locked
Virus Attack and Validation Issue RRS feed

  • Question

  •  

    can you help i have genuine window but last week got a very bad virus after scanning a program i downloaded  with genuine norton it said it was clear i then opened the program to find it completley over took my comp and it used norton to do it i scanned many times a found nothing wrong
    it even stopped me from doing a system restore it would only restore to the point of this virus took over now after many hours i seem to have control of my comp but says its not validated and my pid is invalid can you help thanks

    Diagnostic Report (1.7.0110.0):
    -----------------------------------------
    WGA Data-->
    Validation Status: PID is invalid
    Validation Code: 5
    Online Validation Code: N/A
    Cached Validation Code: N/A
    Windows Product Key: *****-*****-W7PB2-6MTKM-34PVJ
    Windows Product Key Hash: Ft2z2Ktwz613cdEvKgWgNB+TF7U=
    Windows Product ID: 55274-640-9164152-23360
    Windows Product ID Type: 0
    Windows License Type: Unknown
    Windows OS version: 5.1.2600.2.00010100.3.0.pro
    ID: {2875B295-F3F6-4039-BD37-98C8E1F628D5}(3)
    Is Admin: Yes
    TestCab: 0x0
    WGA Version: Registered, 1.8.31.9
    Signed By: Microsoft
    Product Name: N/A
    Architecture: N/A
    Build lab: N/A
    TTS Error: N/A
    Validation Diagnostic: 025D1FF3-171-1_025D1FF3-85-80004005
    Resolution Status: N/A

    WgaER Data-->
    ThreatID(s): N/A
    Version: N/A

    WGA Notifications Data-->
    Cached Result: 5
    File Exists: Yes
    Version: 1.8.31.9
    WgaTray.exe Signed By: Microsoft
    WgaLogon.dll Signed By: Microsoft

    OGA Notifications Data-->
    Cached Result: N/A, hr = 0x80070002
    Version: N/A, hr = 0x80070002
    WGATray.exe Signed By: Microsoft
    OGAAddin.dll Signed By: N/A, hr = 0x80070002

    OGA Data-->
    Office Status: 100 Genuine
    Microsoft Office Professional Plus 2007 - 100 Genuine
    OGA Version: Registered, 1.6.28.0
    Signed By: Microsoft
    Office Diagnostics: 025D1FF3-171-1_025D1FF3-85-80004005_E2AD56EA-765-d003_E2AD56EA-766-0_E2AD56EA-134-80004005_E2AD56EA-765-8009_E2AD56EA-766-2efd_E2AD56EA-148-80004005_16E0B333-89-80004005_B4D0AA8B-1174-80004005_FA827CE6-153-8007007e_FA827CE6-180-8007007e

    Browser Data-->
    Proxy settings: N/A
    User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
    Default Browser: C:\Program Files\Internet Explorer\IEXPLORE.exe
    Download signed ActiveX controls: Prompt
    Download unsigned ActiveX controls: Disabled
    Run ActiveX controls and plug-ins: Allowed
    Initialize and script ActiveX controls not marked as safe: Disabled
    Allow scripting of Internet Explorer Webbrowser control: Disabled
    Active scripting: Allowed
    Script ActiveX controls marked as safe for scripting: Allowed

    File Scan Data-->

    Other data-->
    Office Details: <GenuineResults><MachineData><UGUID>{2875B295-F3F6-4039-BD37-98C8E1F628D5}</UGUID><Version>1.7.0110.0</Version><OS>5.1.2600.2.00010100.3.0.pro</OS><Architecture>x32</Architecture><PKey>*****-*****-*****-*****-34PVJ</PKey><PID>55274-640-9164152-23360</PID><PIDType>0</PIDType><SID>S-1-5-21-854245398-616249376-725345543</SID><SYSTEM><Manufacturer>System manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>Phoenix Technologies, LTD</Manufacturer><Version>ASUS P5VD2-VM ACPI BIOS Revision 0901</Version><SMBIOSVersion major="2" minor="4"/><Date>20070305000000.000000+000</Date></BIOS><HWID>054633C701843A67</HWID><UserLCID>0809</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>GMT Standard Time(GMT+00:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><BRT/></MachineData><Software><Office><Result>100</Result><Products><Product GUID="{90120000-0011-0000-0000-0000000FF1CE}"><LegitResult>100</LegitResult><Name>Microsoft Office Professional Plus 2007</Name><Ver>12</Ver><Val>C0A25836FDBE5AC</Val><Hash>FmDbcrRY1pTOcrz4ZUZRHhpUuc0=</Hash><Pid>89409-726-2958074-65540</Pid><PidType>14</PidType></Product></Products><Applications><App Id="15" Version="12" Result="100"/><App Id="16" Version="12" Result="100"/><App Id="18" Version="12" Result="100"/><App Id="19" Version="12" Result="100"/><App Id="1A" Version="12" Result="100"/><App Id="1B" Version="12" Result="100"/><App Id="44" Version="12" Result="100"/></Applications></Office></Software></GenuineResults> 

    Licensing Data-->
    N/A

    HWID Data-->
    N/A

    OEM Activation 1.0 Data-->
    BIOS string matches: no
    Marker string from BIOS: N/A
    Marker string from OEMBIOS.DAT: N/A, hr = 0x80004005

    OEM Activation 2.0 Data-->
    N/A



    • Split by RickImAPC Wednesday, October 29, 2008 10:45 PM New Post
    Wednesday, October 29, 2008 10:16 PM

Answers

All replies