How to remove the “OEM driver activation” exploit and the “grace timer activation” exploit from a Windows Vista-based computer

All copies of Windows Vista require activation. However, the OEM driver activation exploit and the grace timer activation exploit bypass product activation. Therefore, they interfere with standard Windows operation. This article describes how to remove the OEM driver activation exploit and the grace timer activation exploit from a Windows Vista-based computer.

 

MORE INFORMATION

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs.

How to determine whether an activation exploit is present on the system

If activation exploits are present on the system, Windows Vista displays a dialog box that lists the activation exploits that are detected. To remove these activation exploits, follow the steps in the following sections.

Before you begin

Before you remove the activation exploits, enable the Show hidden files option, and then disable the Hide Protected Operating System Files option. To do this, follow these steps:

1. On the Windows Vista-based computer, click Start, type Folder Options in the Start Search box, and then click Folder Options in the Programs list.
If you are prompted for an administrator password or for confirmation, type the password, or click Continue.
2. In the Folder Options window, click the View tab.
3. In the Advanced settings area, click Show hidden files and folders.
4. Click to clear the Hide protected operating system files (Recommended) check box.
5. Click Yes to confirm that you want to display operating system files, and then click OK.

Note By removing these activation exploits, you may change the licensing state of your copy of Windows Vista. Before you remove these activation exploits, make sure that one of the following conditions is true:

You have upgraded the computer to Windows Vista Service Pack 1 (SP1).
You have a valid Windows Vista product key.

 

Remove the OEM driver activation exploit

Note If Windows Vista indicates that the OEM driver activation exploit has been detected, and you cannot locate either the driver file or the registry subkey in the following steps, you must obtain and install a genuine copy of Windows Vista.

To remove the OEM driver activation exploit, follow these steps:

1. Locate the Royal.sys file in the following folder:

Drive:\Windows\System32\drivers

Note Drive represents the drive on which Windows Vista is installed.

2. Delete the Royal.sys file.
3. Determine whether the following folder exists on the system:

Drive:\Windows\System32\DRVSTORE\royal_*<followed by many numbers>

If it exists, delete the royal_* folder.

4. Click Start, type regedit in the Start Search box, and then click regedit in the Programs list.
If you are prompted for an administrator password or for confirmation, type your password, or click Continue.
5. Locate the following registry subkey, and then right-click it:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\OemBiosDevice

6. Click Delete to delete this subkey.
7. Locate the following registry subkey, and then right-click it:

HKEY_LOCAL_MACHINE\Software\Microsoft\Genuine Advantage\WGAER_W\GenuineInfo

8. Click Delete to delete this subkey.
9. Exit Registry Editor.
10. Restart the computer.

 

Remove the grace timer activation exploit

Note If Windows Vista indicates that the Grace Timer exploit has been detected, and you cannot locate either the driver file or the registry subkey in the following steps, you must obtain and install a genuine copy of Windows Vista.

1. Locate the TimerStop.sys file in the following folder:

Drive:\Windows\System32

Note Drive represents the drive on which Windows Vista is installed.

2. Delete the TimerStop.sys file.
3. Click Start, type regedit in the Start Search box, and then click regedit in the Programs list.
If you are prompted for an administrator password or for confirmation, type your password, or click Continue.
4. Locate the following registry subkey, and then right-click it:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TimerStop

5. Click Delete to delete this subkey.
6. Locate the following registry subkey, and then right-click it:

HKEY_LOCAL_MACHINE\Software\Microsoft\Genuine Advantage\WGAER_W\GenuineInfo

7. Click Delete to delete this subkey.
8. Exit Registry Editor.
9. Restart the computer.

 


APPLIES TO
Windows Vista Business
Windows Vista Enterprise
Windows Vista Home Basic
Windows Vista Home Premium
Windows Vista Ultimate

——————————————–

Microsoft Knowledge Base Article

This article contents is Microsoft Copyrighted material.
Microsoft Corporation. All rights reserved. Terms of Use | Trademarks


You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

AddThis Social Bookmark Button

Leave a Reply

*
To prove that you're not a bot, enter this code
Anti-Spam Image