Confessions of a Windows 7 pirate

Confessions of a Windows 7 pirate

Summary: I've been hanging out with a bad crowd lately, trying out popular hacking tools and utilities to see if I could install Windows 7 without paying for it. Unfortunately, I succeeded. In this post, I'll share my experiences, including close encounters with some very nasty malware and some analysis on how the latest showdown between Microsoft and the pirates is likely to play out.


I've been hanging out with a bad crowd lately.

In the interest of research, I've been digging into message boards and forums run by unabashed Windows enthusiasts who are intent on breaking Microsoft's activation technology. I've had these forums bookmarked for years and stop in every once in a while just to see what's new. This time I decided to drop by and actually try some of tools and utilities to see if I could become a pirate, too.

Unfortunately, I succeeded.

In this post, I'll share my experiences, including close encounters with some very nasty malware and some analysis on how the latest showdown between Microsoft and the pirates is likely to play out.

You won't find names or direct links here—although these guys seem like genuine enthusiasts, I have no intention of giving them any free publicity. But if you're interested in tracking down the tools I tested you should have no trouble finding them using the clues available in screenshots and descriptions here.

If you do intend to try this stuff out for yourself, I recommend extreme caution. My hunt for utilities that bypass Windows 7 activation technologies led me to some very seedy corners of the Internet. First, I did what any red-blooded wannabe pirate would do and tried some Google searches. Of the first 10 hits, six were inactive or had been taken down. After downloading files from the remaining four sites, I submitted them to, where three of the four samples came back positive for nasty, difficult-to-remove Windows 7 rootkits. Here's one example:

And that experience is borne out by at least one real-world experience, which was reported, ironically, in the Talkback section of this blog. After I wrote about Microsoft's most recent anti-piracy initiative last week, one commenter (a loud, proud Linux advocate) insisted that the update opened a secret back-channel, probably as part of a plot by Microsoft to covertly gain access to its customers' PCs. A day or so later, after checking with his Windows-using friend, he returned with this sheepish admission:

It turns out his iso was not a bona fide purchased copy [of Windows 7], but rather a cracked version off of the net. In all likelihood the iso was trojaned…

Indeed. Which is why I exercised extraordinary caution. For my hands-on tests, I used a fresh copy of Windows 7 Ultimate, installed without a product key. I then looked at two widely distributed tools that work in completely different ways.

Page 2: Disabling Windows activation completely
A clever little tool called RemoveWAT not only disables Microsoft's activation subsystem, it also installs the latest anti-piracy update from Microsoft and then disables it, too!

Page 3: Fooling Windows by tinkering with the BIOS
Big PC makers get to install copies of Windows that don't require activation. Naturally, pirates soon figured out how to make any PC look like it came from one of those big factories.

Page 4: Microsoft versus the pirates
Pirates are clever and fast. Microsoft is highly motivated to keep its lucrative Windows revenue stream intact. Are customers going to get caught in the crossfire?

Details and screenshots begin on the next page.

Topics: Microsoft, Enterprise Software, Hardware, Operating Systems, Piracy, Security, Software, Windows

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Interesting

    One of the more interesting blogs in a while.
    • 1

      Agreed. Very nice work, Ed. I was worried for a
      little bit that investigative journalism was a
      relic of the past.
      • Thanks

        I suspect you initially typed "+1" as the subject and ran into the funny little bug that strips away leading plus signs. ;)
        Ed Bott
      • highly interesting

        This was one of the more interesting ones. I pay for windows but I dislike having M$ inspect my computer whenever it wants. Like checking to see if anyone has pooped their pants, heh.
      • No Kidding!!!! (NT)

        Darth Malus
    • Agreed, I'm not usually a fan but this was a good blog post. nt

    • Great Article

      I'm amazed how quickly the RemoveWAP developer returned with a fix for Microsoft's "Fix".
    • simple: researched, not written 5 min. before publication

    • Agreed.

      It's good to know that Windows has gone the way of Assassin's Creed 2 (you don't just need an Internet connection during the initial install, you also need connected after that, or it stops working).

      Of course, the pirated versions (which disable this check) won't have such a problem.

      Pirates: 1
      Paying customers: 0

      [sarcasm]What a great business model these companies have come up with. I can see their sales instantly rocketing through the roof in response.[/sarcasm]
    • 1

      Great article, Ed. I'm very much looking forward to your "analysis" report!

      I'm almost tempted to go and have some fun with these "tools" myself now but I've already purchased my very legal OEM System Builder Pack. Oh well, perhaps the next release ;)
    • RE: Confessions of a Windows 7 pirate

      @Ed Bott

      Great article! Sounds like pirating is actually easier than getting a Win7 64 upgrade to upgrade a Vista 32 OEM. Oi.

      Of course, I usually don't have to do things like that. I'm a Mac ;-)
    • RE: Confessions of a Windows 7 pirate

      I heard that a legit copy of Windows keeps asking you whether it is a legit copy whereas a pirated copy often has the advantage of not bothering to ask.

      Not that i would use Windows now, given the choice. This article just reminds us how flaky and vulnerable Windows is. Even a non-pirate copy has risk of infection.
      Regards from
      Tom :)
  • Direct quote

    It's a direct quote, DT. And up until you struck it out (kudos to you for not just deleting it), you had been insisting that the update was opening port 1234.

    What was inaccurate, specifically?
    Ed Bott
    • Show me a quote that backs up your assertion

      [i]"you had been insisting that the update was opening port 1234."[/i]

      Readers will interpret that I was asking a series of carefully crafted guided questions, which you opted to either not answer or make fun of (Custom Tin Foil Hat).
      • I tested it, DT

        DT, I actually got out a copy of Wireshark and Process Monitor and spent several hours testing, in response to your alarming insinuations. I found nothing to back up your repeated claims that the patch opened port 1234. In fact, I found exactly the opposite, as you'll read in tomorrow's detailed follow-up.

        Your comments made no sense until you came back (thanks) and added that the copy you were reporting on, secondhand, was pirated and probably infected with a Trojan.

        So, if anyone wants to go back and read the comment thread, that's what they'll see.
        Ed Bott
        • I don't see a quote to back up your assertion Ed.

          I know what I wrote. Don't put words in my mouth.

          The point that stands out is that if users of W7 had a trusted repository from which to download their non-copy protected software, including the O/S, these issues would cease to exist.

          This blog is yet another redirection away from the real substantive issues concerning Microsoft Windows.

          The most recent BSoD/rootkit issue (still not fixed) is a road side billboard that punctuates Microsoft Windows' chronic ongoing security design issues that carry forward today into their newest product, Windows 7, and of the worst possible kind: an as yet unfixed rootkit infection.
          • Realy?

            How difficult would it be to make a system image then?
          • Sorry, I am not sure I understand your question. Elaborate pls.

          • Great Point...

            I mean after one obtains a virus free copy of the Windows 7 ISO and installs, yes, using Ghost 15 to image for instance, this is a lay-up. No difference between implementing a legit copy than an illegal one.

            I use on my various machines of Ghost Images to clone and implement. Never a problem. I mean other than installing the necessary drivers akin to a particular machine that may have different hardware.
            Darth Malus
          • Windows activation ripoff

            I like to tinker with laptops, I look for what I think may be a good deal on ebay and usually get a laptop in need of some type of repair wether it be a screen or bad hard drive, etc.. But here's the deal-by the time I get the laptop and buy the needed parts to repair it there is not much room for profit very often and I have a genuine copy of Windows 7 ultimate, but have already used the product activation code on a previous system. So now I still have the software but no way to activate it unless I pay $299. to Microsoft for another product key. By the time I do all of that I could have bought a brand new laptop at a retail store. To me this seems very unfair, if you pay the $299 once you shouldn't have to pay it again and again ! If this is the way microsoft continues to do business than I hope Apple puts them out of business ! Let me know your thoughts, idea's and or advice if you like, thanks, -Jim
            Jim Watkins