Byte
2 x cmp sth
if
isFailsafemode==2(failsafe_withNetwork) Then Active
if Check HardwareCmpwithCurrentData Then
Active
If Error Check&UpdateTrialdata
end
|
The
Files
[WINDOWS]\system32\
wpa.dbl
Rc4-Encrypted DataBase for storing LicenseInformation like
current 128bit-hardwaredata, Activationdata, Trial, PID
The inital wpa.dbl only contains 2 Records: URL for Acti.
and some &427 Signature, it's resource from
LICDLL.DLL!IDR_WPA_LICSTORE write to disk if wpa.dbl was not
found
LICDLL.DLL
ActiveX Dll use by Clientapps
like msoobe.exe or Windowsupdate
Dpcdll.dll
Contains a table which decides about the lictype
(Volumen,Retail,Eval..) and Days to Activatiate depending on
your PID,
simulare to pidgen.dll also creates
DigitalProductID from CDKey(used for checking).
OEMBIOS.CAT SecurityCatalog for what ever (not
important)
OEMBIOS.SIG Certifikate for OEMBIOS.DAT
(first 0x80 Byte)
OEMBIOS.DAT
Contains Type
OEM|Volumen|Retail, Checksums (HashBlocks for OEMBIOS.BIN) and
if OEM a liste of Bios Signature which don't need to Activate
OEMBIOS.BIN
100 Datablocks with 0x20000 byte which
are only check via HashBlocks of OEMBIOS.DAT
SECUPD.SIG Certifikate for SECUPD.DAT (first 0x80
Byte)
SECUPD.DAT see above *New since SP2*
Winlogon.exe Enforces/Call WPA-Check
PIDGEN.DLL
Checks CDKEY creates DigitalProductID which is stored in
Registry
licwmi.dll Windows Product Activation
Configuration WMI
wpa.dbl
For this an very
simple database format is used. unencrypted it looks like
this:
| Code: |
0008 Number of DataRecords
INDEX Offset Size Flags?
0009 0408 0416 0201 WPA-Cert.
000A 0820 002C 0201 UNICODE
"wpa.one.microsoft.com"
^^^^intial Records from LICDLL.DLL!IDR_WPA_LICSTORE^^^^
0033 084E 0038 0201 TrialData
0002 0888 0008 0201
CurrentHardwareSnapshoot
0010 0892 0004 0201
CurrentHardware_Fail_Marker
87317 0898 0030 0201 "5535751"
PID_Backup
547EEB 08CA 0004 0201 "55357515"
PID_Fail_Marker
0D84f 08CE ???? 0201 "553575"
ActivationData (Don't know how it look like since I haven't activated my
windows yet,
but it's not the same format like 0002-CurrentHardwareSnapshoot - anyway that
would be to easy) |
The head has a fixed size of 0x408 Bytes.
So it can store up to 0x40(=64) entries.
Inside
winlogon.exe are nice functions to access the wpa.dbl. These
are good for creating an wpa.dbl-viewer/editer. The idea is to
add to winlogon.exe an exporttable or rip the asmcode with IDA
and create a dll, so you can access this code externally.
Well finially I made an editor
\others\tmp\MS-DBL-Editor_0.3.zip
That's the content of my uncrypted SECUPD.DAT (XP
SP2 Pro)
SECUPD.DAT
>>>
[Version]
Version=4.0
Date=08/02/2004
[MS-5.1]
GovVLKey=*,640,200176,200176,23,*
IntelVLKey=*,640,000035,000035,23,*
[HashTable]
HashBlocks=100
HashSize=131072
Hash000=346832b3,2091a347,7600c2b0,ce9fa801
Hash001=810d6068,046b6866,9fd582b6,d408a781
...
Hash099=91373dc1,3cf37b57,b25b05c8,44f2e50f
<<<
This seems to be really interesting:
[MS-5.1]
GovVLKey=*,640,200176,200176,23,*
IntelVLKey=*,640,000035,000035,23,*
This is a key
from a cooperated W2k3 Version
69815-640-0592892-45142
You see
this red number. Seems that here is noted what are
VolumenLicense keys. Also they seperate between Goverment and
Intel Key.
Expect the check for only the existence of
[MS-5.1] section no other data is use from this file so far.
LicenseTypes
In
dpcdll.dll there is a table with a fixed set for the WPA
config.
You can easy locate it yourself if you set the
columwidth to 160 in your hexeditor.
| Code: |
Normally it will look like this in your hexeditor:
Offset Index Val1
Value 2 Value3 Lictyp
DaysForActi DaysForEval Mark?
HashData 0x80
0000 00 00 00 00 2B 00 00 00 77 00 00 00 77 00 00 00 05
00 00 00 1E 00 00 00 FF FF FF 7F 80 00 00 00 F0 3C FA 4
... |
 Or use my DPCViewer(antiwpa.cjb.net) do display that
data.
Note: Don't hexedit these data - it's checksumed by
the hash.
Change your CDKey so if will become the right
PID or (only if you know Asm!) manipulate/overwrite the Arg of
DPCDLL.DLL#122(hDll,-dd,-bbb-,-ccccccc-), take of care area
may by selfchecked...
Opimized for viewing
(nulls-cutted version)
| Code: |
Offs. Indx ID min max LictypActiDays EvalDays Len Hash
0000 00 2B 7700 7700 05 1E000000 FFFFFF7F
80 F03~
00A0 01 2B 7800 A900 02 1E000000 FFFFFF7F
80 6EC~
0140 02 2B 9001 9902 02 1E000000 FFFFFF7F
80 765~
01E0 03 2B 9B02 BB02 02 1E000000 FFFFFF7F
80 1E5~
0280 04 2B BC02 F202 02 1E000000 FFFFFF7F
80 959~
0320 05 2D 7700 7700 05 1E000000 FFFFFF7F
80 5E3~
03C0 06 2D 7800 A900 02 1E000000 FFFFFF7F
80 9F1~
0460 07 2D 9001 9902 02 1E000000 FFFFFF7F
80 419~
0500 08 2D 9B02 BB02 02 1E000000 FFFFFF7F
80 137~
05A0 09 2D AA00 0D01 02 1E000000 FFFFFF7F
80 F32~
0640 0A 2D BC02 F202 02 1E000000 FFFFFF7F
80 AEB~
06E0 0B 2D 2303 8303 02 1E000000 FFFFFF7F
80 861~
0780 0C 0D 6400 C700 06 FFFFFF7F 7D000000
80 811~
0820 0D 0D C800 8303 06 FFFFFF7F FFFFFF7F
80 A5B~
08C0 0E 28 0500 6E00 03 0E000000 7D000000
80 2A1~
0960 0F 28 7000 7700 03 78000000 3C000000
80 C32~
0A00 10 2A 0500 5500 02 1E000000 FFFFFF7F
80 604~
0AA0 11 2A 5101 6701 04 3C000000 FFFFFF7F
80 958~
0B40 12 2C 0500 5500 02 1E000000 FFFFFF7F
80 FA1~
0BE0 13 2C 5101 6701 04 3C000000 FFFFFF7F
80 CB2~
0C80 14 2C F302 0B03 02 1E000000 FFFFFF7F
80 0F9~
0D20 15 2C 1103 1503 02 1E000000 FFFFFF7F
80 3E2~
0DC0 16 2E 8002 BB02 01 FFFFFF7F FFFFFF7F
80 6DC~
0E60 17 2C 6801 7101 04 3C000000 FFFFFF7F
80 992~
0F00 18 2A F302 0B03 02 1E000000 FFFFFF7F
80 98C~
0FA0 19 2C 5500 5900 02 1E000000 FFFFFF7F
80 F8B~
1040 1A 2C 5F00 6300 02 1E000000 FFFFFF7F
80 354~
10E0 1B 30 8403 8803 04 3C000000 FFFFFF7F
80 F6E~
1180 1C 31 7700 7700 05 1E000000 FFFFFF7F
80 05A~
1220 1D 31 7800 A900 02 1E000000 FFFFFF7F
80 FD9~
12C0 1E 31 9001 9902 02 1E000000 FFFFFF7F
80 1F7~
1360 1F 31 9B02 BB02 02 1E000000 FFFFFF7F
80 251~
1400 20 31 BC02 F202 02 1E000000 FFFFFF7F
80 D8D~
14A0 21 31 8903 E703 02 1E000000 FFFFFF7F
80 357~
1540 22 33 7700 7700 05 1E000000 FFFFFF7F
80 580~
15E0 23 33 7800 A900 02 1E000000 FFFFFF7F
80 B37~
1680 24 33 9001 9902 02 1E000000 FFFFFF7F
80 1C7~
1720 25 33 9B02 BB02 02 1E000000 FFFFFF7F
80 9AA~
17C0 26 33 AA00 0D01 02 1E000000 FFFFFF7F
80 171~
1860 27 33 BC02 F202 02 1E000000 FFFFFF7F
80 447~
1900 28 33 2303 8303 02 1E000000 FFFFFF7F
80 56F~ |
There are 0x28 entries
The Entrys
are selected by the BINK_ID and the RPC ('-BBB-' part of the
PID) which must be between min and max.
Hexediting these
values has no use because the entries are signed (checksumed)
with the hashdata at the end.
For ex mine is number
0x12
| Code: |
Offs. Indx ID min max LictypActiDays EvalDays Len Hash
...
0B40 12 2C 0500 5500 02 1E000000 FFFFFF7F
80 FA1~
|
I have a
retail (Licensetype 2) version, 30 days (0x1E) to activate,
no days for evalution (0x7FFFFFFF), my '-bbb-'of my PID is
somewhat between -005- and -085- (0x55) and my
BINK_ID('-dd'/2) is 2C.
So these info's for my PID were
used:
?????-013-???????-22???
Coperate Keys
Licencetypes:
1 Volumenlicense (Coperate)
2
Retail
3 Evalutionversion
4 TablePC???
5 OEM
6
Embedded System
hmm let's look at that Coperate
DataRecord again
0DC0 16 2E 8002 BB02 01 FFFFFF7F FFFFFF7F
80 6DC~
BINK_ID=0x2E -> 46 * 2 => 96
-bbb- =
0280..02bb-> 640..699
So all these PID's are
cooperated ones
?????-640-???????-96??? <- hehe the
well known -640- VLK's
?????-699-???????-96???
In
the programcode of winlogon there are some other restrictions
for
Licencetyp 1 Volumenlicense (Coperate).
And in the
decrypted oembios.dat 'type=volumen' must exists.
DaysForActi must be 7FFFFFFF
Must not be a
PersonalWorkstation( Suitemask == 0200) means XP Home.
and
also HKLM\System\WPA\MediaCenter\[Installed]==1 must not
exists.
With help of the BINK_ID you are able to check
whether your setup (pidgen.dll) can create a cooperated CDKEY
you need for your windows(dpcdll.dll)
ID is the BINK_ID of
the BINK Resource of pidgen.dll.
If your open
pidgen.dll in Resource Hacker (or any other
resourceeditor) the first byte of the included BINK resources
is the BINK_ID.
| Code: |
000054E0 2C 00 00 00 6C 01 00 00 07 00 00 00 2C EB F3
^^ |
My pidgen.dll contained two BINK_Resources with
the ID' 2C and 2D. So it's not able to a 2E cooperated
DigitalProductID.
| Code: |
Offs. Indx ID V2 V3 LictypActiDays
EvalDays Len Hash
0DC0 16 2E 8002 BB02 01 FFFFFF7F FFFFFF7F
80 6DC~
|
The Registry / Days to Activate
setting
Like every dayscounting down program also
the WPA-must store the installation
date somewhere to
calculate the days remaining.
That's a list where this
data is stored:
GetTrialdata
* HWID
HKLM\SYSTEM\WPA\<AdditionalGracePeriodTags>
* PR
HKLM\SYSTEM\WPA\<RegtimeTags>
* RT
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion
"LicenseInfo"=""
* LT
HKLM\SECURITY\Policy\Secrets\L${6B3E6424-AF3E-4bff-ACB6-DA535F0DDC0A}
* LICSTORE WPA.DBL!33
^^ -> "Global\WPA_xx_MUTEX"
At all these locations there's an encrypted 0x38 byte
datablock:
| Code: |
Offset Snapshot_1
Snapshot_2 Meaning
-------------------------------------------
$ 0 00000038 00000038
Size (Fix)
$+4 800012AC 800012AC
version
800112AC when
VER_SUITE_ENTERPRISE|PERSONAL
InstallationDate
$+8 0002 07D5 0002 07D5
02.2005
$+C 001A 0006 001A 0006 25
06(Sa)
$+10 0032 0004 0032 0004
04:50
$+14 0157 0034 0157 0034
54:343
DateWhenThisDateWasStore
$+18 0002 07D5 0002 07D5
Month.Year
$+1C 0011 0004 0010 0003 Day
Weekday
$+20 0023 0003 002D 0015
Hour:Minute
$+24 02FD 0025 0148 000D
Sec:mSec
Hash for validating Data above
$+28 813EB964 BD2C80E3
Hash
$+2C 05522CBE C5307B0A
Hash
$+30 3B420E01 2A5A86E5
Hash
$+34 3C1DC379 A2582E26
Hash |
MUTEX: = MUTually EXclusive access to a
shared resource
A mutex object is a synchronization object
whose state is set
to signaled when it is not owned by any
thread, and
nonsignaled when it is owned.
Since
the WPA-is multithreading it must ensure that not two thread
are accessing the same
Registry setting at the same time.
So for ex for the time WPA.DBL!33 is read
the
"Global\WPA_LICSTORE_MUTEX" is held so no other thread can
read/must wait until
read WPA.DBL!33 is finished and it's
released.
with help of the debug infos from winlogon.pdb I
could guessed what the
abbreviation means:
PR
ProtectedRegistry
RT Register- or RuntimeTime
LT
LSATimer
HWID HardwareIDenfikation GracePeriod
LICSTORE LicenseSTORE
Even the WPA can't
delete its values so incase
it wants to 'delete' a value
it creates key
without a value.
The 'GetTrialdata'
functions checks the existence of the
keys in the
following order and always only opens
the last found. Then
it tries to read the values - and if
there are none it
fails.
Ex.
So let say "SigningHash" "ReSigningHash"
exists then you will
have to create "EntryHash" (and if
there is also "HashID" additionally you have to create
"ReHashID").
Now only "EntryHash" is used and because it's
empty it 'replaces/overwrite' the old settings.
wszRegtimeFormatString %s-%s
"SigningHash"
"ReSigningHash" "EntryHash" "ExitHash"
"ImportHash"
"ExportHash" "StartHash" "EndHash"
aszAdditionalGracePeriodTags
"HashID" "ReHashID"
"HashAlgID" "ExHashAlgID"
"KeyHashMatrix" "KeyHashCol"
"RowMatrix" "DiagMatrix"
"EnableHash" "DisableHash"
"ValidateCrc" "CancelCrc"
"CipherHash" "DecipherHash"
"CryptAlg" "DecryptAlg"
"RenewCrc" "ExpireCrc" "AllocBuf"
"FreeBuf"
"CipherMatrix" "CipherCol" "SignMatrix"
"ResignMatrix"
Reseting
'days to activate':
The simples one is to run
"rundll32.exe syssetup,SetupOobeBnk" (that's the same
command which is run if you install SP2)
If this don't
work addionally delete the registrykeys mentioned above
(First don't care about HKLM\SYSTEM\WPA)
Maybe
you've notice that you can't delete (or rename)
HKLM\SYSTEM\WPA\ - maybe that's why they call it
'ProtectedRegistry'-
If you create a new key under
HKLM\SYSTEM\WPA you can delete it - but after
you logon
again (WPA-check) you can't delete your Testkey.
To
make it short: All subkeys under HKLM\SYSTEM\WPA are
locked/protected
by calling ntdll!NtLockProductActivation.
[From there it's redirected to
NTOSKRNL.exe!_NtLockProductActivationKeys
-download
ntoskrnl.pdb Debugsymbols from MS to see it since there's no
normal export-]
It opens "\Machine\SYSTEM\WPA"
(=encrypted string
so you don't find it in the
NTOSKRNL.exe) and calls with each subkey
_IsRegistryKeyLocked/_NtLockRegistryKey which sets a bit
in memory
of that registrykey. If you want to
modify/delete such a key and this bit is found RegDeleteKey
returns an error and does nothing.
But this 'LockFlag'
only exists in a loaded registry in memory and is not saved to
disk.
The firsttime NtLockProductActivationKeys is called
from winlogon.exe
with is always called before your can
start regedit.
One possibility is to rewrite a small
program which deletes
'HKLM\SYSTEM\WPA' an then executes
the real winlogon.exe.
(paid attention that your app don't
terminates after launching winlogon
- let it wait until
winlogon terminates, use Sleep(9999999) or an endlessloop)
An other is to load [windows]\system32\config\system
hive into regedit.exe
from a second windows. If you don't
have a second Windows.
Export HKLM\SYSTEM to
[windows]\system32\config\system.new as an registry structure
file
(and not as a *.reg file!)
set cursor in
HKEY_LOCAL_MACHINE and load the file into lets say 'tmp'
now you can delete HKLM\tmp\WPA.
Rename 'system.new'
to 'system' from the recovery console/Dos/linux...
And
of course you can fix that problem at the root and nop out the
NtLockRegistryKey inside
NTOSKRNL.exe!NtLockProductActivationKeys...
Well I will go on and edit this post of some
new stuff comes out.
-But so far I think that's all. Maybe
the layout/language can be improved.
Your welcome to do
some corrections. Send me a Private Message and I will make
you to a moderator for this thread.
Last edited by crackware2k on Wed Mar
23, 2005 12:15 pm; edited 11 times in
total |
|
 |
Guest
|
 Posted: Fri Feb
18, 2005 12:51 am
Post subject: |
|
|
wow! anazing
Really
cool digging...and very interesting and useful info.
Pls
continue this topic, i'll be very attentive to u! |
|
|
BoRK
Guest
|
| Posted: Wed Mar
23, 2005 12:47 am
Post subject: |
|
|
W0W! damn, its one of the
most clever, extensive, and interesting info-guide about
security/activation system in windows xp/2003 oses!!!
crackware2k u are best of the best of windows oses
cracker...100%
pls, continue this...or if u can, make
BIG full "guide" about all ur finds from windows activation!
(as this post and many others that u posted before, can u
collect all-in-one guide (cuz its difficulty to jump through
the forum to search it all)...i promise it will be my favorite
guide!)
and thx a lot again! my 100% credits for
u... |
|
|
Leathal
NotepadUser
Joined: 13 Apr
2005
Posts: 3
|
| Posted: Wed Apr
13, 2005 4:24 pm Post
subject: |
|
|
I see that you point to the
corporate and eval version fo server 2003 in your code.
However Microsoft has made some serious changes in their stand
server line, non corps and evals.
When I attempt to
apply the latest patch 2.1.0 after I reinstall SP1 on Windows
2003 Server Standard Edition the software informs me that the
system is already patched, though I keep getting the
activation which tells me it is not.
Leathal |
|
|
Leathal
NotepadUser
Joined: 13 Apr
2005
Posts: 3
|
| Posted: Wed Apr
13, 2005 4:24 pm Post
subject: |
|
|
I see that you point to the
corporate and eval version fo server 2003 in your code.
However Microsoft has made some serious changes in their stand
server line, non corps and evals.
When I attempt to
apply the latest patch 2.1.0 after I reinstall SP1 on Windows
2003 Server Standard Edition the software informs me that the
system is already patched, though I keep getting the
activation which tells me it is not.
Leathal |
|
|
|