Confessions of a Windows 7 pirate. I've been hanging out with a bad crowd lately. In the interest of research, I've been digging into message boards and forums run by unabashed Windows enthusiasts who are intent on breaking Microsoft's activation technology.
I've had these forums bookmarked for years and stop in every once in a while just to see what's new. This time I decided to drop by and actually try some of tools and utilities to see if I could become a pirate, too. Unfortunately, I succeeded. In this post, I'll share my experiences, including close encounters with some very nasty malware and some analysis on how the latest showdown between Microsoft and the pirates is likely to play out. You won't find names or direct links here- -although these guys seem like genuine enthusiasts, I have no intention of giving them any free publicity. But if you're interested in tracking down the tools I tested you should have no trouble finding them using the clues available in screenshots and descriptions here.
If you need to update your bios OEM serial key: 1. Go to start -> hold shift and click run (If you do not see run, simply type run in the start menu’s search box. Windows KMS Activator Ultimate 2016 v2.8 Is Here! [Latest] Windows KMS Activator Ultimate 2016. Windows KMS Activator Ultimate 2016 – this is the most simple and. If you still have your Microsoft product key for your copy of Windows 7 then you can download the version that your product key if for directly from Microsoft using. Product Key refers to the traditional method of upgrading or licensing any version of Windows. If you purchase a new copy of Windows 10 from a retailer, have a Volume.
If you do intend to try this stuff out for yourself, I recommend extreme caution. My hunt for utilities that bypass Windows 7 activation technologies led me to some very seedy corners of the Internet.
First, I did what any red- blooded wannabe pirate would do and tried some Google searches. Of the first 1. 0 hits, six were inactive or had been taken down.
After downloading files from the remaining four sites, I submitted them to Virustotal. Windows 7 rootkits.
Here's one example: And that experience is borne out by at least one real- world experience, which was reported, ironically, in the Talkback section of this blog. After I wrote about Microsoft's most recent anti- piracy initiative last week, one commenter (a loud, proud Linux advocate) insisted that the update opened a secret back- channel, probably as part of a plot by Microsoft to covertly gain access to its customers' PCs. A day or so later, after checking with his Windows- using friend, he returned with this sheepish admission: It turns out his iso was not a bona fide purchased copy [of Windows 7], but rather a cracked version off of the net. In all likelihood the iso was trojaned.. Indeed. Which is why I exercised extraordinary caution. For my hands- on tests, I used a fresh copy of Windows 7 Ultimate, installed without a product key. I then looked at two widely distributed tools that work in completely different ways.
Page 2: Disabling Windows activation completely. A clever little tool called Remove. WAT not only disables Microsoft's activation subsystem, it also installs the latest anti- piracy update from Microsoft and then disables it, too! Page 3: Fooling Windows by tinkering with the BIOSBig PC makers get to install copies of Windows that don't require activation. Naturally, pirates soon figured out how to make any PC look like it came from one of those big factories.
Page 4: Microsoft versus the pirates. Pirates are clever and fast.
Microsoft is highly motivated to keep its lucrative Windows revenue stream intact. Are customers going to get caught in the crossfire?
Details and screenshots begin on the next page. Disabling Windows activation checks completely. Remove. WAT first appeared last summer, around the time Windows 7 was released to manufacturing. The philosophy behind this small utility is simple: It disables the Windows Activation Technologies function while allowing the system to retain its Genuine status in every official check by Microsoft. The most recent version claims to work with all editions of Windows 7 and Windows Server 2.
R2. (It does not work with Windows Vista or Windows Server 2. I downloaded the most recent edition of Remove. WAT (v. 2. 2. 5) and verified that it was clean. The single . exe file is small (less than 7. MB), and the UI is simple: After clicking the Remove WAT button and rebooting, I noticed a subtle but significant change in the System properties dialog box. The section describing my system's activation status was gone.
There was no sign of a Product ID or activation status. Nothing. Previously, a message in that section had told me that I had 3. A close inspection of the Windows\System. Remove. WAT installed its own patched version of a crucial DLL file in the Software Licensing subsystem, Slwga. Thoughtfully, the program's developer had coded it to save a backup of the actual file so that it could be restored if necessary. And when I tested the Restore WAT function, I found it worked just fine on my system.)As far as Windows was concerned, the system was perfectly valid.
I was able to download and install optional updates through Windows Update and successfully validated the system so that I could install products reserved for Genuine Windows customers. I was also able to install Microsoft Security Essentials, which performs a validation check during setup. In a fitting piece of irony, the most recent version of Remove. WAT actually goes out of its way to install Microsoft's WAT Update (KB9. Remove. WAT. The pirate code remained working even when I ran the WAT update manually. Page 3: Roll your own free OEM copy?
Fooling Windows by tinkering with the BIOSThe other popular approach toward cracking Windows activation takes advantage of the difference between retail and OEM copies of Windows. Retail copies have to be activated using a unique serial number. OEM copies from large system makers (Dell, Toshiba, HP, and so on, collectively known as Royalty OEMs) use a technique called System Locked Preinstallation (SLP). The preinstalled copy of Windows uses a single master product key tied to specific information in the system BIOS that is unique to that manufacturer's systems. If the encrypted licensing information in the preinstalled copy of Windows matches the information in the BIOS, no activation is required.
Windows pirates figured out how to exploit this hack around the time Windows Vista was launched. The Windows 7 Loader program, which I used on a test system, looks at your PC's BIOS to see whether it contains an ACPI_SLIC table with software licensing information ("markers" for the Windows operating system and the name of the computer maker).
If the SLIC table is present, the tool installs the correct product key for your Windows 7 edition along with a digital certificate; the combination mimics a legitimate OEM preinstallation. For systems with a BIOS that doesn't contain the proper SLIC tables (a scenario I didn't test), it uses an alternate boot loader (typically some variant of GRUB) and installs BIOS emulation code to fool the system into thinking your system is a legitimate OEM installation. You can use the one- click installer or select from advanced options to personalize your PC by choosing a particular brand.
In this case, I had installed a retail copy of Windows 7 Home Premium on a relatively new system (purchased in mid- 2. Windows Vista. I didn't enter a product key during setup, and I had gone more than 3. Here's what I saw when I ran W7. Loader: The installer correctly detected the brand (Dell) and Windows 7 edition.
When I clicked the Install Certificate and Serial button on the right, I was greeted with this message: The system, which had never been activated, had previously been nagging me with "non- Genuine" warning messages. As soon as the pirate tool completed its work, the watermark on the black desktop went away and the System properties dialog box told me I was activated with a Dell OEM product ID. Page 4: The Empire strikes back - -> The Empire strikes back. The two exploits I describe in this post are certainly not the only ones out there. Indeed, Windows pirates have been playing a cat- and- mouse game with Microsoft for years.
In the Windows XP era, pirates focused most often on stealing legitimate product keys, especially Volume License keys. Beginning with Windows Vista, Microsoft has begun building anti- piracy components directly into the operating system, and pirates have aimed their hacking skills at those components with increasing sophistication. The latest salvo from Microsoft in the war against pirates is the Windows Activation Technologies Update (KB9. In its default configuration, it performs an initial validation check and then repeats the process every 9.
When I initially wrote about this subject last month, the question I heard most often was, "Why does it need to keep checking? If I get validated, shouldn't that be good enough?"Unfortunately, the experiences I've written about here prove why that strategy doesn't work. If you used a copy of Remove.