Win7正版變盜版，怎么辦？再把盜版變正版

Win7之家（ afsion.com.cn）：Win7正版變盜版，怎么辦？再把盜版變正版

軟媒編輯評論：

這篇文章看完第一篇，糊里糊涂的，看完第二遍還是，第三遍后，決定不看了。但還是發(fā)了出來，也許對有些朋友有幫助。

Win7正版變盜版，怎么辦？再把盜版變正版

據(jù)國外媒體報道，日前，微軟表示，盜版的Windows 7 RTM能夠被轉(zhuǎn)變?yōu)檎�版的合法軟件，但是前提是這個平臺原本就是正版的。

據(jù)了解，微軟一共向用戶提供了兩項措施去使得盜版Windows7還原為正版軟件。微軟表示，前段時間，有一部分Windows 7用戶反應(yīng)，在他們登錄Windows 7之后，收到了包含以下消息的Windows激活窗口：“Windows不是正版的，您的計算機可能無法運行盜版的Windows。0x80070005。”

在Windows7 RTM發(fā)布之前，筆者曾經(jīng)通過MSDN賬號下載了Windows 7旗艦版的RC版本進行試用，并從微軟那里獲得了一個正版的產(chǎn)品密匙。后來，我的Windows系統(tǒng)便出現(xiàn)了微軟所述的狀況：電腦桌面背景變?yōu)榧兒谏�，右下角的屏幕上出現(xiàn)以下錯誤信息：“這個Windows不是正版的”。

當筆者查看系統(tǒng)屬性（控制面板/系統(tǒng)和安全/系統(tǒng)）的時候會收到如下信息：您必須對Winodws進行激活，立即激活Windows。而當筆者使用slmgr.vbs /dlv 去查看許可狀態(tài)的時候，筆者收到如下信息：“錯誤：0x80070005 訪問被拒絕：所請求的操作需提升特權(quán)。”

實際上，微軟深知Windows7由正版變?yōu)楸I版這個問題，并將其記錄在微軟支持中。然而，就筆者的角度來講，Windows7是自動地由正版變?yōu)楸I版的。在安裝Windows 7 RC之后，筆者沒有安裝任何新的應(yīng)用程序、沒有攪亂注冊表、沒有玩組策略，但是在啟動之后就會發(fā)現(xiàn)運行的是一個非正版Windows 7副本。

對此，微軟解釋道，之所以會發(fā)生這個問題，就是因為注冊密匙 HKU\S-1-5-20中缺少權(quán)限。微軟表示，網(wǎng)絡(luò)服務(wù)賬號必須對注冊密匙具備完全的控制權(quán)和閱讀密匙的權(quán)限。這種情況可能是套用即插即用組策略對象（GPO）的結(jié)果。

計算機配置/策略/Windows設(shè)置/安全設(shè)置/系統(tǒng)服務(wù)/即插即用（啟動模式：自動）。顯然地，授權(quán)服務(wù)是利用“即插即用”去攫取硬件的ID信息，以此將許可證綁定到計算機中。微軟表示，這種設(shè)置可能會使得原本正版的激活的Windows 7變成盜版的。

目前，微軟并沒有發(fā)布更新去解決這個問題，甚至沒有提供修復(fù)程序。不過，受到這個問題影響的消費者能夠通過以下措施中的其中一個去解決這個問題，詳細步驟如下：

方法A：禁用即插即用策略

1、確定策略的源頭：

　　a：在客戶端遇到激活錯誤，通過單擊開始、運行、輸入 rsop.msc 命令去運行策略向?qū)В?/p>

　　b：訪問以下位置：計算機配置/策略/Windows設(shè)置/安全設(shè)置/系統(tǒng)服務(wù)；

　　如果即插即用服務(wù)是通過組策略設(shè)置進行配置的，您將會看到使用這個設(shè)置的組策略。

2、禁用組策略設(shè)置，重新應(yīng)用組策略：

　　a、編輯步驟1中的組策略，將設(shè)置更改為“Not Defined”（沒有定義），添加網(wǎng)絡(luò)服務(wù)賬戶所需的權(quán)限；

　　b、重新命令行應(yīng)用組策略：gpupdate /force；

方法B：修改組策略的權(quán)限；

　　1、打開A方法步驟1中的組策略，打開相應(yīng)的組策略設(shè)置；

　　2、點擊編輯安全按鈕，然后點擊高級按鈕；

 　　3、在高級安全設(shè)置的即插即用窗口中，點擊添加，然后添加服務(wù)賬號，最后單擊確定即可；

　　4、在允許區(qū)域中選擇以下的權(quán)限，然后單擊確定：

　　查詢模板、查詢狀態(tài)、枚舉從屬單元、用戶定義控制、讀取權(quán)限

　　注：原本的權(quán)限是所需的最低權(quán)限

　　5、在組策略設(shè)置中應(yīng)用以前的權(quán)限后，命令行運行g(shù)pupdate /force；

　　6、確認使用以下命令應(yīng)用適當?shù)臋?quán)限：sc sdshow plugplay；

　　以下是SDDL即插即用服務(wù)中的權(quán)限：

　　D:(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)
　　(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)
　　(A;;CCLCSWLOCRRC;;;IU)
　　(A;;CCLCSWLOCRRC;;;SU)
　　S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)
　　(A;;CC LC SW LO CR RC ;;;SU is an Access Control Entry (ACE) that allows the following rights to "SU" (SDDL_SERVICE – Service logon user)

　　A: Access Allowed（允許訪問）
　　CC: Create Child （創(chuàng)建子）
　　LC: List Children （列舉子）
　　SW: Self Write
　　LO: List Object（列舉對象）
　　CR: Control Access （控制訪問）
　　RC: Read Control （閱讀控制）
　　SU: Service Logon User（服務(wù)登錄用戶）

　　完成上述操作后，啟動注冊表編輯器，右擊注冊表項 HKEY_USERS\S-1-5-20，然后選擇權(quán)限。如果網(wǎng)絡(luò)服務(wù)不存在，單擊添加，輸入對象名稱去選擇鍵入網(wǎng)絡(luò)服務(wù)，然后點擊查看名稱和確定。選擇網(wǎng)絡(luò)服務(wù)、授予完全控制和讀取權(quán)限，重啟電腦。重啟之后，系統(tǒng)可能會需要激活，然后完成激活之后，原本盜版的Windows7就被還原成正版了。

 軟媒特別提供英文原文如下：

Make “Pirated” Windows 7 RTM Genuine
Provided that Windows was genuine in the first place

Pirated copies of Windows 7 RTM can be turned fully genuine, according to Microsoft, but only if the platform was genuine to begin with. The Redmond company has documented two workarounds designed to allow customers to save their copy of Windows, provided that Windows 7 managed to go rogue. According to the software giant, users of the latest iteration of the Windows client have reported that immediately after log on, they were presented with a Windows Activation window featuring the following message: “Windows is not genuine. Your computer might not be running a counterfeit copy of Windows. 0x80070005.”

On a small side note, this has actually happened to me on a Release Candidate build of Windows 7 Ultimate downloaded from my MSDN account and activated with one of the product keys from Microsoft. In this regard, I can confirm the symptoms enumerated by Microsoft, including “the computer desktop background is black, and you receive the following error message on the bottom right corner of the screen: “This copy of Windows is not genuine.” You receive the following error message when you view the System Properties: (Control Panel / System and Security / System): “You must activate today. Activate Windows now.” If you try to use slmgr.vbs /dlv to view the licensing status, you receive the following message: Error: 0x80070005 Access denied: the requested action requires elevated privileges.”

The Redmond company is well aware of the problem and even documented it on Microsoft Support. However, in my case, Windows 7 went pirate all on its own. I hadn’t installed any new applications, hadn’t messed around with the registry, and didn’t play with Group Policy, since this was my home machine. I simply shut the computer down only to find it running a non-Genuine copy of Windows 7. However, all I had to do was restart my Windows 7 machine, and all was well.

Microsoft explained that the issue documented is cause by a lack of permissions in the registry key HKU\S-1-5-20. “The Network Service account must have full control and read permissions over that registry key. This situation may be the result of applying a Plug and Play Group Policy object (GPO). Computer Configuration / Policies / Windows Settings /Security Settings / System Services / Plug and Play (Startup Mode: Automatic),” the company stated.

Apparently, the Licensing service leverages Plug and Play in order to grab hardware ID information. In doing so, it ties the license to the computer. According to Microsoft, such a setting is capable of generating an exception which can throw a genuine, and previously activated copy of Windows 7 out of tolerance.

Microsoft doesn’t have an update designed to resolve the issue, and is not even offering a hotfix. Still, customers affected by this issue can turn to one of two workarounds detailed by the Redmond company, which have been included below:

"Method A: Disable the Plug and Play Policy

1. Determine the source of the policy . To do this, follow these steps:

a. On the client experiencing the Activation error, run the Resultant Set of Policy wizard by clicking Start, Run and entering rsop.msc as the command.
b. Visit the following location: Computer Configuration / Policies / Windows Settings /Security Settings / System Services /

If the Plug and Play service is configured through a Group Policy setting, you see it here with settings other than Not Defined. Additionally, you can see which Group Policy is applying this setting.
2. Disable the Group Policy settings and force the Group Policy to be reapplied.

a. Edit the Group Policy that is identified in Step 1 and change the setting to “Not Defined.” Or, follow the section below to add the required permissions for the Network Service account.
b. Force the Group Policy setting to reapply: gpupdate /force (a restart of the client is sometimes required)

Method B: Edit the permissions of the Group Policy:

1. Open the Group Policy that is identified in Method A, Step 1 above, and open the corresponding Group Policy setting.
2. Click the Edit Security button, and then click the Advanced button.
3. In the Advanced Security Settings for Plug and Play window click Add and then add the SERVICE account. Then, click OK
4. Select the following permissions in the Allow section and then click OK:

Query template
Query status
Enumerate dependents
Interrogate
User-defined control
Read permissions

Note: The Previous rights are the minimum required permissions.

5. Run gpupdate /force after you apply the previous permissions to the Group Policy setting.

6. Verify that the appropriate permissions are applied with the following command:

sc sdshow plugplay

The following are the rights applied to the Plug and Play service in SDDL:

D:(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)
(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)
(A;;CCLCSWLOCRRC;;;IU)
(A;;CCLCSWLOCRRC;;;SU)
S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)

(A;;CC LC SW LO CR RC ;;;SU is an Access Control Entry (ACE) that allows the following rights to "SU" (SDDL_SERVICE – Service logon user)

A: Access Allowed
CC: Create Child
LC: List Children
SW: Self Write
LO: List Object
CR: Control Access
RC: Read Control
SU: Service Logon User

Note: If there are no GPO's in place, then another activity may have changed the default registry permissions. To work around this issue, perform the following steps:

On the computer that is out of tolerance, start Registry Editor.
Right-click the registry key HKEY_USERS\S-1-5-20, and select Permissions...
If the NETWORK SERVICE is not present, click Add...
In Enter the object names to select type Network Service and then click Check Names and OK.
Select the NETWORK SERVICE and Grant Full Control and Read permissions.
Restart the computer.
After the restart, the system may require activation. Complete the activation."