Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Windows Activation Technologies Pop-up

10 Oct 2015   #31
tjg79

Windows 7 Professional x64 SP1
 
 

The Task Scheduler indicates it was last run 11-Sep-15 06:15:10.

If I understand that correctly, it wasn't running when I started this thread or when I clicked the "Yes" button.

Therefore, it must have been a fake indication of a run.

Is that correct?


My System SpecsSystem Spec
.
11 Oct 2015   #32
NoelDP

Microsoft Community Contributor Award Recipient

Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
 
 

You would ONLY have got that popup for one reason - you were attempting to install the update.
The update is signed, and as such, if there had been a problem with it, you would have seen a very different popup describing certificate errors.
My System SpecsSystem Spec
11 Oct 2015   #33
tjg79

Windows 7 Professional x64 SP1
 
 

I wasn't installing anything. I think that pop-up was an impostor and I was tricked into clicking yes. Once I clicked yes, all the trouble started.
My System SpecsSystem Spec
.

11 Oct 2015   #34
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

Well I kind of agree with Noel however that doesn't explain why task scheduler doesn't show that it ran when you clicked on the UAC pop up! Instead in shows 11 September which doesn't seem right.
My System SpecsSystem Spec
11 Oct 2015   #35
tjg79

Windows 7 Professional x64 SP1
 
 

Quote   Quote: Originally Posted by Callender View Post
Well I kind of agree with Noel however that doesn't explain why task scheduler doesn't show that it ran when you clicked on the UAC pop up! Instead in shows 11 September which doesn't seem right.
If it was an impostor, it seems right. The UAC didn't run, but a pop-up that appeared to be the UAC did run and when I clicked on "Yes," the back door was wide open for all the riff-raff.

I thought it was very strange for that pop-up to occur. That's why I started this thread, but I didn't wait long enough to read the replies, before I got curious and clicked "Yes."

The two were definately related.

It's been so long since I've been hit like that that I got stupid.

Regards
My System SpecsSystem Spec
14 Oct 2015   #36
TeresaS

Windows 7 N x64
 
 
I clicked yes too

Hey tjg79, I fell for it too even after checking the cert (expired) and researching WAT. When I saw that it did not update the file(s) it said it was going to, I immediately pull the system from the network and reimaged it. I also changed my user name and password. I still haven't solved my account lockout problem this caused though.
My System SpecsSystem Spec
14 Oct 2015   #37
tjg79

Windows 7 Professional x64 SP1
 
 

Quote   Quote: Originally Posted by TeresaS View Post
Hey tjg79, I fell for it too even after checking the cert (expired) and researching WAT. When I saw that it did not update the file(s) it said it was going to, I immediately pull the system from the network and reimaged it. I also changed my user name and password. I still haven't solved my account lockout problem this caused though.
I think this virus is new. It's very sophisticated, because the pop-up is high quality and looks legit.

When ESET tech support cleaned my system, they collected what information they could about this virus. Hopefully, it will be incorporated into their virus definitions soon.

Regards
My System SpecsSystem Spec
15 Oct 2015   #38
TeresaS

Windows 7 N x64
 
 

FYI-we believe the payload came from camelcap.com/work/home/index.php. Since I re-imaged the system, that was all we could find. I also solved my account lockout issue which was fortunately only caused by my username change.

Cheers
My System SpecsSystem Spec
15 Oct 2015   #39
Callender

Microsoft Windows 7 Home Premium 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

Quote   Quote: Originally Posted by TeresaS View Post
FYI-we believe the payload came from camelcap.com/work/home/index.php. Since I re-imaged the system, that was all we could find. I also solved my account lockout issue which was fortunately only caused by my username change.

Cheers
Well I tried to find that payload in order to try to infect my machine and study it but I get:
Windows Activation Technologies Pop-up-404-not-found.jpg


My System SpecsSystem Spec
16 Oct 2015   #40
NoelDP

Microsoft Community Contributor Award Recipient

Win 7 x64 Home Premium (and x86 VirtualBox VM)/Win10
 
 

The who.is data on camelcap is interesting -
originally registered 16/9/15 - so only 1 month old.
Registrar is in China
Registered owner is in the UK (!) - the post code is actually for ebuyer.com (!!) - but the address is Skelton, a couple of miles away, and appears not to exist (at least according to the Royal Mail postcode finder service).
My System SpecsSystem Spec
Reply

 Windows Activation Technologies Pop-up




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Receiving error 0x8004fe2 from Windows Activation Technologies
Recently started receiving message states not running genuine Windows 7, but this computer was purchased with the program installed. Usually only occurs when booting up Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code:...
Windows Updates & Activation
Windows Activation Technologies, computer not running Genuine Windows.
Diagnostic Report (1.9.0027.0): ----------------------------------------- Windows Validation Data--> Validation Code: 0x8004FE21 Cached Online Validation Code: 0x0 Windows Product Key: *****-*****-D3FF6-DBX4C-PMRVR Windows Product Key Hash: VueNuSXJuhxhHbk14QaOuTKTCxc= Windows Product ID:...
Windows Updates & Activation
Windows Activation Technologies Plugin for Mozilla
I have this plugin for Firefox (Ver: 7.1.7600.16395) enabled, but can't seem to find any information about what it does, or required, or even if it is genuine. I searched Microsoft for the answer to no avail. Can anyone shed a light on this?
Browsers & Mail
Windows Activation Technologies Update for Windows 7.
Source - Windows Activation Technologies Update for Windows 7 - Genuine Windows Blog - The Windows Blog
Windows Updates & Activation
Installed new Activation Technologies . . .
So the update was offered unticked, but I went ahead and installed it, over 4000 registry changes later, everything works . . . . After the reboot, Norton 360 needed another reboot to update itself. So 2 reboots later Windows cheerfully comes up with my copy of Windows isn't valid. Clicked get...
Windows Updates & Activation
Windows Activation Technologies Update for Windows 7
More...
News


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 09:22.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App