Browsing the archives for the Windows Live tag

27May10 Purifier 2.0.0 Released

Introduction

After one year of the release of Windows Live Messenger 2009 (version 14.0), I finally downloaded and installed it and felt that there’s much to do on it, including writing new codes to automatically patch your WLM 8.5 as introduced in “Windows Live Messenger 8.5 is Resurrected”. Another thought came into my mind that I used to patch, in other words, modify, certain binary files that were digitally signed. This is not a good thing in fact. Microsoft signed those files so that you could always verify if they were modified, say being infected by virii. If a user patched the signed files with Purifier or any other programs doing ad removal, she wouldn’t be able to tell if they were further modified afterwards by unauthorized source. Thus Purifier must take another method to patch without modifying installed files to protect its users.

Purifier 2.0.0 is finally out to achieve the goals we just mentioned and works for all WLM versions by now, namely 8.5 and 2009. Being rewritten from scratch and only patched in memory, all WLM files on hard disks remain in tact to preserve integrity. Also Purifier doesn’t patch UI directly anymore, which is ineffective; it now patches patterns used to parse ad URL’s, making itself robust against various versions of WLM.

Download

Usage

Purifier is a launcher of WLM. All you need to do is run it as WLM, and then everything goes as it was and you will see a clean WLM window pops up without ads.

Features

  • Removes ads
  • Stops older WLM versions from forcing users to update
  • Enables older WLM versions to have multiple instances
  • Modifies no system files and you can switch to run original WLM with ads anytime you want

Known Issues

  • As VirtualBox doesn’t support hardware breakpoint in software emulation mode, Purifier 2.0.0 doesn’t work under such environment and condition.
No Comments Posted by mifan in Release Notes
Tagged , ,
18Jun09 Notes on Windows Live Messenger 8.5

Last time in “Windows Live Messenger 8.5 is Resurrected” I mentioned about that I removed the limit of single process per user session on a Windows system as well as the update-reminding balloons. This time I am going to tell you how the WLM originally works on such both things and you will find that there no difficulty to patch them yourself.

1. Constraint on the number of WLM process

This is done by trying to create an event object with invoking the CreateEvent() API function using a constant event name. In our case of WLM 8.5, it is MSNMSGR. If you use tools to probe opened handles in a WLM process, you may find some thing like Figure.1. According to the MSDN document, if you try to create a named event that already exists, CreateEvent() will return the handle to the already-created event object, and a subsequent GetLastError() invocation returns ERROR_ALREADY_EXISTS. So during WLM’s initialization, it tries to create a named event object and check the return value from GetLastError(): if the value indicates an existed object, the process signals it and terminated itself.

opened handles
Figure.1

To present this flow in a more detailed perspective, I made the following pseudo code:

HANDLE hEvent = CreateEvent(NULL, true, NULL, "MSNMSGR");
if (hEvent == NULL) {
    goto OnError;
}
else if (GetLastError() == ERROR_ALREADY_EXISTS) {
    // we do this to notify the existing WLM process
    // to pop up its main window
    SetEvent(hEvent);

    goto ExitProcess;
}

// do some subsequent initialization
....

2. Retrieval of current version number from server

After the identity authentication passed, the WLM client send its current version information to the server by posting a VER message in the microsoft defined protocol (it is a plain text format). The server then respond a CVR message with the latest stable version number of client software and perhaps a URL to the new client download, depending on the information sent by the client earlier. If the server response contains a URL, then it means that the client side is recommended to upgrade its program, and an annoying balloon will come out. This portion of code is merely some string comparison, which parses the server response.

DWORD dwHead = *((DWORD*)szMsg);
switch (dwHead) {
    case 0x20524556:  // VER
        ...
        break;
    case 0x20525643:  // CVR
        ...
        break;
    ...
}

A fast but somewhat brute method to disable this behavior is to break the pattern used to be matched by parser. We only need to modify the string CVR in the executable image to anything else, so the program will not be able to recognize the latest client version and URL to download it. This does work and for now no side effects have been found by me, since the information provided with a CVR message will not be used ever after.

No Comments Posted by mifan in Software Hacking
Tagged , , ,
12Apr09 Windows Live Messenger 8.5 is Resurrected

Since the new version, or the so-called stable release, of Windows Live Messenger (build 14.0.8064.0206) was available for downloads, many of my friends have been complaining about its inconvenience brought by the yet modified UI design and its instability. In fact, most of them didn’t intended to apply the update, but the ANNOYING update balloon just kept popping up and said, “I will keep poking you until you install my new update, mate!”

As always fighting for the freedom of humankind, I can not tolerate this kind of rude behavior. So I yet modified the binary of Window Live Messenger 8.5, yes I did that again, to get rid of this foolish balloon. Because I have little time to rewrite Purifier recently, I can only upload the patched binaries for you, which are the same files I am using now.

http://cmlab.csie.ntu.edu.tw/~mifan/download/Messenger-8.5.1302.1008.rar

Version: 8.5.1302.1008
Language: Taiwanese

  1. Ad banners and texts are removed as Purifier has already done for you
  2. Support for multi-account logins is added (you will need to run a Messenger process for each account)
  3. No update-reminding balloons anymore

Note: some reported that the packed binaries didn’t work on a clean system.

No Comments Posted by mifan in Release Notes
Tagged , ,