This page aims to help you remove the Windows Key Verification “Virus”. These Windows key verification removal instructions work for every version of Windows.
What is the windows key verification message box?
Recently we’ve received questions about a a worrisome warning message that some users have discovered on their machine. We would like to immediately point out that the windows key verification message is a total scam and the reason why you may be seeing it on your PC is a rogue software program. This program belongs to a family of unwanted applications known as rogue tech support scams and their purpose is to scare the user into calling a phone line with added charge, as well as force him to install and purchase parasitic software.
The malware program is basically a pop-up window that will cover the screen. The program has all the tools needed to conduct the scam – an in-built TeamViewer client, as well as a direct link to a LogMeIn and Supremo services. There is even a button to directly open the command prompt.
Tech support scams in detail
The idea behind tech support scams such as the “windows key verification” is by no means a novel one. The majority of people that use the world wide web are not used to dealing with computer problems and that is what the scammers rely on. The tech support scam uses a variety of tricks to make the user believe he is in some kind of trouble. Examples include:
- Pop-up messages that demand a Windows key verification
- Warnings about pirated software and threats about legal action
- Bogus warning about viruses and errors plaguing the computer
- Fake messages that try to look like as windows errors
The goals behind the tech support scam are complex. First and foremost the scammers will try to get a hold of your Windows activation key, which can then be resold to an unsuspecting victim. This puts you at a risk of having your Windows blocked by Microsoft. Next, most tech support scams have some kind of support number listed. Users under pressure are likely to call this support number and have the problem sorted out for them remotely. This is where the second part of the scam kicks in. Windows key verification in particular uses the following phone numbers: +1-844-208-3526 as well as +1-844-459-8882
Usually the tech support number carries an US country code, but in reality the operator lives somewhere in Africa or India, well outside US legislation. Sometimes the phone line will incur extra charge for the caller, but this may not always be the case. The phone operator will try to keep the victim on the phone for as long as possible and he will try to sweet-talk him into believing his computer is in danger. Usually the operator will provide some program/scanner that is free of charge. This program is completely fake and will create a huge list of phantom threats and problems. Naturally, the victim will be forced to buy a license in order to use the software.
How to recognize tech scams for what they really are
There are a bunch of tell tale signs you can spot to smell a scam from a mile away. The biggest of which is the support number. No legitimate problem solving service will ever install itself on a computer and prompt the user to contact its operators. When you have a problem you are supposed to find the people to help you – not the other way around. Neither Microsoft, nor any other legitimate company will try to force mandatory security checks on a user’s PC – any message box that demands credit card numbers, account names, product keys, personal phone numbers, bank account and similar sensitive data is almost certainly fake. If you suspect you really have some problem with your PC the best course of action is to seek help online – from free sites and forums, or from paid professionals for really serious issues. Any support service that magically appears on your own screen is likely a scam and there is a good chance that it works together with the malware agent that causes the issues in the first place.
Keeping a good anti-virus or anti-malware program installed on the computer is imperative. These can detect even hidden threats, which may try to install alongside other software. If you are looking for the right software to defend your PC feel free to check our recommendation below.
|Name||Windows key verification|
|Danger Level||High (Tech scams can lose you hundreds of dollars on useless programs)|
|Symptoms||Pop-up message locking the screen and appearing at random intervals|
|Distribution Method||Usually as part of a software bundle, from online Ads or spam emails.|
|Detection Tool||Windows key verification may be difficult to track down. Use SpyHunter – a professional parasite scanner – to make sure you find all files related to the infection.|
Windows Key Verification “Virus” Removal
Reboot in Safe Mode (use this guide if you don’t know how to do it).
- If you are unable to reboot in Safe Mode proceed to Step 2 to shut down the virus executable and remove the screen lock, then come back.
Press CTRL + SHIFT + ESC simultaneously. Go to the Processes Tab. Find the virus process – it should be named either Productkeyupdate.exe or black.exe.
WARNING! READ CAREFULLY BEFORE PROCEEDING!
- This step is very important, because you can catch other threats (like Ransomware and Spyware) while looking for the Adware process.
Right click on each of the virus processes separately and select Open File Location. End the process after you open the folder, then delete the virus related files in the directories you were sent to.
Type Regedit in the windows search field and press Enter.
Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show this way, go manually to these directories and delete/uninstall them:
- HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random
Now you need to Reveal All Hidden Files and Folders.
- Do not skip this. Windows key verification may have hidden some of its files and you need to see them.
Hold together the Start Key and R. Type appwiz.cpl –> OK.
You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:
Type msconfig in the search field and hit enter. A window will pop-up:
Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.
- Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.
Download and run a bat file to clean the unwanted executables. Download from here
Download the file and run it. A command prompt window will open demand confirmation. Simply press Y then Enter.
If all the prior steps fail to help you or you have reason to believe your system is exposed to threats like Ransomware, we advise you to download a professional scanner and remover.
Remember to leave us a comment if you run into any trouble!