Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
Remove Genuine Microsoft Technologies Pop-up RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    How can I remove this malware/virus. The pop-ups just started and are quite annoying. I have run the diagnostic tool as suggested in another post and the results are below.  Please let me know if I need to add or do anything else.  Thank you for your help.

    Jim

    Diagnostic Report (1.9.0027.0):
    -----------------------------------------
    Windows Validation Data-->

    Validation Code: 0
    Cached Online Validation Code: 0x0
    Windows Product Key: *****-*****-73CQT-WMF7J-3Q6C9
    Windows Product Key Hash: KaFG+RmurcM3ZxzWyfEP9WtPUJw=
    Windows Product ID: 00359-OEM-8992687-00010
    Windows Product ID Type: 2
    Windows License Type: OEM SLP
    Windows OS version: 6.1.7601.2.00010300.1.0.003
    ID: {D171DA50-3980-48C4-9CA4-C05C637FDC6F}(1)
    Is Admin: Yes
    TestCab: 0x0
    LegitcheckControl ActiveX: N/A, hr = 0x80070002
    Signed By: N/A, hr = 0x80070002
    Product Name: Windows 7 Home Premium
    Architecture: 0x00000009
    Build lab: 7601.win7sp1_gdr.140303-2144
    TTS Error:
    Validation Diagnostic:
    Resolution Status: N/A

    Vista WgaER Data-->
    ThreatID(s): N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002

    Windows XP Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    File Exists: No
    Version: N/A, hr = 0x80070002
    WgaTray.exe Signed By: N/A, hr = 0x80070002
    WgaLogon.dll Signed By: N/A, hr = 0x80070002

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    OGAExec.exe Signed By: N/A, hr = 0x80070002
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 109 N/A
    OGA Version: N/A, 0x80070002
    Signed By: N/A, hr = 0x80070002
    Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{D171DA50-3980-48C4-9CA4-C05C637FDC6F}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010300.1.0.003</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-3Q6C9</PKey><PID>00359-OEM-8992687-00010</PID><PIDType>2</PIDType><SID>S-1-5-21-1387156208-3229858448-618359331</SID><SYSTEM><Manufacturer>Hewlett-Packard</Manufacturer><Model>s5-1204</Model></SYSTEM><BIOS><Manufacturer>AMI</Manufacturer><Version>7.14</Version><SMBIOSVersion major="2" minor="6"/><Date>20111021000000.000000+000</Date></BIOS><HWID>10393307018400FE</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Eastern Standard Time(GMT-05:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM><OEMID>HPQOEM</OEMID><OEMTableID>SLIC-CPC</OEMTableID></OEM><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 

    Spsys.log Content: 0x80070002

    Licensing Data-->
    Software licensing service version: 6.1.7601.17514

    Name: Windows(R) 7, HomePremium edition
    Description: Windows Operating System - Windows(R) 7, OEM_SLP channel
    Activation ID: d2c04e90-c3dd-4260-b0f3-f845f5d27d64
    Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
    Extended PID: 00359-00178-926-800010-02-1033-7601.0000-0422011
    Installation ID: 016515168904236744505805889155706572438810042095993104
    Processor Certificate URL: http//go.microsoft.com/fwlink/?LinkID=88338
    Machine Certificate URL: http//go.microsoft.com/fwlink/?LinkID=88339
    Use License URL: http//go.microsoft.com/fwlink/?LinkID=88341
    Product Key Certificate URL: http//go.microsoft.com/fwlink/?LinkID=88340
    Partial Product Key: 3Q6C9
    License Status: Licensed
    Remaining Windows rearm count: 1
    Trusted time: 12/13/2014 2:51:47 PM

    Windows Activation Technologies-->
    HrOffline: 0x00000000
    HrOnline: 0x00000000
    HealthStatus: 0x0000000000000000
    Event Time Stamp: 12:12:2014 02:28
    ActiveX: Registered, Version: 7.1.7600.16395
    Admin Service: Registered, Version: 7.1.7600.16395
    HealthStatus Bitmask Output:


    HWID Data-->
    HWID Hash Current: KgAAAAEAAQABAAEAAAABAAAAAQABAAEA6GGcCFD9fmDKHAxDYli+ly5z

    OEM Activation 1.0 Data-->
    N/A

    OEM Activation 2.0 Data-->
    BIOS valid for OA 2.0: yes
    Windows marker version: 0x20001
    OEMID and OEMTableID Consistent: yes
    BIOS Information:
      ACPI Table Name OEMID Value OEMTableID Value
      APIC   HPQOEM  SLIC-CPC
      FACP   HPQOEM  SLIC-CPC
      DBGP   HPQOEM  SLIC-CPC
      HPET   HPQOEM  SLIC-CPC
      MCFG   HPQOEM  SLIC-CPC
      SSDT   HPQOEM  SLIC-CPC
      SLIC   HPQOEM  SLIC-CPC

    Saturday, December 13, 2014 7:59 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    What AV are you using? Disable real-time protection and reboot.

    If the notification is gone - re-enable real-time protection and reboot again - is it now OK?

    If the notification still happens check that real-time protection is still switched off

    post your results.

    Noel Paton | Nil Carborundum Illegitemi
    CrashFixPC | The Three-toed Sloth
    No - I do not work for Microsoft, or any of its contractors.

    Saturday, December 13, 2014 8:17 PM
    Moderator