locked
Blue Star Virus, Validation error, cftmon.exe attempts to load with IE7 RRS feed

  • General discussion

  •  

    Diagnostic Report (1.7.0095.0):
    -----------------------------------------
    WGA Data-->
    Validation Status: Not Activated
    Validation Code: 1
    Online Validation Code: N/A
    Cached Validation Code: N/A
    Windows Product Key: *****-*****-RY4YH-98733-7X6YB
    Windows Product Key Hash: jvM2g4nOiGQ2VfyBVn6ypWQSD1o=
    Windows Product ID: 55274-007-3616005-22426
    Windows Product ID Type: 0
    Windows License Type: Unknown
    Windows OS version: 5.1.2600.2.00010100.2.0.pro
    CSVLK Server: N/A
    CSVLK PID: N/A
    ID: {7A7DF48B-14C9-4893-BAF8-955DA2D61F6A}(3)
    Is Admin: Yes
    TestCab: 0x0
    WGA Version: Registered, 1.7.69.2
    Signed By: Microsoft
    Product Name: N/A
    Architecture: N/A
    Build lab: N/A
    TTS Error: N/A
    Validation Diagnostic: 025D1FF3-171-1_025D1FF3-85-80004005
    Resolution Status: N/A

    WgaER Data-->
    ThreatID(s): N/A
    Version: N/A

    WGA Notifications Data-->
    Cached Result: 5
    File Exists: Yes
    Version: 1.7.18.7
    WgaTray.exe Signed By: Microsoft
    WgaLogon.dll Signed By: Microsoft

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    WGATray.exe Signed By: Microsoft
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: Registered, 1.6.28.0
    Signed By: Microsoft
    Office Diagnostics: 7E90FEE8-169-80004005_B4D0AA8B-587-80004005_025D1FF3-171-1_025D1FF3-85-80004005

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 7.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{7A7DF48B-14C9-4893-BAF8-955DA2D61F6A}</UGUID><Version>1.7.0095.0</Version><OS>5.1.2600.2.00010100.2.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-7X6YB</PKey><PID>55274-007-3616005-22426</PID><PIDType>0</PIDType><SID>S-1-5-21-299502267-1580818891-1060284298</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>0904   </Version><SMBIOSVersion major="2" minor="3"/><Date>20070515000000.000000+000</Date></BIOS><HWID>CAF933E701842067</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><BRT/></MachineData>   <Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

     

     

    This is the MGA result. I still have the "Blue Star" on my task bar and the system is running slooooow. Also, when I load IE7, there is a message that wants to load "cftmon.exe" but I have blocked it with Spybot.

    Captain jerry

    captain-jerry@juno.com

    Friday, June 20, 2008 3:43 PM

All replies

  • Hello Captain Jerry,

     

    Thank you for visiting the Microsoft Genuine Advantage Forum.  The purpose of this forum is the support of Windows Genuine Advantage (WGA) program. Your question is off topic but I would like to provide some information which may help. Please call our PC Safety line at 1-866-PCSAFETY or (1-866-727-2338).  This phone number is for virus and other security-related support free of charge. It is available 24 hours a day for the U.S. and Canada. Detailed information including selecting various regions for support can be located at: http://www.microsoft.com/protect/support/default.mspx . 

    Currently your computer appears massively infected with malware and viruses. Please read “Cleaning a Compromised System” @:  http://www.microsoft.com/technet/community/columns/secmgmt/sm0504.mspx

    Unfortunately the best way for eradicating malware and virus infections is to re-image your computer.  This takes time but ultimately re-imaging the system may provide you with a better peace of mind.  Should you take this route and need assistance please reference the following self-help articles:   “How to install or upgrade to Windows XP” located @ http://support.microsoft.com/kb/316941/en-us and http://www.microsoft.com/windowsxp/using/setup/winxp/install.mspx

    Now you will need HELP for fighting spyware and keeping a newly re-formatted system free from malware and viruses.  Please always ensure critical updates are updated by visiting Windows update @ http://www.update.microsoft.com/microsoftupdate/v6/vistadefault.aspx?ln=en-us  . Next you may download Windows Defender for free. Please visit http://www.microsoft.com/windows/products/winfamily/defender/default.mspx and learn more as how Windows Defender will help thwart malware infestations.  Next visit the Microsoft Security Center here:  http://www.microsoft.com/security/default.mspx .  There are many links here providing customers comprehensible assistance for arming them against malicious activities which lurk abound the internet.   

    Windows Live OneCare is a great tool for providing the following services: Antivirus & Antispyware, Online ID Protection, Firewall, Multi-PC Management, Printer Sharing and Backup and Restore features.   Please visit http://onecare.live.com/standard/en-us/prodinfo/features.htm for more details. This suite will help detect and eradicate both malware and viruses from your system while silently running behind the scenes. OneCare may be purchased from Microsoft Marketplace @ http://www.windowsmarketplace.com/showcase.aspx?ctid=5&WT.mc_id=point_it_store_microsoft_a_G . This is a small price to pay for safeguarding your systems.

    Next I encourage regular visits to The Microsoft Security Response Center (MSRC) blog @ http://blogs.technet.com/msrc/default.aspx .  Microsoft provides a real-time way for communicating with customers as well as helping customers understand Microsoft's security response efforts. 

    Hopefully I have been able to guide you in the right direction.

     

    Stephen Holm

    WGA Forum Volunteer

    Friday, June 20, 2008 6:11 PM
  • captain-jerry,

     

    Please follow the directions/instructions posted by Stephen to remediate any malware, including viruses or spyware

    by running a complete reinstall.

     

    Please post back for any windows genuine advantage issues that we can assist you with.

    The Windows Genuine Advantage tool is supported on Windows XP, Home, Tablet, and Media Center as well as Vista.

     

     

     

    Lori MS

    Friday, June 20, 2008 11:33 PM