Win 7 no product key...huh?

katz

katz

Well-Known Member
Reaction score
496
Location
Usa
Three Win 7 PC's in here that have the product key removed. I recall a Win 8 thread on here a few days ago with a virus like this. I think it's odd/coincidence that I get three in like this all at the same time, esp. with Win 7 installed. Anyone seen this before? And the remote support across the top. When you click on one of them, it will take you to their website.

I can get explorer.exe to run either by clicking on the word, or thru task manager/ run new task, but the nag screen keeps popping up. Product key on the side of the pc doesn't fix it. I nuked & paved, all is well now.




registration.jpg
 
This must be a bogus screen prompting for some "product key" that's of their own creation. Nothing to do with any MS product key.

Restart with a Win7 boot disk and get to System Restore, or slave the drive and copy the files from \Regback, then boot and use System Restore to get to a point just before the infection.

Does Task Manager list IE as running? You might be able to kill it that way.
 
I thought that too, but when I check the activation/system pane, it does state that the pc is not activated. I noticed that "windowsactivate.exe *32" process is running. When I end that process, it restarts in a matter of a minute or two. I would do as you stated, but there is a ton of junk on here, ask/conduit/etc. The client could benefit from a new install and is not in a rush, so I opted for that route.

BTW, I needed to contact MS for activation on one of them. The new system, is where you can use your smartphone, so I did that and it prompted me to enter via. keypad the numbers on the PC screen. There were a bunch of zeros in the PC i.d. number, but on my smartphone, the MS activation keypad was labeled 1-9. How's that for quality control, lol.
 
Yeah, sounds like a process that somebody invented and launched after they hosed the activation. I think you went the right route, sounds like the things were blasted with crud.
 
That's the one, Larry.

Although with the ones I'm working with I don't have the "Product key activation" process running. I will go that route if I get any more in like this. Always learning something new.
 
glricht said:
Not to hijack this thread, but when reading the above article, it refers to an anti-malware scanner called "Zemana". I've never heard of Zemana. Has anybody used this before, and if so, what did you think of it?
Click to expand...

Appears to be a Hitman pro clone, I've used it as a secondary scanner without issues....
 
Although for the above, assuming it will run anything, I'd be looking at rkill or roguekiller, and would be surprised if MBAM did not find anything...
 
glricht said:
Not to hijack this thread, but when reading the above article, it refers to an anti-malware scanner called "Zemana". I've never heard of Zemana. Has anybody used this before, and if so, what did you think of it?
Click to expand...

It is similar to hitman pro it detects man in the middle attacks and does keyboard encryption to prevent keyloggers from getting any info also paid version protects the copy and paste buffers ,Screen Logger Protection,Webcam and Microphone Logger Protection as well i have been using the free anti-keylogger for years it does a very good job.

http://www.bleepingcomputer.com/download/zemana-antilogger-free/
 
You must log in or register to reply here.

Similar threads

Diggs
Win7 will not authenticate?
Replies
14
Views
654
HCHTech
HCHTech
britechguy
The difference between SHIFT+F10 and the Context Menu/Applications Key
Replies
2
Views
2K
mikeroq
mikeroq
katz
More HP g7 woes...no password, can't boot to CD or USB
Replies
7
Views
1K
Diggs
Diggs
J
[SOLVED] Seems like a classic Win 7 to 10 upgrade slowdown - SSD fix
Replies
7
Views
1K
mikeroq
mikeroq
katz
Asus x551m keeps booting to black screen
Replies
13
Views
1K
katz
katz
Back
Top