How to remove the "OEM driver" activation exploit and the "grace timer" activation exploit from a Windows Vista-based computer

INTRODUCTION

All copies of Windows Vista require activation. However, the OEM driver activation exploit and the grace timer activation exploit bypass product activation. Therefore, they interfere with standard Windows operation. This article describes how to remove the OEM driver activation exploit and the grace timer activation exploit from a Windows Vista-based computer.

More Information

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 How to back up and restore the registry in Windows

How to determine whether an activation exploit is present on the system

If activation exploits are present on the system, Windows Vista displays a dialog box that lists the activation exploits that are detected. To remove these activation exploits, follow the steps in the following sections.

Before you begin

Before you remove the activation exploits, enable the Show hidden files option, and then disable the Hide Protected Operating System Files option. To do this, follow these steps:
  1. On the Windows Vista-based computer, click StartStart button , type Folder Options in the
    Start Search box, and then click Folder Options in the Programs list.
    User Account Control permission If you are prompted for an administrator password or for confirmation, type the password, or click Continue.
  2. In the Folder Options window, click the
    View tab.
  3. In the Advanced settings area, click
    Show hidden files and folders.
  4. Click to clear the Hide protected operating system files (Recommended) check box.
  5. Click Yes to confirm that you want to display operating system files, and then click OK.
Note By removing these activation exploits, you may change the licensing state of your copy of Windows Vista. Before you remove these activation exploits, make sure that one of the following conditions is true:
  • You have upgraded the computer to Windows Vista Service Pack 1 (SP1).
  • You have a valid Windows Vista product key.

Remove the OEM driver activation exploit

Note If Windows Vista indicates that the OEM driver activation exploit has been detected, and you cannot locate either the driver file or the registry subkey in the following steps, you must obtain and install a genuine copy of Windows Vista.


To remove the OEM driver activation exploit, follow these steps:
  1. Locate the Royal.sys file in the following folder:
    Drive:\Windows\System32\drivers
    Note Drive represents the drive on which Windows Vista is installed.
  2. Delete the Royal.sys file.
  3. Determine whether the following folder exists on the system:
    Drive:\Windows\System32\DRVSTORE\royal_*<followed by many numbers>
    If it exists, delete the royal_* folder.
  4. Click StartStart button , type
    regedit in the Start Search box, and then click regedit in the Programs list.

    User Account Control permission If you are prompted for an administrator password or for confirmation, type your password, or click
    Continue.
  5. Locate the following registry subkey, and then right-click it:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OemBiosDevice
  6. Click Delete to delete this subkey.
  7. Locate the following registry subkey, and then right-click it:
    HKEY_LOCAL_MACHINE\Software\Microsoft\Genuine Advantage\WGAER_M\GenuineInfo
  8. Click Delete to delete this subkey.
  9. Exit Registry Editor.
  10. Restart the computer.

Remove the grace timer activation exploit

Note If Windows Vista indicates that the Grace Timer activation exploit has been detected, and you cannot locate either the driver file or the registry subkey in the following steps, you must obtain and install a genuine copy of Windows Vista.
  1. Locate the TimerStop.sys file in the following folder:
    Drive:\Windows\System32
    Note Drive represents the drive on which Windows Vista is installed.
  2. Delete the TimerStop.sys file.
  3. Click StartStart button , type
    regedit in the Start Search box, and then click regedit in the Programs list.

    User Account Control permission If you are prompted for an administrator password or for confirmation, type your password, or click
    Continue.
  4. Locate the following registry subkey, and then right-click it:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TimerStop
  5. Click Delete to delete this subkey.
  6. Locate the following registry subkey, and then right-click it:
    HKEY_LOCAL_MACHINE\Software\Microsoft\Genuine Advantage\WGAER_M\GenuineInfo
  7. Click Delete to delete this subkey.
  8. Exit Registry Editor.
  9. Restart the computer.
คุณสมบัติ

รหัสบทความ: 948253 - การตรวจสอบครั้งสุดท้าย: 18 พ.ค. 2009 - ฉบับแก้ไข: 1

คำติชม