When you rearm, what changes?

Discussion in 'Windows 7' started by ifeife2, Aug 27, 2009.

  1. ifeife2

    ifeife2 MDL Member

    Apr 25, 2008
    135
    3
    10
    I was wondering what registry folders and/or disk files get modified when you rearm?

    So, I could try something like install, make a files backup, use for 9 months, then replace the backup registry keys and disk files. Then I can rearm again after 9 months and be back to 2 rearms left.

    Sorry if this topic is too hard or impossible to do.

    p.s. yes i know loader avoids this, but I'm searching to learn how windows functions
     
  2. ifeife2

    ifeife2 MDL Member

    Apr 25, 2008
    135
    3
    10
    I was hoping I was not the first person to try to find out. Hopefully someone with experience has done a backup and restore or has read about it on a blog somewhere.
     
  3. secr9tos

    secr9tos MDL Addicted

    Jul 28, 2009
    999
    133
    30
    I don't think that if you "backup & replace" the keys and files which are changed by slmgr.vbs -rearm will give you unlimited rearms. If you use x86 grab OllyDbg ( on x64 anything similar ) and disassemble the specific function that gives you another 30 days of initial grace period. Which means: You need to bypass the limitation of 3 rearms.

    Good luck, ...............................or use bios mod....
     
  4. frwil

    frwil MDL Addicted

    Sep 22, 2008
    520
    159
    30
    #5 frwil, Aug 27, 2009
    Last edited: Aug 27, 2009
    What is definitely changed by rearm is the unfamous tokens.dat file. It just grows up in size because of some additional licences being implanted into it. But replacing it with initial copy doesn't help much. I've read, but never bothered to check, that rearm also changes three keys in registry, but those keys can't be accessed and changed back no matter what rights you'll try to get. So the only option is to back-up and later replace the registry files themselves, apparently this can be done only from another OS. So the experiment should be like this: install two OS, choose one for experiment, back-up tokens.dat and probably cache.dat and all 5 (or less) registry files in system32\config folder. Run three rearms. Then from another OS replace those files by back-upped. And see if 3 rearms will be back...