none
My OS Win7 64 says it's genuine and has activated, but... RRS feed

  • Question

  • I only wish to ask this, not concerning a specific istallation:

    If some hacker seller wants, can he make a copy/image of an original genuine OEM DVD and tamper with a windows included program or feature during the process; after that sell it to only 1 client (I, me) and the client activate it and this way have a, for all effects, genuine piece of software he activates and uses naively? 

    Will the KB971033 or mrt.exe help me detect this possible case, or in case I am victim of such situation, is there a way I can check this?

    Many Thanks

    Sunday, August 31, 2014 7:42 PM

Answers

  • The MGADiag tool was written by MS specifically for use in public forums as a diagnostic aid.

    There is no personally-identifiable user information in it.

    Thousands of people have posted their data in these forums, and more thousands elsewhere.

    MS no longer sell Windows 7 to the public - and only sell OEM System Builder copies to distributors. It's likely that the only licenses you can get iin reputable stores are going to be OEM ones, as a result. Such licenses are locked to the machine on which they are originally activated, and cannot be moved (even if the machine dies 10 minutes after activation - at least in theory).

    Who did you purchase this copy from?

    It's very likely that they would refuse to take it back unless you showed good reason for the return - because you've opened the package, and they would then have to try and claim a refund from further down the chain, or because they are rip-off merchants who just want your money (and credit card info) while they sell you a counterfeit. Once you can prove that the thing is counterfeit you have a much better legal footing to demand a full refund so you can go elsewhere to purchase a legal copy.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, September 3, 2014 9:46 AM
    Moderator

All replies

  • Yes, it's possible (and almost trivial in some ways).

    If you're talking about Windows XP/Vista/7...

    Run the MGADiag tool (in the case of Win7, after installing the KB971033), and post the file here - we can check it out and give an opinion.

    We can give a pretty categorical statement if the system is 'obviously' counterfeit, but there are some borderline cases, and  some counterfeits are good enough to slip past even the best eyes. There are no technical means in the public domain which can reliably do as much.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Sunday, August 31, 2014 9:07 PM
    Moderator
  • I understand and appreciate that you are trying to help, but I'm very wary of displaying such info before I exhaust other ways.


    Imagine I am willing to buy another copy of Win7 and want to be sure it's the real thing. Nowadays most of the reputable stores (if not all of them) no longer sell Win7. Can I get 1 license directly from microsoft? Or better, 1 DVD. I have no machine which can guarantee to be a malware free platform where I can make the download to.

    Before that, since I got this copy I'm not comfotable with, could I return it to them and get a good one back, paying the difference?

    Thx

    Wednesday, September 3, 2014 9:09 AM
  • The MGADiag tool was written by MS specifically for use in public forums as a diagnostic aid.

    There is no personally-identifiable user information in it.

    Thousands of people have posted their data in these forums, and more thousands elsewhere.

    MS no longer sell Windows 7 to the public - and only sell OEM System Builder copies to distributors. It's likely that the only licenses you can get iin reputable stores are going to be OEM ones, as a result. Such licenses are locked to the machine on which they are originally activated, and cannot be moved (even if the machine dies 10 minutes after activation - at least in theory).

    Who did you purchase this copy from?

    It's very likely that they would refuse to take it back unless you showed good reason for the return - because you've opened the package, and they would then have to try and claim a refund from further down the chain, or because they are rip-off merchants who just want your money (and credit card info) while they sell you a counterfeit. Once you can prove that the thing is counterfeit you have a much better legal footing to demand a full refund so you can go elsewhere to purchase a legal copy.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Wednesday, September 3, 2014 9:46 AM
    Moderator
  • Thank you for replying.

    It was bought at a fisical store at home, and in cash, always in cash.

    I understand what you said about the Diag tool, going to consider that.

    At the moment, I'm trying to figure out if I can use some legit firewall to block every connection attempt to every website (or simple IP address) besides the few ones I wish to take place. If I can do that, I believe I will be immune to any hijackware programmed into the OS. However this eludes me, as it seems that the system can bypass most Internet Security product firewalls and connect "silently" to some sites like Windows Update. As far as I know, if it can do that, the system can very well relay my info to the hacker seller.

    It goes a bit beyond my set of knowledge, but I'll investigate if I can use a hardware firewall to achieve my goal: allowing access only to Microsoft, the proper Software update websites and 2 or 3 more also reputable sites. If I get this done, I believe I don't need to worry about having bought a tampered OS.

    A lot of work ahead of me, as always. Boring that it may be, I'm not the type of person to close my eyes and trust.

    Best Regards

    Tuesday, September 9, 2014 6:14 PM
  • I would suggest that you closely read the Software License terms that you are required to accept before installing Windows.

    It is possible to install Windows 7 in a totally Internet-free environment - but any connection to the Internet has its hazards, and this is why the default is to automatically download and install all Security Updates.

    It is possible to set Windows Firewall to reject both incoming and outgoing traffic from just about any source - but it will need a lot of knowledge  to do so (as will any other firewall) A hardware firewall will still require that level of knowledge.

    It sounds to me as if you bought your software from someone you didn't trust - and that is always a danger flag. There is no point in purchasing anything from an untrustworthy source - it's often better to avoid the purchase completely.


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Tuesday, September 9, 2014 8:22 PM
    Moderator
  • Hello,

    If you are looking for this much type of protection installing a Parental Website blocker would most likely be the easiest route. I know you are not trying to stop the naughty children from looking at inappropriate things, but the amount that can be blocked or in the little that can be allowed is extremely easy to mange in one of these applications.

    Wednesday, September 10, 2014 12:17 PM
  • Thanks for the continued support.

    The only reason I don't go right now to another store and buy another (not OEM) copy of Win is because I want to use Win7 and Microsoft no longer sells this in stores! This set of stores are the only ones I found in the country who don't sell over the internet exclusively, the only ones who have Win7 (OEM only, unfortunately) and sell from a physicall place. Am I wrong to choose them? What else can I do?? Win8 is abominable for me, both from a user who likes windows/frames as from someone who does not like all the clouding envolved.

    I'm one of the last persons in the world who would ever want to use a probable fake OS, since I don't even install 3rd party software apart from what is necessary to keep the machine up and running, safely. Stupid as it may be, I buy my software, I'm a believer. I have other machines which are junk and I can afford to run all the crap there; even have XP still running in gaming PC.


    I still don't know if I have a problem, it was just the MVPs at Mic Community who suggested I may be a  victim of hijackware. However, since I did a proper clean install of the OS and never connected to any website apart from Microsoft and the InternetSecurity(also "famous" and legit), there is no chance to be a victim of hijacware UNLESS the OS is the hijackware (or is my deduction wrong?). 

    Moreover I only noticed problems after installing IE11 which I downloaded from WindowsUpdate.

    Would you be so kind as to provide me with some web resources (or even bibliography) that I can start with, to implement that firewall "project"?

    Best Regards

    Friday, September 12, 2014 9:54 AM
  • One thing that is guaranteed to cause non-genuine issues is blocking the WAT update if it's installed. Also, most common tools for 'blocking' (actually breaking) the update tend to be flagged fairly quickly as they change permissions or filenames that routine housekeeping operations attempt to undo - when this fails the system gets flagged. So if you have KB971033 installed, simply uninstall it.

    If you're intent on locking your system down that much, I think you'd be better asking in the dedicated forum for whatever Firewall you intend to use, rather than here.

    Perhaps the Security forum on Windows Community could advise?

    http://answers.microsoft.com/en-us/windows/forum/windows_7-security 


    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Friday, September 12, 2014 11:44 AM
    Moderator